HLR&AC Overview

Home Location Register/ Authentication Center Overview
STUDENT TEXT
LZU 108 3827 REV R1A
LZU 108 3827 REV R1A

All rights reserved. No part of this document may be reproduced in any form without written permission of the copyright holder. This book is a training document and contains simplifications. It must, therefore, not be considered as a specification of the system. The contents of this book are subject to revision without notice due to continued progress in design and manufacture.
REVISION HISTORY REVISION R1A DATE November 1998 DESCRIPTION First release of course.
1998
HLR/AC Overview Course
Course Objectives
After completing this course you will achieve competence in the following areas: The role of the HLR/AC in the mobile network The functionality of the HLR/AC The services provided by the HLR/AC The hardware and software components of the HLR/AC. The purpose of the HLR/AC Overview course is to provide an overview of the Home Location Register and Authentication Center functionality according to how it is implemented on the Jambala platform. The course outlines the role of the HLR/AC in the mobile network and how it communicates with other entities. It describes the main functionality of the HLR/AC and explains the services that the HLR/AC provides. It analyzes the architecture of the HLR/AC and examines the hardware and software components. The HLR/AC Overview course summarizes how the Jambala platform supports the evolution of the world of telecommunications. The HLR/AC Overview is designed to be an Instructor Led Training (ILT) course. It is a one-day course that covers the theory and concepts of the HLR/AC and how it operates on the Jambala platform. There are six modules in the course, each of which is accompanied by a set of theoretical exercises. The learning objectives associated with each module are outlined in the table below.
03802 LZU 108 3827 Rev. A
HLR/AC Overview
Module 1. The Wireless Network 1/03802 LZU 108 3827
Module Objectives Summarize the architecture and main principles of the cellular network Identify the entities in a cellular network Recognize the different areas defined within a cellular network Understand the terminology associated with cellular networks Outline the function of the HLR List the important data stored in the HLR
2. HLR Traffic Functions 2/03802 LZU 108 3827
Explain the traffic functions of the HLR Understand the purpose of registration Describe subscriber activity handling in the HLR Outline the HLRs role in call delivery State how the HLR supports equal access pre-subscription Identify the HLRs role in SMS calls Understand how a subscriber service call operates
3. Security and Authentication 3/03802 LZU 108 3827
Describe the purpose and content of the Authentication Center Explain how the main authentication procedures operate Understand the security and authentication functions in the HLR/AC
4. OA&M in the HLR/AC 4/03802 LZU 108 3827
Understand the OA&M model in the HLR/AC Describe the main tasks related to Operation, Administration and Maintenance of the HLR/AC Differentiate between alarms and notifications Understand geographical redundancy.
ii
03802 LZU 108 3827 Rev. A
HLR/AC Overview
Module 5. HLR/AC Components 5/03802 LZU 108 3827
Module Objectives Describe the application platform Outline how the HLR/AC communicates according to CORBA-compliant interfaces Explain how TelORB, network signaling support and the OA&M implementation are combined in the HLR/AC List the hardware components of the HLR/AC Identify the application software of the HLR/AC
6. HLR Subscriber Features 6/03802 LZU 108 3827
Identify the most common subscriber features supported by the HLR
03802 LZU 108 3827 Rev. A
iii
HLR/AC Overview
iv
03802 LZU 108 3827 Rev. A
Table Of Contents
Module 1.
The Wireless Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1

1.1 1.2 1.2.1 1.2.2 1.2.3 1.2.4 1.2.5 1.2.6 1.2.7 1.2.8 1.2.9 1.3 1.3.1 1.3.2 1.3.3 1.3.4 1.3.5 1.4 1.4.1 1.4.2 1.4.3 1.4.4 1.4.5 1.4.6 1.5 1.5.1 1.5.2 1.5.3 1.5.4 1.5.5 1.5.6 1.6 1.6.1 1.6.2 1.7 Introduction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 Entities in a Cellular Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 Mobile Switching Center (MSC). . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 Base Station (BS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 The Authentication Center (AC) . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 Home Location Register (HLR) . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 Visitor Location Register (VLR) . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 Mobile Station (MS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Message Center (MC) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Service Control Point (SCP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Operation and Maintenance Center (OMC). . . . . . . . . . . . . . . . . . . 5 Areas in a Cellular Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Cell . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 Location Area (LA). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 Service Area (SA) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 Numbering Plan Area (NPA) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 Local Access and Transport Area (LATA) . . . . . . . . . . . . . . . . . . . . 6 Terminology in a Cellular Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 Interexchange Carrier (IC) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 Carrier Identification Code (CIC) . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 Co-operating Exchange . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 Peripheral Equipment Gateway (PEG) . . . . . . . . . . . . . . . . . . . . . . 8 Gateway MSC (MSC-G) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 Visited MSC (MSC-V) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 Numbers in a Cellular Network. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 Directory Number (DN) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 Electronic Serial Number (ESN) . . . . . . . . . . . . . . . . . . . . . . . . . . 10 Mobile Identification Number (MIN) . . . . . . . . . . . . . . . . . . . . . . . . 10 Personal Identification Number (PIN) . . . . . . . . . . . . . . . . . . . . . . 11 Temporary Local Directory Number (TLDN) . . . . . . . . . . . . . . . . . 11 Forward-To Number (C-Number). . . . . . . . . . . . . . . . . . . . . . . . . . 11 Home Location Register. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 Database Function . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 Subscriber Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
HLR/AC Overview
Module 2.
HLR Traffic Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

2.1 2.2 2.3 2.4 2.5 2.6 2.7 2.8 2.9 2.10 Introduction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 Traffic Functions of the HLR. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18 Registration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19 Subscriber Activity Handling. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 Call Delivery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22 Equal Access Pre-Subscription . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24 IS-136 Alphanumeric Paging with Short Message Service . . . . . . . . 26 Subscriber Service Call . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28 Support of Subscriber Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
Module 3.
Security and Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33

3.1 3.2 3.2.1 3.2.2 3.2.3 3.2.4 3.2.5 3.3 3.4 3.4.1 3.4.2 3.4.3 3.4.4 3.4.5 3.5 3.6 3.6.1 3.6.2 3.7 3.8 Introduction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33 Types of Fraud . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34 Cloning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34 Tumbling ESN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35 Hijacking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35 Subscription Fraud . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35 Administrative Fraud . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35 Security and Authentication Functions . . . . . . . . . . . . . . . . . . . . . . . . 35 Authentication. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36 Introduction to Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36 Authentication Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37 Authentication Procedures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39 Authentication Failure Reporting . . . . . . . . . . . . . . . . . . . . . . . . . . 44 Authentication Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44 Voice Privacy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45 Fraudulent Activity Detection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46 FAD Procedure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47 Call Barring Upon Fraudulent Activity . . . . . . . . . . . . . . . . . . . . . . 47 Serial Number Screening . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
Module 4.
OA&M in the HLR/AC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51

