DOCSLIB.ORG

Securing Against Fraud in Mobile Communications: Systems Design and Development in 3G Mobile Networks By

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Securing Against Fraud in Mobile Communications: Systems Design and Development in 3G Mobile Networks By Securing Against Fraud in Mobile Communications: Systems Design and Development in 3G Mobile Networks by Yujiro Mochizuki M.S., Management of Technology,Massachusetts Institute of Technology, 2004 B.A., Economics, Keio University, 1996 Submitted to the Engineering Systems Division in Partial Fulfillment of the Requirements for the Degree of Master of Science in Technology and Policy at the Massachusetts Institute of Technology February 2006 © 2006, Yujiro Mochizuki. All rights reserved. The author hereby grants to MIT permission to reproduce and to distribute publicly paper and electronic copies of this thesis document in whole or in part. Signature of Author: ,c6ofgy and Policy Program, Eeering Systems Division November 12, 2005 Certified by: Michael Cusumano Slo/ Management Review Professor Management S0ach'fS/ of Management //1//./// / Thesis Supervisor Certified by: d-'b v (Y /Joel( Cutcher-Gershenfeld / xecutive Director, Engineering Systems Learning Center Senior Research Scientist, Sloan School of Management j/A_} fwA Thesis Reader / Accepted by: /Professor ad Dava J. Newman Professor of Aeronautics and A onautcs and Engineering Systems Director, Technology and Policy Program e_ . e OF TECHNOLOGY ARCH8VES MAY 3 12006 LIBRARIES Securing Against Fraud in Mobile Communications: Systems Design and Development in 3G Mobile Networks by Yujiro Mochizuki Submitted to the Engineering Systems Division on November 12, 2005 in Partial Fulfillment of the Requirements for the Degree of Master of Science in Technology and Policy ABSTRACT Network security ensures the consistency, integrity, and reliability of telecommunications systems. Authorized network access prevents fraudulent communications and maintains the availability of the systems. However, limited development time, cost reduction pressure and requirement for high reliability in software development have forced mobile carriers to implement the insufficient and inflexible authentication mechanisms. Technical specifications including network architecture, network protocols, and security algorithm are widely available to the public. In addition, both secured and unsecured networks are interconnected by global roaming services. The inadequate system design will make the mobile systems vulnerable to unauthorized access to mobile communications. Compared with GSM mobile systems, 3G mobile systems are equipped with more robust and flexible security mechanisms. The official position taken by mobile carriers, such as NTT DoCoMo, KDDI, and Vodafone, is that fraudulent communications, usually in the form of cloned mobile phones, are impossible with their 3G mobile systems. Examining the NTT DoCoMo's case, however, we find that this statement is based on weak security assumptions. In order to avoid potential threats and to secure the 3G mobile systems, this thesis (1) explores the security architecture and mechanisms in 3G systems, (2) analyzes the current platform architecture and platform innovations of the network software, and (3) suggests a secure system design and development. Thesis Supervisor: Michael A. Cusumano Title: Sloan Management Review Professor of Management 2 Table of Contents 1 Introduction ...................................................... 11 1.1 Operation of the 3G Systems ................................ 13 1.2 Purpose of This Thesis.................................. 15 1.3 Scope of This Thesis .................................. 17 1.4 Overview of the Core Network ...................................... 18 1.5 Thesis Structure ........................................ 22 2 Network Security in 3G Mobile Systems ...................................................... 23 2.1 Security Principles ...................................................... 23 2.2 3G Security Features ...................................................... 24 2.3 Security Architecture ...................................................... 25 2.4 Network Access Security Mechanisms ...................................................... 28 2.4.1 Authentication Procedure ...................................................... 28 2.4.2 Verification of Sequence Number (SQN) against Replay Attacks ..........................33 2.4.3 Generation of Authentication Vectors ...................................................... 35 2.5 Security Issues about 3G Mobile Networks ...................................................... 38 3 Network Software Development ...................................................... 40 3.1 Requirements for Network Software ..................................................... 40 3.1.1 Reliability (Maturity and Availability)...................................................... 42 3.1.2 Security ......................................................................................................... 43 3.1.3 Compatibility (Interoperability) ...................................................... 44 3.1.4 Real-time Response (Time Behavior) ...................................................... 46 3.1.5 Configurability for Geographical Distribution of the System (Maintainability) ....47 3.2 Platform Innovations in Network Software ...................................................... 48 3 3.2.1 Component Standardization ................................................... 50 3.2.2 Architectural Innovation and Product Architecture ................................................. 51 3.2.3 Product Platform and Product Family ................................................... 54 3.3 Difficulties in Platform Innovation ................................................... 56 3.3.1 Time-to-Market Pressure ................................................... 57 3.3.2 Pressures for Cost Reduction ................................................... 58 3.3.3 Requirements for High Reliability ................................................... 59 3.3.4 Complex Architecture . .................................................. 60 3.3.5 Scalability ................................................... 