4.1 4.2 4.2.1 4.3 4.3.1 4.3.2 4.3.3 4.3.4 4.3.5 4.3.6 Introduction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51 The OA&M Model Within the HLR/AC . . . . . . . . . . . . . . . . . . . . . . . . 52 Telecommunications Management Network (TMN). . . . . . . . . . . . 52 Typical OA&M Tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54 Logical Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54 Group Profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54 Subscriber Number Administration . . . . . . . . . . . . . . . . . . . . . . . . 55 Subscriber Administration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56 Peripheral Equipment Gateway Data . . . . . . . . . . . . . . . . . . . . . . 56 Subscriber Activity Report . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56
vi
03802 LZU 108 3827 Rev.A
Table of Contents
4.3.7 4.3.8 4.3.9 4.3.10 4.4 4.4.1 4.5
Administration of Co-operating Exchanges . . . . . . . . . . . . . . . . . . 57 Forward-To Number Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57 Tables in the HLR/AC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57 Alarm Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57 Geographical HLR Redundancy. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62 Documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65
Module 5.
HLR/AC Components. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67
5.1 5.2 5.2.1 5.2.2 5.2.3 5.2.4 5.2.5 5.3 5.3.1 5.3.2 5.3.3 5.4 5.4.1 5.4.2 5.5 5.6 Introduction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67 HLR/AC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68 Application Platform. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69 Common Object Request Broker Architecture. . . . . . . . . . . . . . . . 72 TelORB . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75 Network Signaling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78 OA&M . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79 HLR/AC Components. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80 Application Platform Hardware . . . . . . . . . . . . . . . . . . . . . . . . . . . 81 HLR/AC Application Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83 Example of an Incoming Message . . . . . . . . . . . . . . . . . . . . . . . . 88 Dimensioning the HLR/AC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90 Dimension the HLR/AC Traffic Intensity . . . . . . . . . . . . . . . . . . . . 90 Dimension the HLR/AC Subscriber Database Size . . . . . . . . . . . . 91 HLR and Middleware Right-To-Use . . . . . . . . . . . . . . . . . . . . . . . . . . 93 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94
Module 6.
HLR Subscriber Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95

6.1 6.2 6.3 6.4 6.5 6.6 6.7 6.8 6.9 6.10 6.11 6.11.1 6.11.2 6.11.3 6.11.4 6.12 6.13 6.14 Introduction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95 Calling Number Identification (CNI) . . . . . . . . . . . . . . . . . . . . . . . . . . 96 Enquiry Call (ENQ). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97 Group 3 Fax (G3FAX) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97 Malicious Call Tracing (MCT) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97 Mobile Priority Subscriber (MPS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97 Asynchronous Data (ADS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97 Call Waiting (CAW). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98 Mobile Charging Area (MCA) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98 Short Message Service (SMS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98 Call Forwarding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99 Call Forwarding Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99 Busy Call Forwarding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100 Call Forwarding Variations. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101 Forward-to Number Provision . . . . . . . . . . . . . . . . . . . . . . . . . . . 102 Immediate Charging (ISE) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103 Message Waiting Indication (MWI). . . . . . . . . . . . . . . . . . . . . . . . . . 104 Do Not Disturb (DDB). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104
03802 LZU 108 3827 Rev. A
vii
HLR/AC Overview
6.15 6.16
Absent Subscriber . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106
List of Abbreviations and Acronyms . . . . . . . . . . . . . . . . . . . . . . . 107
Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115
viii
03802 LZU 108 3827 Rev.A
Module 1. The Wireless Network
1.1 Introduction
Module Objectives
After completing this module you will be able to: Summarize the architecture and main components of the cellular network Identify the entities in a cellular network Recognize the different areas defined within a cellular network Understand the terminology associated with cellular networks Outline the function of the HLR List the important data stored in the HLR. This module introduces the range of components that exist in a wireless network. It describes the role of each component and their relationships to the other entities in the network. It outlines the various geographical regions defined within the cellular network and explains the meaning of some terminology specific to cellular networks. The module describes the main role of the HLR as a database and summarizes the data stored in the HLR.
1/03802 LZU 108 3827 Rev. A
HLR/AC Overview
1.2 Entities in a Cellular Network

The Advanced Mobile Phone System (AMPS) is an analogue standard which was developed in North America and introduced in 1984. The Digital Advanced Mobile Phone System (D-AMPS) is an evolution of the analog AMPS standard and implements Time Division Multiple Access (TDMA). D-AMPS conforms to the IS-136 standard defined by the Cellular Telecommunications Industry Association (CTIA). The majority of cellular networks in North America, South America, New Zealand and Australia adhere to the Digital Advanced Mobile Phone System (D-AMPS) standard. There are various entities in a D-AMPS network, some of which are displayed in the figure below.
Figure 1.1 Entities in a Cellular Network
1.2.1
Mobile Switching Center (MSC)

The Mobile Switching Center (MSC) is the heart of the cellular network. It is responsible for switching calls from the initial origin to the final point of destination. The MSC handles all connections and disconnections of mobile calls. It supports the call processing and switching functions in the wireless network. It handles traffic within a cellular network, interfacing with other MSCs in the same or other cellular networks. It also interfaces with the Public Switched Telephone Network (PSTN) at the local, transit, or international gateway levels.
1/03802 LZU 108 3827 Rev. A
Module 1 - The Wireless Network
1.2.2
Base Station (BS)

The Base Station (BS) handles traffic to and from the mobile subscriber. It is connected to the MSC and includes the transceiver and control equipment located at one site. This control equipment handles and supervises the quality of the radio connection between the BS and mobile subscriber, and the communication link between the BS and MSC. An MSC controls one or more BSs.
1.2.3
The Authentication Center (AC)

The Authentication Center (AC) establishes that the individual attempting to make a call is a genuine subscriber and has a valid subscription to the mobile network. The AC holds authentication data specific to each subscriber which prevents fraud in the network. Using this data, the AC can detect when someone is trying to access the network with a counterfeit subscription. The AC is often colocated with the Home Location Register (HLR).
1.2.4
Home Location Register (HLR)

The Home Location Register (HLR) acts as a centralized network element for storing subscriber information. It administers the subscriber information and sends that information to other network elements. Each mobile subscriber has a record in a HLR. An HLR stores subscriber information (such as location information, subscriber activity status or subscriber features) in the subscribers record. An HLR may be located within an MSC or it may be a stand-alone network node. An HLR can serve more than one MSC. An operator may have more than one HLR installed in the network depending, on subscriber capacity. Each HLR can be duplicated for redundancy purposes.
1.2.5
Visitor Location Register (VLR)

The Visitor Location Register (VLR) is a database for storing information related to visiting subscribers. A visiting subscriber is a subscriber who is currently receiving service from an MSC. An MSC considers all mobile subscribers to be visiting subscribers. The visiting mobile subscriber identities and associated subscriber data are stored in VLR records similar to the HLR records. The VLR is normally co-located with an MSC, (leading to the term MSC/VLR), but is separate from the HLR. When a subscriber registers with the network, subscriber information must be transferred from the HLR to the MSC where the subscriber is registered. The VLR acts as the interface between the HLR and the MSC for the transfer of subscriberrelated information. The MSC retrieves information from the VLR for handling calls to or from visiting subscribers.
1/03802 LZU 108 3827 Rev. A
HLR/AC Overview
The signaling standard IS-41 can be used to transport messages between the MSC/VLR and the HLR.
1.2.6
Mobile Station (MS)

The Mobile Station (MS) is the physical handset that the subscriber uses to make a mobile call. It enables the user to access network services. The MS communicates with the mobile network; it is the interface equipment used to terminate the radio path at the user side. Different manufacturers produce many different variations of mobile stations, offering a variety of designs and features tailored to meet the individual needs of subscribers. There are a range of standards for mobile stations that affect the capabilities of the mobile station. A mobile station, manufactured according to a particular standard, ensures that the mobile station can obtain service in a cellular system that adheres to the same standard. The following are examples of Interim Standards (ISs) which affect mobile stations: IS-54B IS-136 IS-95 IS-95A IS-88 IS-94 IS-91.
Mobile Stations which adhere to a particular standard ensure that certain functionality is possible. For example a mobile station that supports IS-54B, IS-91 or IS-136 is capable of authentication. The MS communicates with the mobile network via the BS along a radio link. The communication path between the MS and BS is referred to as the air interface.
1.2.7
Message Center (MC)

A Message Center (MC) is a network node responsible for the reception and delivery of short messages (alphanumeric messages sent to the display screen of a mobile station). The MC communicates with the MSC and the HLR using IS-41 signaling.
1.2.8
Service Control Point (SCP)

The Service Control Point (SCP) acts as a host for a variety of Wireless Intelligent Network (WIN) features in addition to those features offered by the MSC/VLR functionality. WIN features enhance the range, quality and
1/03802 LZU 108 3827 Rev. A
flexibility of services that can be offered to mobile subscribers as well as the speed with which new services can be developed and introduced. Toll Free Calling and Private Numbering Plan are examples of WIN services. The SCP contains the logic to control the handling of WIN calls and services. The SCP allows operators to quickly deploy customized features enabling them to offer service differentiation, which ultimately leads to an increase in subscriber loyalty and revenue. The SCP can communicate with the HLR/AC and the MSC using IS-41 signaling.
1.2.9
Operation and Maintenance Center (OMC)

An Operation and Maintenance Center (OMC) is a computerized monitoring center which is connected to network components such as MSCs. In the OMC, staff are presented with information about the status of the network and can monitor and control nodes within the cellular network. The staff can remotely contol these nodes and perform operations on them without having to be on-site. There may be one or several OMCs within a network depending on the network size.
1.3 Areas in a Cellular Network

A mobile network is divided up into a number of areas that enable operators to break up their cellular systems into manageable areas providing mobile coverage to subscribers. A mobile network can be referred to as a Public Land Mobile Network (PLMN).
Figure 1.2 Areas in a Cellular Network
1/03802 LZU 108 3827 Rev. A
HLR/AC Overview
1.3.1
Cell
A cell is the basic unit of a mobile network. A mobile network is comprised of many cells. Each cell provides coverage to a specific area in the mobile network. The size of a cell can vary; it can provide coverage to a large or small geographic area. A Base Station (BS) controls one or several cells.
1.3.2
Location Area (LA)

Operators can group a number of cells together to form a Location Area (LA). When a mobile station enters a new LA it must register its new location with the cellular system. The VLR keeps track of the LA that a mobile subscriber is currently receiving coverage in. When a call is being routed to a subscriber, this Location Area is used to page the subscriber.
1.3.3
Service Area (SA)

A number of Location Areas (LAs) can be grouped together to form a Service Area (SA). A Service Area is controlled by one MSC. The HLR stores the MSC identity of the Service Area in which the mobile subscriber was last registered.
1.3.4
Numbering Plan Area (NPA)

A Numbering Plan Area (NPA) identifies the area code for a PLMN or PSTN. For example, the NPA for Montreal is 514.
1.3.5
Local Access and Transport Area (LATA)

A Local Access and Transport Area (LATA) is a geographical region that defines the boundaries betweeen between local and long-distance service. A call that originates and terminates within the same LATA is a local call while a call that crosses the boundary of a LATA is a long-distance call. Mobile operators (local exchange carriers) provide service within a LATA while long distance carriers transport calls transiting between LATAs. The service area of a Mobile Switching Center (MSC) may include one or more Local Access and Transport Areas (LATAs). Subscribers can travel from one LATA to another and make calls from within their LATA to subscribers in other LATAs.
1/03802 LZU 108 3827 Rev. A
1.4 Terminology in a Cellular Network
Figure 1.3 NPA, LATA and IC
1.4.1
Interexchange Carrier (IC)

An Interexchange Carrier (IC) is an operating company that transports mobile calls across LATA boundaries; it specialises in long distance calls. There are a number of different Interexchange Carriers (ICs), for example MCI, Sprint or AT&T. ICs offer diverse competitive packages to subscribers. The subscriber can choose (pre-subscribe) which IC to use for their calls outside their area code (inter-LATA calls) by dialing a specific code. The HLR stores this information in the subscriber data as the subscribers Preferred Interexchange Carrier (PIC). If the subscriber does not choose an IC, the default PIC is used.
1.4.2
Carrier Identification Code (CIC)

A Carrier Identification Code (CIC) is used to route and bill calls in the public switched telephone network. CICs are four-digit codes in the format XXXX. To obtain a CIC, an applicant must purchase access from an access provider, who will in turn apply to the North American Numbering Plan Administration (NANPA) for the assignment on behalf of the access purchaser.
1/03802 LZU 108 3827 Rev. A
HLR/AC Overview
1.4.3
Co-operating Exchange
A co-operating exchange is any Mobile Switching Center (MSC) or Message Center (MC) in a cellular network that communicates with the HLR. All mobile telephony exchanges in the network that subscribers can roam to are defined as co-operating exchanges in the HLR. When an operator defines an MSC as a co-operating exchange, information such as the identity of the MSC, routing information and signaling information are entered into the database. This information is used for routing purposes so that other entities in the cellular network can communicate with the co-operating exchange.
1.4.4
Peripheral Equipment Gateway (PEG)

The Peripheral Equipment Gateway (PEG) is a node in the network which connects MSCs and HLRs to external equipment, specifically the Voice Mail System (VMS). When the HLR detects that a subscriber has diverted calls to the VMS, calls to the subscriber are routed via the PEG to the appropriate voice mail box.
1.4.5
Gateway MSC (MSC-G)

The Gateway MSC (MSC-G) is the exchange where calls to a given subscriber arrive initially in the PLMN. The MSC-G is the first exchange to receive calls from the mobile operators network and also calls from other networks, for example the PSTN. The MSC-G can also be referred to as the Interrogation Exchange because it interrogates the HLR asking for the subscribers location.
1/03802 LZU 108 3827 Rev. A
Figure 1.4 MSC-G and MSC-V
1.4.6
Visited MSC (MSC-V)

A Visited Mobile Switching Center (MSC-V) is any MSC where a mobile subscriber places or receives a call. It is the exchange that is currently providing service to the subscriber. The MSC-V is responsible for call setup, supervision, and disconnection; locating, handoff, and related functions; and charging. The MSC-V is usually the MSC where the subscriber has registered and is pointed to by the subscriber location information in the HLR at call delivery. The MSC-V can also be referred to as the serving Exchange.
1/03802 LZU 108 3827 Rev. A
HLR/AC Overview
1.5 Numbers in a Cellular Network
Figure 1.5 Numbers in a Cellular Network
1.5.1
Directory Number (DN)