61 4 Analysis of the Existing Network Software ................................................... 63 4.1 Insufficient Implementation of the Authentication Mechanisms................................. 64 4.1.1 Insufficient SQN Management ................................................... 67 4.1.2 Support Only Fixed-length Parameters................................................... 70 4.1.3 No Support for AMF ................................................... 71 4.2 Reasons for Insufficient implementation ................................................... 72 4.2.1 Strategic Viewpoint .................................................. 75 4.2.2 Economic Viewpoint ................................................... 76 4.2.3 Engineering Viewpoint ................................................... 78 4.2.4 Political Viewpoint ................................................... 81 4.2.5 Social/Cultural Viewpoint ................................................... 82 4.3 Tradeoffs between Performance and Security ................................................... 83 4.3.1 Dynamic Steps ................................................... 83 4.3.2 Network Traffic ................................................... 86 4.3.3 CPU Usage.................................................................................................. 89 5 Securing Against Fraud in Mobile Communications ................................................... 92 4 5.1 Learning from DoCoMo's Network Software Development ...................................... 92 5.2 Strategies for Securing Mobile Systems ................................................. 94 5.2.1 Before Deployment ................................................. 96 5.2.2 After Deployment ................................................. 101 6 C onclusion.......................................................................................................... 107 6.1 Security in 3G Mobile Systems ................................................. 107 6.2 Lessons Learned in Actual 3G Mobile Systems ................................................. 108 6.3 Strategies for Mobile Carriers ................................................. 109 Abbreviations and Terminologies ......................................... 113 End Notes ......................................... 115 Bibliography......................................... 120 5 List of Figures Figure 1-1: Number of UMTS Networks Worldwide (Total as of January 2005) ............. 12 Figure 1-2: Market Share of Japanese Mobile Subscribers (Total as of October 2005) ...... 14 Figure 1-3: Market Share of Japanese 3G Mobile Subscribers (Total as of October 2005)14 Figure 1-4: Core Network in 3G (UMTS) Systems ............................................................ 20 Figure 1-5: Thesis Structure ............................................................. 22 Figure 2-1: UMTS Domains ............................................................. 26 Figure 2-2: Overview of the UMTS Security Architecture .................................................. 27 Figure 2-3: Authentication Mechanisms (Key Agreement) .................................................32 Figure 2-4: Verification of the SQN ............................................................. 34 Figure 2-5: Generation of the Authentication Vectors (AuC) .............................................. 35 Figure 2-6: User Authentication Function (USIM) ............. ............................... 36 Figure 3-1: Quality Model for External and Internal
Load more

Recommended publications
  • Miot Location in Roaming Version 1.0 20 May 2020
    GSM Association Confidential - Full, Rapporteur, Associate and Affiliate Members Official Document NG.120 - MIoT Location in Roaming MIoT Location in Roaming Version 1.0 20 May 2020 This is a Non-binding Permanent Reference Document of the GSMA Security Classification: Confidential - Full, Rapporteur, Associate and Affiliate Members Access to and distribution of this document is restricted to the persons permitted by the security classification. This document is confidential to the Association and is subject to copyright protection. This document is to be used only for the purposes for which it has been supplied and information contained in it must not be disclosed or in any other way made available, in whole or in part, to persons other than those permitted under the security classification without the prior written approval of the Association. Copyright Notice Copyright © 2020 GSM Association Disclaimer The GSM Association (“Association”) makes no representation, warranty or undertaking (express or implied) with respect to and does not accept any responsibility for, and hereby disclaims liability for the accuracy or completeness or timeliness of the information contained in this document. The information contained in this document may be subject to change without prior notice. Antitrust Notice The information contain herein is in full compliance with the GSM Association’s antitrust compliance policy. V1.0 Page 1 of 37 GSM Association Confidential - Full, Rapporteur, Associate and Affiliate Members Official Document NG.120 - MIoT Location
    [Show full text]
  • USSD Gateway Technical Guide
    Oracle® Communications Network Charging and Control USSD Gateway Technical Guide Release 12.0.0 December 2017 Copyright Copyright © 2017, Oracle and/or its affiliates. All rights reserved. This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited. The information contained herein is subject to change without notice and is not warranted to be error- free. If you find any errors, please report them to us in writing. If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, then the following notice is applicable: U.S. GOVERNMENT END USERS: Oracle programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, delivered to U.S. Government end users are "commercial computer software" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, use, duplication, disclosure, modification, and adaptation of the programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, shall be subject to license terms and license restrictions applicable to the programs. No other rights are granted to the U.S.