A Directory Number (DN) is a number which uniquely identifies a mobile telephone subscription in the PSTN numbering system. The DN is used when dialing calls to mobile subscribers. The mobile telephone numbering plan can be separate or integrated into the PSTN numbering plan. The DN consists of a 10 digit number of the format NPA nxx xxxx where n can have the value 2-9 and x can have the value 0-9.
1.5.2
Electronic Serial Number (ESN)

The Electronic Serial Number (ESN) is a number which uniquely identifies a subscribers mobile station. There are eight digits in the ESN. It consists of three parts: a manufacturer's code, a reserved area, and a manufacturer-assigned serial number. The ESN is used for protection from unauthorized use. Each mobile station is assigned a unique, fixed ESN which is stored in protected memory of the mobile station during manufacture. If a mobile station is stolen, the operator can define the ESN to be fraudulent and prevent misuse.
1.5.3
Mobile Identification Number (MIN)

The Mobile Identification Number (MIN) is a number which uniquely identifies a mobile subscription on the radio path. It is used for signaling
10
1/03802 LZU 108 3827 Rev. A
within the cellular network. The MIN is stored in the mobile station. In North America, the MIN value is often the same as the DN.
1.5.4
Personal Identification Number (PIN)

A Personal Identification Number (PIN) is a number which is unique to each mobile subscriber. The network administration supplies the mobile subscriber with a PIN code. The subscriber can use their PIN to activate and deactivate certain subscriber features, for example call barring. In this manner, the PIN code protects against unauthorized access to subscriber contolled features.
1.5.5
Temporary Local Directory Number (TLDN)

The Temporary Local Directory Number (TLDN) is used for delivering calls to roaming subscribers. Each MSC has its own pool of TLDNs. During a call to a subscriber, the HLR asks the exchange where the subscriber is located (MSC-V) for a TLDN which is used to route the call to the MSC-V. The TLDN is a network address which is temporarily assigned for call set-up; once the call is routed to the subscriber, the TLDN is released back into the pool and can be used for other call set-ups.
1.5.6
Forward-To Number (C-Number)

A Forward To Number (C-Number) is the number of another phone to which a call is diverted during call forwarding. The operator can define this number (e.g. for forwarding Voice Mail) or the subscriber can define the number by means of procedure calls. A subscriber can have certain subscriber classes indicating that calls should be diverted.
1/03802 LZU 108 3827 Rev. A
11
HLR/AC Overview
1.6 Home Location Register

1.6.1 Database Function
The Home Location Register (HLR) acts as a central network element for storing mobile subscriber information. It administers the subscriber information and distributes that information to other network elements. The HLR subscriber is always considered a roamer by the network and whenever the subscriber registers in a new service area the HLR copies most of the subscriber information from its database to the VLR. The serving MSC/VLR location of the subscriber is then stored in the HLR, which the HLR uses to deliver calls to the roaming subscriber. The HLR stores subscription, location and activity data and provides administration procedures to allow this data to be added and maintained.
1.6.2
Subscriber Data
The HLR holds both static and dynamic data. Static data is mainly related to the mobile subscription and is generally added and updated manually.
Figure 1.6 The HLR as a Database
12
1/03802 LZU 108 3827 Rev. A
The main data items are listed below: Mobile Identification Number (MIN) Directory Number (DN) Electronic Serial Number (ESN) Personal Identification Number (PIN) Terminal Type The standard that corresponds to the subscribers mobile station, for example IS-54 B, IS-136 etc. Subscriber Features Note that for certain features additional information will be stored, for example, for call forwarding a forward-to number and service activity state will also be stored. In some cases subscribers can reset these values by using service calls. Some features are assigned to all subscribers (for example traffic class, control channel capability) and some will be optional (for example call forwarding busy, preferred long distance carrier etc.).
Dynamic data is updated automatically as the mobile roams and becomes active or inactive. This includes: Serving MSC Identification (MSCID) The serving MSCID is updated when the mobile registers in an exchange service area. Temporary Location (TLOC) When subscriber makes a call in an exchange where the subscriber is not previously registered the MSC may send a registration message with a Temporary Location (TLOC). The TLOC may be used to route calls to the subscriber instead of the stored location. The TLOC is only set for a call on an analog voice channel and is cleared when the call finishes. This feature is used in Ericsson MSCs. Location Area Identification (LOCID) The LOCID is received when the mobile registers and can be sent to the MSC during call delivery in case the serving MSC does not have a valid location area for the subscriber. Activity status The activity status indicates whether the mobile station is currently registered. The activity status is updated to active when a mobile station powers on and becomes inactive when the mobile powers off or misses a periodic registration. Control Channel Mode (CCM) This is stored and maintained for subscribers in order to check for fraudulent accesses. That is if the mode is not compatible with the Control Channel Capabilities (CCCs) of the phone. CCM is also
1/03802 LZU 108 3827 Rev. A
13
HLR/AC Overview
used to check before delivering short messages that the mobile is on a digital CC. To support this a registration message must be sent from the serving MSC whenever the MS changes CC type.
14
1/03802 LZU 108 3827 Rev. A
1.7 Summary
A number of entities exist in the cellular network. They co-operate and communicate together in order to provide mobile communication to the subscriber. They each have a specific role to fulfill and perform different tasks. Some of the entities in a cellular network are:
Mobile Switching Center (MSC) Base Station (BS) Authentication Center (AC) Home Location Register (HLR) Visitor Location Register (VLR) Mobile Station (MS) Message Center (MC) Service Control Point (SCP) Operation and Maintenance Center (OMC).
A cellular network is divided into a number of geographical areas:
A cell is the smallest and most basic area in the mobile network A number of cells can be grouped together to form a Location Area (LA) A number of Location Areas can be grouped together to form a Service Area (SA).
A Numbering Plan Area (NPA) corresponds to an area code in a PLMN. A Local Access Transport Area (LATA) is a geographical region that distinguishes between local and long-distance service. An Interexchange Carrier (IC) provides a service for transporting calls that traverse LATAs, that is long distance calls. A Carrier Identification Code (CIC) identifies an IC. Some of the numbers associated with the cellular network are:
The Directory Number (DN) which is the number which you dial in order to reach a mobile subscriber The Electronic Serial Number (ESN) which is inscribed on every mobile station during manufacture The Mobile Identification Number (MIN) is the mobile networks translation of the Directory Number The Temporary Local Directory Number (TLDN) is requested from the exchange where the subscriber is located and is used as a dynamic address to route the call to the subscriber The Forward To Number (C-Number) specifies a destination number
1/03802 LZU 108 3827 Rev. A
15
HLR/AC Overview
that the call should be diverted to. The HLR stores subscriber data, for example ESN, DN and PIN. It also stores dynamic data which is updated automatically, for example MSCID and activity status.
16
1/03802 LZU 108 3827 Rev. A
Module 2. HLR Traffic Functions
2.1 Introduction
Module Objectives
After completing this module you will be able to understand: Explain the traffic functions of the HLR Understand the purpose of registration Describe subscriber activity handling in the HLR Outline the HLRs role in call delivery State how the HLR supports equal access pre-subscription Identify the HLRs role in SMS calls Understand how a subscriber service call operates. Although it is not a switch, the Home Location Register is involved in handling many types of traffic cases. In particular, the HLR is involved in subscriber activity management and in the set-up phase of calls to mobile stations. This module outlines the role of the Home Location Register for various traffic cases.
2/03802 LZU 108 3827 Rev. A
17
HLR/AC Overview
2.2 Traffic Functions of the HLR