    [Show full text]
  • Security for the Core Network of Third Generation Mobile Systems
    Security for the core network of third generation mobile systems GUNTER HORN, DIRK KROSELBERG Siemens AG, Corporate Technology, D-81730 Muenchen, Germany STEFANPUTZ T-Mobil, P.O. Box 300463, D-53184 Bonn, Germany ROLAND SCHMITZ T-Nova Technology Centre, D-64307 Darmstadt, Germany Keywords: UMTS, MAP Security, Multimedia domain, SIP, IPSec, IKE, Key Management Abstract: This contribution gives a survey of the present standardisation activities by 3GPP (3'd Generation Partnership Project1) in the area of security for signalling in the core network of third generation mobile systems. We give an overview of the protocols that need to be secured, present the basic principles behind the overall security architecture and describe the key management and format of secured messages, as far as they have already been finalised. In particular, we address core network security aspects of the 3GPP multimedia domain. 1 3GPP was formed by regional standards organisations from Europe, Asia and North America to produce specifications for a third generation mobile system named UMTS which is designed to evolve from GSM core network. There is a competing effort known as 3GPP2 with partners from North America and Asia. The original version of this chapter was revised: The copyright line was incorrect. This has been corrected. The Erratum to this chapter is available at DOI: 10.1007/978-0-387-35413-2_36 R. Steinmetz et al. (eds.), Communications and Multimedia Security Issues of the New Century © IFIP International Federation for Information Processing 2001 298 1. THREATS TO CORE NETWORK SECURITY FOR MOBILE RADIO NETWORKS The core network of mobile radio systems is the part of the network which is independent of the radio interface technology of the mobile terminal.
    [Show full text]
  • Teleware BT Proposition
    Private Mobile eXchange ™ PMX ™ GSM Mobile Switching Centre Product Highlights – IP softMSC 3GPP switching compliant Distributed Network Architecture Multiple processing units & redundancy, GSM Compliant ‘A’ Interface - IP High Availability, Scalability & Flexibility Multiple Vendor Radio Access Networks MSC, GMSC, HLR, VLR Central HLR (Network) supported MAP-C, MAP-D, MAP-E, MAP-F Call forwarding (conditional, unconditional), call waiting, call hold, call transfer IP: SS7 over SIGTRAN and SIP support TDM: SS7 over TDM via Gateway Calling party based routing, Intelligent call routing GTT translations, STP supported Caller Id; CLIP/CLIR Support for SMS (MT/MO) Connected Line Id; COLP/COLR Explicit/Implicit IMSI detach & VLR purge Operator determined barring GPRS & EDGE support (Gr over SS7) E.164 support CSD Support - secure phones + PSTN Gateway Support for Lawful Call intercept Optional built-in SMSC, AuC and EIR function SIP RFC 3261 Support Optional voicemail, conferencing and external WAP, multi-media message entity platforms Call Detail Recoding Optional Media Termination Point [Transcoding SOS: Default or LA originated intelligent routing outbound & Inbound] of emergency calls Enterprise Support Highlights Full PBX network node support Optional: Push-To-Talk – PMR replacement Translation table, Inbound & Outbound Private Mobile Office – Personal Number, Personal Assistant, Unified Messaging, Call recording, Extensive Routing Tables conferencing, IVR incl. Call Queuing etc Business Confidential Product
    [Show full text]
  • Mobile Application Part Interface (MAPI) Specification
    Mobile Application Part Interface (MAPI) Specification Mobile Application Part Interface (MAPI) Specification Version 1.1 Edition 7.20141001 Updated October 25, 2014 Distributed with Package openss7-1.1.7.20141001 Copyright c 2008-2014 Monavacon Limited All Rights Reserved. Abstract: This document is a Specification containing technical details concerning the imple- mentation of the Mobile Application Part Interface (MAPI) for OpenSS7. It contains recommendations on software architecture as well as platform and system applicability of the Mobile Application Part Interface (MAPI). It provides abstraction of the Mobile Application Part (MAP) interface to these components as well as providing a basis for Mobile Application Part control for other Mobile Application Part protocols. Brian Bidulock <[email protected]> for The OpenSS7 Project <http://www.openss7.org/> Published by: OpenSS7 Corporation 1469 Jefferys Crescent Edmonton, Alberta T6L 6T1 Canada Copyright c 2008-2014 Monavacon Limited Copyright c 2001-2008 OpenSS7 Corporation Copyright c 1997-2000 Brian F. G. Bidulock All Rights Reserved. Unauthorized distribution or duplication is prohibited. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the section entitled [GNU Free Documentation License], page 405. Permission to use, copy and distribute this documentation without modification, for any purpose and without fee or royalty is hereby granted, provided that both the above copyright notice and this permission notice appears in all copies and that the name of OpenSS7 Corporation not be used in advertising or publicity pertaining to distribution of this documentation or its contents without specific, written prior permission.
    [Show full text]
  • 3GPP TS 29.002 V3.14.0 (2002-09) Technical Specification
    3GPP TS 29.002 V3.14.0 (2002-09) Technical Specification 3rd Generation Partnership Project; Technical Specification Group Core Network; Mobile Application Part (MAP) specification (Release 1999) R GLOBAL SYSTEM FOR MOBILE COMMUNICATIONS rd TM The present document has been developed within the 3 Generation Partnership Project (3GPP ) and may be further elaborated for the purposes of 3GPP. The present document has not been subject to any approval process by the 3GPP Organisational Partners and shall not be implemented. This Specification is provided for future development work within 3GPP only. The Organisational Partners accept no liability for any use of this Specification. TM Specifications and reports for implementation of the 3GPP system should be obtained via the 3GPP Organisational Partners' Publications Offices. Release 1999 2 3GPP TS 29.002 V3.14.0 (2002-09) Keywords GSM. UMTS, MAP, SS7, network 3GPP Postal address 3GPP support office address 650 Route des Lucioles - Sophia Antipolis Valbonne - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Internet http://www.3gpp.org Copyright Notification No part may be reproduced except as authorized by written permission. The copyright and the foregoing restriction extend to reproduction in all media. © 2002, 3GPP Organizational Partners (ARIB, CWTS, ETSI, T1, TTA, TTC). All rights reserved. 3GPP Release 1999 3 3GPP TS 29.002 V3.14.0 (2002-09) Contents Foreword ..........................................................................................................................................................25
    [Show full text]
  • Request for Comments on the Draft Outline for The
    International Telecommunication Union QUESTION 18/2 Strategy for migration of mobile networks to IMT-2000 and beyond ITU-D STUDY GROUP 2 RAPPORTEUR FOR QUESTION 18/2 IMT-2000 for developing countries” IMT-2000 “Mid-Term Guidelines (MTG) on the smooth transition of existing mobile networks to IMT-2000 for developing countries” “Mid-Term Guidelines (MTG) on the smooth transition of existing mobile networks to Guidelines (MTG) on the smooth transition of existing “Mid-Term QUESTION 18/2 International Telecommunication Printed in Switzerland Union Geneva, 2005 Photo credits: ITU Photo Library ITU-D THE STUDY GROUPS OF ITU-D The ITU-D Study Groups were set up in accordance with Resolutions 2 of the World Telecommunication Development Conference (WTDC) held in Buenos Aires, Argentina, in 1994). For the period 2002-2006, Study Group 1 is entrusted with the study of seven Questions in the field of telecommunication development strategies and policies. Study Group 2 is entrusted with the study of eleven Questions in the field of development and management of telecommunication services and networks. For this period, in order to respond as quickly as possible to the concerns of developing countries, instead of being approved during the WTDC, the output of each Question is published as and when it is ready. For further information Please contact: Ms Fidélia AKPO Telecommunication Development Bureau (BDT) ITU Place des Nations CH-1211 GENEVA 20 Switzerland Telephone: +41 22 730 5439 Fax: +41 22 730 5484 E-mail: [email protected] Placing orders for ITU publications Please note that orders cannot be taken over the telephone.