The HLR is involved in the following traffic functions: Registration Subscriber activity handling Call delivery Equal access pre-subscription IS-136 alphanumeric paging with Short Message Service (SMS) Subscriber service calls Supporting subscriber feature calls.
The HLR is also involved in authentication and checking for fraudulent events during traffic processes, the details of which are not shown here but are covered later in the Security and Authentication module.
18
2/03802 LZU 108 3827 Rev. A
Module 2 - HLR Traffic Functions
2.3 Registration
The purpose of registration is to update a subscribers mobile station location, which is used when a call needs to be delivered to that mobile station. The HLR may be involved with several types of registrations, for example, new system area, power on, power down (activity/inactivity messages) and control channel changes. The example here shows how the HLR deals with a mobile subscriber who registers in an MSC where they were not previously registered.
Figure 2.1 Registration in a new Serving Exchange
1. 2. 3. 4.
The MS sends a Registration Access message to the serving MSC. The serving MSC does not find the subscriber record in the VLR and sends a Registration Notification message to the subscribers HLR. The HLR checks the subscriber record, and finds the last location area where the subscriber was registered (if any). The HLR sends a Registration Cancellation message to the MSC where the MS was last registered, because a mobile subscriber should only be registered in one VLR at a time. The last serving MSC then removes the subscriber data from the VLR and sends back confirmation that the subscriber has been removed. In the HLR, the subscriber state is set to active and the location data is set to the new serving MSCID. The subscriber data is sent to the serving MSC in the Registration Notification Return Result message and stored in the VLR.
5. 6.
2/03802 LZU 108 3827 Rev. A
19
HLR/AC Overview
The HLR can receive multiple registrations from the same subscriber. This can occur if the MS registers in an area bordering another MSC and if its registration access message is picked up by a Base Station in another MSC. If this happens, and the function Multiple Access Handling is present (normally available), the stored location is not immediately updated. The Multiple Access Time Supervision (MATS) feature delays a Registration, for a short time interval, until the probability of receiving other Registration Notification messages from the same subscriber is diminished. During this time interval, the Registration Notification message reporting the best signal strength is considered to be the true access. When the time interval for Multiple Access Handling has expired, a Registration Cancellation message is forwarded to the exchange indicated by the stored location. If the exchange accepts to cancel its subscribers record, the interim location is stored as the new stored location.
Figure 2.2 Registration
When a mobile station initiates a call in an area that it is not registered in, the mobile stations temporary location gets updated in the HLR. This temporary location lasts for the duration of the call, but is cleared when the call is terminated. This only applies to analog calls in an Ericsson MSC.
20
2/03802 LZU 108 3827 Rev. A
2.4 Subscriber Activity Handling

This function handles the activity and inactivity messages received by the HLR from the Visiting Mobile Switching Center (MSC-V) where the subscriber is roaming. A mobile station becomes Inactive when it misses a periodic registration or when the mobile station powers off. This activity information is used to avoid call routing and delivery to an inactive subscriber.
Figure 2.3 Subscriber Activity Handling
1. 2. 3. 4.
The subscriber powers down their mobile station and an indication is sent to the MSC-V. The MSC-V sends an MSInactive message to the HLR. The HLR marks the subscribers activity status as Inactive. The HLR sends the MSInactive Return Result message to the MSC-V to indicate acknowledgement.
When an inactive subscriber becomes active in an MSC-V, a Registration Notification message is sent to the HLR. The HLR marks the subscribers activity status as active. If the stored subscriber location is different from the location where the activity information is received, the HLR sends a Location Cancellation Request message to the stored location. The stored location is reset to reflect the current location.
2/03802 LZU 108 3827 Rev. A
21
HLR/AC Overview
2.5 Call Delivery

This section describes how a call is delivered to a mobile subscriber. It is assumed that the subscriber is active, that the call is successfully delivered to the MS and that the subscriber will answer the call. For a call to reach a mobile station it must enter the mobile system via an MSC with gateway functionality (that is, MSC-G). A call to a mobile station can be delivered to a MSC-G via a Public Switched Telephony Network (PSTN) or another MSC, or initiated within the MSC-G by another mobile station.
Figure 2.4 Call Delivery
1. 2.
The MSC-G receives a call setup message containing the DN. The MSC-G sends a Location Request message, with the DN and some other data, to the subscribers HLR with the DN and some other data. The HLR returns a number, so that the call can be delivered to the subscriber. This number is called a Temporary Local Directory Number (TLDN). The HLR uses the DN to read the subscriber record. It then checks the subscriber state and relevant features, and converts the DN to the MIN. If the subscriber state and features are acceptable, the HLR sends a Routing Request message, containing the MIN, to the serving MSC, (the MSC from which the subscriber last sent a registration message).
3.
4.
22
2/03802 LZU 108 3827 Rev. A
5.
The MSC-V selects a TLDN and ties this to the subscribers MIN and other data. This TLDN uniquely represents this subscriber for the duration of call setup. Note that the MSC-V may try to page the MS and give it a voice channel before returning the TLDN. The TLDN is returned to the HLR in the Routing Request Return Result message. The HLR returns the TLDN to the MSC-G in the Location Request Return Result message. The MSC-G uses the TLDN to route the call to the MSC-V. It is also possible that the MSC-G and MSC-V are one and the same, in which case, the TLDN is used to deliver the call internally in the MSC-G. When the call enters the MSC-V, the TLDN is used to identify the mobile station. When identified, the mobile station is paged, designated to a voice channel (if not done at the time TLDN was requested) and alerted of an incoming call. When the mobile subscriber answers, the call delivery to the mobile station is complete.
6. 7. 8.
9.
In some circumstances, a call may not be delivered, depending on the information returned in the Routing Request Return Result message from the MSC-V to the HLR. When the MSC-V receives the Routing Request message, it checks the status of the mobile station. If the MS status is inactive, then only the MS status is sent to the HLR in the Routing Request Return Result message. If the mobile station is busy or inactive, the HLR checks if the subscriber has call forwarding. If so, a call forward-to number is sent in the Location Request Return Result message to the MSC-G, otherwise a busy indicator is sent. Calls may not be delivered due to congestion, or a subscriber feature setting, for example, call barring.
2/03802 LZU 108 3827 Rev. A
23
HLR/AC Overview
2.6 Equal Access Pre-Subscription