    [Show full text]
  • Mobile Application Part (MAP)
    3GPP2 X.S0004-000-E v 6.0 Date: July 2007 Mobile Application Part (MAP) INTRODUCTION COPYRIGHT 3GPP2 and its Organizational Partners claim copyright in this document and individual OPs may copyright and issue documents or standards publications in individual Organizationial Partner’s name based on this document. Requests for reproduction of this document should be directed to the 3GPP2 Secretariat at [email protected]. Requests to reproduce individual Organizationial Part- ner’s documents should be directed to that Organizational Partner. See www.3gpp2.org for more information. X.S0004-000-E 1 2 Revision History 3 4 Revision Date Remarks 5 (IS-41) 0 February 1988 Initial publication. 6 7 (IS-41) A January 1991 8 9 (IS-41) B December 1991 10 (IS-41) C February 1996 11 12 TIA/EIA-41-D December 1997 Initial ANSI publication. 13 X.S0004-000-E v1.0 March 2004 Initial publication with new part 14 X.S0004-500 ••• 590-E v1.0 structure. 15 X.S0004-700 ••• 790-E 16 17 X.S0004-000-E v2.0 July 2005 Version 2.0. 18 X.S0004-400-E July 2005 Initial publication with new part 19 X.S0004-600 ••• 691-E structure. 20 21 X.S0004-000-E v3.0 October 2005 Version 3.0. 22 X.S0004-691-E v2.0 October 2005 Addition of Annex F: RECOVERY 23 FROM SCCP SEGMENTATION 24 FAILURE. 25 26 X.S0004-000-E v4.0 May 2006 Version 4.0. 27 X.S0004-200 and 290-E May 2006 Initial ANSI publication with new 28 part structure.
    [Show full text]
  • We Know Where You Are!
    2016 8th International Conference on Cyber Conflict Permission to make digital or hard copies of this publication for internal use within NATO and for personal or educational use when for non-profit or non-commercial Cyber Power purposes is granted providing that copies bear this notice and a full citation on the N.Pissanidis, H.Rõigas, M.Veenendaal (Eds.) first page. Any other reproduction or transmission requires prior written permission by NATO CCD COE. 2016 © NATO CCD COE Publications, Tallinn We Know Where You Are! Siddharth Prakash Rao Dr Silke Holtmanns Department of Computer Science Bell Labs, Nokia Aalto University, Finland Espoo, Finland [email protected] [email protected] Dr Ian Oliver Dr Tuomas Aura Bell Labs, Nokia Department of Computer Science Espoo, Finland Aalto University, Finland [email protected] [email protected] Abstract: Mobile network technologies require some degree of tracking of user location, specifically user equipment tracking, as part of their fundamental mechanism of working. Without this basic function, features such as hand-over between cells would not work. Since mobile devices are typically associated with a single person, this provides a potential mechanism for user location surveillance. Network operators are bound by strict privacy legislation. However, spying by certain agencies, hackers and even advertisers without the users’ or operators’ knowledge has become a serious issue. In this article, we introduce and explain all known recent attacks on mobile networks that compromised user privacy. We focus on attacks using the Signalling System 7 (SS7) protocol as the interconnection interface between operators mainly in GSM networks.