Equal access pre-subscription allows the subscriber a choice of carriers to service calls between Local Access and Transport Area (LATA) boundaries. These calls are referred to as "inter-LATA calls." The subscriber has the option to choose an Interexchange Carrier (IC) for each call on a per-call basis, by specifying the Interexchange Carrier code from the MS before calls, or to use a mobile pre-subscribed Preferred Interexchange Carrier (PIC) by setting up a default IC for all calls.
Figure 2.5 Equal Access Pre-subscription
The equal access pre-subscription feature operates as follows: 1. 2. 3. The subscriber dials an interexchange B-subscriber number from the Public Switched Telephone Network (PSTN). The number is received in the MSC-G. A Location Request message is sent to the HLR to determine the B-subscribers location. The HLR detects from the number dialed, that it is an interexchange call. The HLR checks the roaming B-subscribers profile for their default PIC (Note that the B-subscriber typically pays for the roaming part of the call, so their PIC should be used). The B-subscribers Preferred Interexchange Carrier is translated into the Carrier Identification Code (CIC) in a PIC-CIC translation table. This table facilitates ease of change, for example, when an Interexchange Carrier changes, the operator does not need to update all subscriber records, but only update one PIC-CIC translation in the PIC-CIC translation table.
4.
24
2/03802 LZU 108 3827 Rev. A
5. 6. 7.
The Routing Request message is sent to the serving MSC to get the status of the called MS or their TLDN. The serving MSC returns the Routing Request Return Result message to the HLR containing the TLDN or the state of the MS. If the MS can receive the call, the HLR sends the Location Request Return Result message to the MSC-G with the TLDN and the subscribers CIC. This CIC routes the call through its associated interexchange carrier, to the other LATA and its MSC-V. The MSC-V uses the TLDN to identify the mobile station, page it and designate a voice channel to it.
8. 9.
Equal Access is also used when a mobile A-subscriber makes a long distance call. Their preferred carrier (which was copied down to the VLR at registration) is used.
2/03802 LZU 108 3827 Rev. A
25
HLR/AC Overview
2.7 IS-136 Alphanumeric Paging with Short Message Service

This feature allows users with IS-136 compatible mobile stations to send and receive short text messages. The messages can be up to 239 characters long (operator defined) and are sent or received only on a Digital Control Channel (DCCH). Messages are sent to the Message Center (MC) which stores and forwards the messages to the serving MSC (MSC-V) for delivery to active idle mobile stations. For example, the MC requests the serving MSC address from the HLR. This address is used to route the message to the serving MSC. The MSC pages the mobile station and the message is delivered. If the mobile station cannot be contacted, then the message is stored in the MC and the subscriber is flag marked in the HLR. When the subscriber becomes available, the HLR informs the MC so that the message can be delivered. The HLR is only involved in terminating SMS calls. The following example shows a message being sent to the MS.
Figure 2.6 Terminated SMS Delivery
1.
The message is stored in the MC for subscriber 514 5550100. This could be manually entered by an operator or could originate from another MS. The MC sends a SMS request message (SMSREQ) containing the MIN of the subscriber to the HLR. The HLR checks the MIN, the ESN, if the subscriber has the SMS feature and if the MS is active.
2. 3.
26
2/03802 LZU 108 3827 Rev. A
4.
If all checks have a positive result, the HLR sends the SMS address (S7/C7 destination address of the visiting exchange, for example, the point code 226-2-38) in the SMSREQ Return Result message. The MC sends the SMS Delivery Point to Point message (SMDPP), containing the text message, to the MSC-V. The MS is paged and the text message is delivered over the DCCH. The SMDPP Return Result message is sent back to the MC to indicate successful delivery or not.
5. 6. 7.
If the MS is not active, then the HLR flag marks the subscriber so that the MC is informed by the SMS Notification message (SMSNOT) when the MS becomes active (registered in the HLR). If the subscriber is not connected, or does not have the SMS feature, then a Return Error message is sent back to the MSC, and the short message delivery fails.
2/03802 LZU 108 3827 Rev. A
27
HLR/AC Overview
2.8 Subscriber Service Call

The HLR subscriber service call provides the Home Location Register subscribers with the capability to administer subscriber-controlled features via a dialed code called a feature code. Operators can define and modify these feature codes for subscriber service calls to the HLR. The operator can also group the features and assign feature codes for setting the grouped features. After completing the service call, the subscriber receives a unique recorded message for each code-controlled service. This message indicates whether that particular feature was successfully activated or deactivated. The following example shows a subscriber defining and activating a call forward-to number for the call forward no reply feature.
Figure 2.7 Subscriber Service Call
1.
The subscriber dials the digits for the procedure call, for example, *74 5550000. The number 74 is the procedure code to set the call forward-to number for the call forward no reply feature. The call forward-to number is 5550000. The Feature Request message is received by the HLR from the MSC. The HLR verifies the procedure digits, that is, 74, in the Procedure Code Analysis Table. This table contains a list of all valid procedure codes. Note that the call forward-to number is checked in the Call Forward-to Number Analysis Table to ensure that the number is not a restricted number, for example, the emergency number 911. The HLR compares the personal passcode, if specified by the subscriber, to the one that is stored in the subscribers data. When the verification is complete, the appropriate action code is selected (that is, activation, deactivation, interrogation). In this example, the HLR activates the feature with the call forward-to number and updates the subscriber data. When the action code is executed, the result of the action code is sent back in the Feature Request Return Result message to the HLR.
2. 3.
4.
28
2/03802 LZU 108 3827 Rev. A
5.
The Feature Request Return Result message is sent to the serving MSC. This message contains an indication that the service call was successful and optionally, an announcement list which can generate a unique recorded message to confirm the feature activation to the subscriber. The particular announcement for the procedure call is found by looking up the announcement code table.
In step 5 above, the serving MSC must be transaction compatible, that is, it must support the announcement list so that it can receive the announcement code of the service. If the MSC is not capable of handling the HLR announcement list, a tone is sent to the subscriber. These announcement codes are retrieved from the announcement code table in the HLR, which stores all the announcements. Each service has a unique announcement code associated with the following status: Activation Announcement code for the activation of a service Deactivation Announcement code for the deactivation of a service Failure Announcement code for a service that fails to be updated/interrogated.
The MSC generates the announcement towards the mobile station.
2/03802 LZU 108 3827 Rev. A
29
HLR/AC Overview
2.9 Support of Subscriber Features