    [Show full text]
  • (MAP) Protocol Implementation Conformance Statement
    Oracle® Communications Convergent Charging Controller Mobile Application Part (MAP) Protocol Implementation Conformance Statement Release 12.0.0 December 2017 Copyright Copyright © 2017, Oracle and/or its affiliates. All rights reserved. This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited. The information contained herein is subject to change without notice and is not warranted to be error- free. If you find any errors, please report them to us in writing. If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, then the following notice is applicable: U.S. GOVERNMENT END USERS: Oracle programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, delivered to U.S. Government end users are "commercial computer software" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, use, duplication, disclosure, modification, and adaptation of the programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, shall be subject to license terms and license restrictions applicable to the programs. No other rights are granted to the U.S.
    [Show full text]
  • LCS Capable GSM Network
    IT 15033 Examensarbete 30 hp Juni 2015 LCS Capable GSM Network TEJAS OZA Institutionen för informationsteknologi Department of Information Technology Abstract LCS Capable GSM Network TEJAS OZA Teknisk- naturvetenskaplig fakultet UTH-enheten This thesis is about Location Based Services which intends to acquire the location of the mobile phone. Besöksadress: The goal of our thesis project is to extend the Mobile Ångströmlaboratoriet Lägerhyddsvägen 1 Switching Centre and Base Station Controller with Hus 4, Plan 0 location based support which is a part of the Global System for Mobile Communications that follows the Postadress: 3rd Generation Partnership Project standards and Box 536 751 21 Uppsala integrate with the Mobile Arts Home Location Register, Gateway Mobile Location Centre and Serving Telefon: Mobile Location Centre. To achieve this goal the 018 – 471 30 03 prototype of LCS capable GSM network will be Telefax: implemented using the functional programming 018 – 471 30 00 language Erlang/OTP and C programming language. Further for testing and verification, tests will be Hemsida: performed until in the final result the location of http://www.teknat.uu.se/student mobile phone is obtained. Handledare: HAO ZHANG Ämnesgranskare: CHRISTIAN ROHNER Examinator: EDITH NGAI IT 15033 Tryckt av: Reprocentralen ITC Acknowledgments I am glad to have this opportunity to express my gratitude to all who assisted during the entire course of my thesis project. I would like to express special gratitude to my supervisor Christian Rohner of Uppsala University for his patience and motivation. His aspiring guidance helped me in writing and completion of this thesis. I appreciate Mobile Arts AB for giving this opportunity by having belief in us and we are glad to finish our thesis at MA with all testing needed for proof of concept.
    [Show full text]
  • External SS/USSD Interface
    External SS/USSD interface Vadim Yanitskiy <[email protected]> Talk structure Introduction into Supplementary Services and USSD What is Supplementary Services and USSD? What is so special about SS/USSD? How does it work in commercial networks? How does it work in the Osmocom CNI? Basic configuration examples DEMO Introduction into USSD What is USSD? Unstructured Supplementary Services Data Usually, USSD requests look like: *FOO*BAR# or *#ZOO# e.g. *#100# in both OsmoMSC and OpenBSC Common use cases: Information check applications e.g. account balance, own MSISDN e.g. news, weather, horoscope, etc. Activation / deactivation of (paid) network services Subscriber notifications, advertisements Introduction into Supplementary Services Supplementary Services: Call related (pdisc = GSM48_PDISC_CC) Advice of Charge information multi-party calls call hold Call independent (pdisc = GSM48_PDISC_NC_SS) call waiting service (de)activation call forwarding management What is SS/USSD? A structured kind of call independent Supplementary Services Similar to SMS, but real-time communication is assumed Up to 160 octets payload length Introduction into SS/USSD What is so special about USSD? Cost efficiency uses existing network’s protocols … thus no extensions / upgrades required existing (free / commercial) USSD gateways Fast and responsive the real-time capability enables fast and responsive services Interactive the session-based property enables interactive (menu-based) applications Introduction into USSD Interesting facts: The *FOO*BAR# or *#ZOO# format is not mandatory for USSD-requests! the only restriction (by GSM TS 04.80) is default 7-bit GSM alphabet … thus balance.mno.com and msisdn.mno.com are valid USSD requests some old Nokia phones allow composing such ASCII requests ;) USSD message coding is based on MAP (Mobile Application Protocol) MAP is an SS7 protocol, 3GPP TS 29.002, ~1k pages … thus every phone does MAP message encoding / decoding USSD can be (optionally) used as a transport for WAP! see "WAP over GSM USSD" by WAP Forum Ltd.
    [Show full text]