Although the HLR is not a switching node, some subscriber feature information in the HLR may determine how a call is to be handled. The following features are those which result in the HLR having an active role in call handling: Call Forwarding Immediate Call Itemization Voicemail Message Waiting Indicator Do Not Disturb Absent Subscriber Terminating Call Barring.
Note: the involvement of the HLR in feature-related calls is described later in this book.
30
2/03802 LZU 108 3827 Rev. A
2.10 Summary
The main traffic functions of the HLR are:
Registration This function updates a subscribers mobile station location which is used when a call needs to be delivered to that mobile station.
Subscriber Activity Handling This function handles the activity and inactivity messages received by the HLR from the MSC-V, where the subscriber is roaming.
Call Delivery This function handles the delivery of a call to a mobile station. Equal Access Pre-subscription This feature allows the subscriber a choice of carriers to service calls across LATA boundaries.
IS-136 Alphanumeric Paging with Short Message Service This feature allows users with IS-136 compatible mobile stations to send and receive short messages.
Subscriber Service Calls This feature provides HLR subscribers with the capability to administer subscriber controlled services via a dialed code called a feature code.
Support of Subscriber Features The HLR may be involved in handling calls related to subscriber features (for example, call forwarding, immediate call itemization).
2/03802 LZU 108 3827 Rev. A
31
HLR/AC Overview
32
2/03802 LZU 108 3827 Rev. A
Module 3. Security and Authentication
3.1 Introduction
Module Objectives
After completing this module you will be able to: Describe the purpose and contents of the Authentication Center Explain how the main authentication procedures operate Understand the security and authentication functions in the Authentication Center. This module distinguishes between the different fraudulent activities that can occur in mobile networks today. The module outlines the purpose and contents of the AC. It describes the sequence of events involved in the main authentication procedures such as SSD update, base station challenge, unique challenge and global challenge. It also explains the security and authentication functionality which is implemented in the AC.
3/03802 LZU 108 3827 Rev. A
33
HLR/AC Overview
3.2 Types of Fraud

Fraud is a major problem for mobile network operators all over the world. The losses due to fraud amount to billions of dollars every year.
Figure 3.1 Different Types of Fraud
Several basic types of cellular fraud are attempted in cellular networks, each of which is described below.
3.2.1
Cloning
The MIN and ESN of a legitimate subscriber's mobile unit are programmed into another mobile unit. This can be done in different ways: The MIN and ESN are scanned when being transmitted over the air interface A fraudster steals a mobile station and retrieves the MIN and ESN from its memory A cellular operator employee "steals" the MIN and ESN from the system.
Cloning is the most common type of fraud. The majority of fraud in a cellular system is usually of this type.
34
3/03802 LZU 108 3827 Rev. A
Module 3 - Security and Authentication
3.2.2
Tumbling ESN
Tumbling ESN involves running an algorithm with a computer device connected to a mobile unit which generates random ESN and MIN codes. These are sent to the cellular network and when they match the ESN and MIN stored in the HLR/AC, the system accepts the mobile unit and a connection with the switch is established.
3.2.3
Hijacking
Hijacking involves increasing the output power of a mobile unit in order to take over a legitimate subscriber's voice channel. Once contact with the system is established, the second number feature can be used. This enables a user to dial a second number while connected to one already. Once the second number connection is established the first number is disconnected. The result is that the legitimate subscriber is charged for a call they did not make.
3.2.4
Subscription Fraud
The general idea of subscription fraud is to fool the administrative system of the operator. Typical examples of subscription fraud are subscriptions opened with erroneous personal data or customers that make a lot of calls the first month and then disappear without paying the bill.
3.2.5
Administrative Fraud
Administrative fraud occurs when exchange and subscriber data is accessed and changed without authorization. This can be done either by the operators own personnel (internal fraud) or by someone connecting to the lines going into the HLR/AC and MSC.
3.3 Security and Authentication Functions

The following measures are used within the mobile network to counteract fraud: Authentication Voice Privacy Fraudulent Activity Detection Serial Number Screening.
Each of these is described in more detail below.
3/03802 LZU 108 3827 Rev. A
35
HLR/AC Overview
3.4 Authentication
3.4.1 Introduction to Authentication
Authentication is used in cellular networks to verify that individuals accessing the network are genuine subscribers using authorised equipment. Authentication is a set of procedures that allows the network to validate the identity of each authentication capable Mobile Station (MS). Authentication is seen as one of the major steps to prevent fraud in cellular systems. The Telecommunication Industry Association (TIA) established a committee to address fraud detection and prevention. This committee specified enhancements to the IS-41 standard to support new authentication procedures. IS-41 standards specify protocols and operations to support the various authentication procedures. An Authentication Center (AC) must exist to implement authentication procedures and to manage authentication information related to subscribers. The Ericsson AC is co-located with the HLR, thus sharing subscriber information with the HLR. The AC establishes that the individual attempting to make a call is a genuine subscriber and has a valid subscription to the mobile network. The AC holds authentication data specific to each subscriber. Using this data, the AC can detect when someone is trying to access the network with a counterfeit subscription and report a suspected fraudulent event to the MSC. The MSC in turn reports this to the operator and appropriate action can be taken.
Figure 3.2 The Authentication Center in the Network
36
3/03802 LZU 108 3827 Rev. A
The authentication function is based on secret keys that are never sent or shown openly. The secret keys, together with other parameters, are used as input to an authentication algorithm, called the Cellular Authentication and Voice Encryption (CAVE) algorithm, in order to calculate an authentication value. Both the network and the MS run the algorithm and calculate the result and thereafter the network checks that the result is the same. In the event of a mismatch the operator is alerted by a printout and the appropriate action can be taken. The operator sets the authentication feature on or off in the AC for each subscriber. The subscriber must have an authentication capable phone (that is, one that conforms to the IS-54B standard, or higher, for example, IS-91 or IS-136). Connection of an authentication subscriber in the AC requires first setting the authentication feature service level in the HLR, then definition of subscriber data in the AC and finally, activating the feature in the HLR. Conversely, disconnection of the subscriber requires passivating the authentication feature in the HLR, deletion of the subscriber in the AC and resetting of the service level in the HLR. Note that the ESN cannot be removed or changed for an authentication subscriber and an authentication subscriber cannot be disconnected from the HLR if the feature is active.
3.4.2
Authentication Data
The AC contains the following data per subscriber: Authentication Key (A-Key) Shared Secret Data (SSD).
In addition, the The AC uses the subscribers MIN and ESN from the HLR for authentication purposes. The MS also stores the A-Key and the SSD. Authentication Key (A-Key) When a subscriber takes out a subscription with an authentication capable phone she/he is assigned an A-key. The A-Key is a 6 to 26 digit number generated in the AC (the operator defines the length). This number is never transmitted over the air or between network nodes. It is never displayed openly and is stored in encrypted format in the AC and MS only. The A-key can be transferred to the MS by the service representative. The A-key can be: Operator defined AC generated Defaulted (a common A-key pre-programmed into the MS and AC).
3/03802 LZU 108 3827 Rev. A
37
HLR/AC Overview
Figure 3.3 A-Key, CAVE and SSD
Cellular Authentication and Voice Encryption (CAVE) The Cellular Authentication and Voice Encryption (CAVE) algorithm is implemented in the AC, the MS and may also be implemented in the MSC. CAVE generates the SSD using the A-Key, ESN and a generated random number. CAVE also generates authentication results from the SSD, MIN, ESN and a random number. Shared Secret Data (SSD) The A-key is never transmitted between nodes (MSC and AC). Instead a value called Shared Secret Data (SSD) is calculated by the AC and MS and is used in the authentication process. This number is calculated by inputing the A-key, ESN and a random number into the CAVE algorithm. SSD can be considered as an A-Key which can be passed between nodes, rather than an authentication result to be used to confirm an access. The SSD can be shared with the MSC/VLR so that certain authentication functions can be done in the MSC/VLR. This can reduce the amount of signaling required in the network for authentication. To share the SSD, the MSC/VLR must have the CAVE algorithm. If the SSD is not shared the MSC-V sends an authentication request message to the AC every time the MS requires authentication.
38
3/03802 LZU 108 3827 Rev. A
3.4.3
Authentication Procedures
In order to authenticate a mobile subscriber, four different procedures are used, each in a different situation. Authentication Procedure SSD Update Base Station Challenge Global Challenge Unique Challenge
Usage Performed when a new SSD is required (operator defined) Performed when a new SSD is required (operator defined) Registration and other control channel accesses Originating call, originating SMS call, terminating call, flash request
Figure 3.4 Authentication Procedures
Several actions may be taken if an MS fails one of the authentication procedures. The MSC or HLR determines the action to take. It could deny access to the mobile (unless the call was an emergency call) or initiate another authentication procedure. The MSC will be informed of failed authentication procedures which it will report to the operator.
3/03802 LZU 108 3827 Rev. A
39
HLR/AC Overview
SSD Update The AC decides when a new SSD is to be calculated. For example, a new subscriber will require a new SSD, or a new SSD could be periodically or manually calculated if fraud is suspected.
Figure 3.5 SSD Update (SSD not shared)
1. 2. 3.
The AC generates a new SSD using CAVE and a random number. The AC forwards the random number (RANDSSD) to the MS. The MS uses CAVE to generate its SSD.
40
3/03802 LZU 108 3827 Rev. A
Base Station Challenge This enables an MS to validate a base station. This protects MSs from attacks by false base stations which could force MSs to send their ESN, MIN and other secret information. A Base Station Challenge is initiated by an MS with each SSD Update and is a continuation of the steps above: 4. 5. 6. 7. 8. MS generates a random number (RANDBS) and sends it to the AC. The MS and AC calculate a result word (AUTHBS). The AC forwards the result of its calculation to the mobile station. The MS compares the AC result its own result. The MS informs the AC of the validity or invalidity of the new SSD.
Figure 3.6 Base Station Challenge (SSD not shared)
3/03802 LZU 108 3827 Rev. A
41
HLR/AC Overview
Global Challenge The Global Challenge procedure authenticates a MS at system access on the analog or digital Control Channel (CC), including at: Registration Call origination on the control channel Call termination on the control channel Mobile originated Short Message Service (SMS) accesses.
The procedure is global because the information used for the challenge is broadcast on the control channel and so can be read by all subscribers.
Figure 3.7 Global Challenge (SSD not shared)
1. 2. 3. 4.
The serving MSC (MSC-V) generates a random number which is continually broadcast on the CC. The MS calculates an authentication result and sends this to the MSC-V along with the rest of the system access data. The authentication result and random number are sent to the AC. The AC calculates its own authentication result using the MIN, ESN, SSD and the random number received from the MSC-V. CAVE calculates the result and compares it to the result received from the MS. If the result matches, then the MS is considered to be authentic. The comparison result is sent to the MSC-V for handling.
5.
If the SSD is shared, then the serving MSC calculates the authentication response and will report any mismatches to the AC.
42
3/03802 LZU 108 3827 Rev. A
Unique Challenge The Unique Challenge procedure authenticates a MS at: Voice channel seizure When ordered by the AC as an extra fraud check (that is, after SSD update, after global challenge) During a call.
The challenge is unique because the random number used for the challenge is generated at each access for a particular MS.
Figure 3.8 Unique Challenge (SSD not shared)
1. 2. 3. 4.
The AC generates a random number which it uses to calculate an authentication result. This result is sent to the MSC-V. The random number is sent to the MS, which it uses to calculate its authentication result. The MS sends the result to the MSC-V which it compares to the AC calculated result. The AC is informed of the comparison result and the appropriate action is taken (if any).
3/03802 LZU 108 3827 Rev. A
43
HLR/AC Overview
3.4.4
Authentication Failure Reporting

Each of the global challenge, unique challenge and SSD update processes have associated outcomes indicating success or failure. While these outcomes are normally recorded, not all are reported; that is not every authentication process outcome is conveyed from the serving MSC to the AC. The factors that can trigger a report are: The nature of the authentication function, that is global challenge, unique challenge or SSD Update The authentication process result, either success or failure The authentication initiator, either the AC or serving MSC The status of the SSD sharing, either shared or not shared.
Figure 3.9 Authentication Failure Reporting
3.4.5
Authentication Statistics
Authentication statistics provide the network administration with information on the operation of authentication procedures. Statistics are maintained for the number of successful and unsuccessful responses to authentication procedures on a per subscriber basis. It is possible to print the authentication failure statistics per subscriber. All the statistics associated with the subscriber are reset when the mobile responds correctly to the SSD Update order. It is also possible to print only those subscribers who have failed authentication procedures a pre-defined number of times.
44
3/03802 LZU 108 3827 Rev. A
3.5 Voice Privacy

Voice Privacy provides subscribers with security when using their mobile phones for business and personal conversations by preventing eavesdropping on a Digital Traffic Channel (DTC). It does this by encrypting the user information (that is, voice or data) that is transmitted over the DTC. This occurs in the MS-BS segment of the connection when requested by the MSC-V. Voice Privacy is authorized for use on a per-subscriber basis, and can be activated on a per-call basis by the subscriber on digital systems supporting authentication. The AC supports voice privacy by supplying encryption data. The mobile station may request activation/deactivation of Voice Privacy using a procedure code during call set-up or in conversation state. If an MS is assigned to an analog voice channel and it requests Voice Privacy, it is subsequently handed-off to a DTC in order to support it. If Voice Privacy cannot be supported for the call, the subscriber can be informed by a tone.
Figure 3.10 Voice Privacy
The information used to encrypt the voice/data is referred to as a mask (VPMASK). This is generated within the Global Challenge procedure and is derived using a random number, SSD and other inputs. If the mobile station is successfully authenticated by the Global Challenge on the control channel, and the subscriber is authorized to use Voice Privacy and has requested it for that call, the VPMASK is applied to the user's voice transmission.
3/03802 LZU 108 3827 Rev. A
45
HLR/AC Overview
3.6 Fraudulent Activity Detection

The Fraudulent Activity Detection (FAD) function is an on-line surveillance characteristic that reports suspected fraudulent events related to both calls and subscription activities. This function enables operators to minimise the fraudulent use of the cellular system. Fraudulent Activity Detection is applicable to all mobile stations and is independent of the authentication capability of the handset. It monitors the activity of subscribers in both the VLR and the HLR for events that may indicate fraud. The FAD function performs the detection of a fraudulent event in the HLR while the MS is in the middle of a call. The network suspects the fraudulent use of an MS when a call access is made while another mobile user with the same MIN is currently in use. This is called a simultaneous call access. Other suspicious events include an MS being on a control channel which does not match the phones capability or where a phone registers before its due time. A simultaneous call access could be caused by: Cloning Tumbling ESN/MIN Hijacking.
A simultaneous call access is investigated in the subscribers HLR and if fraud is identified, the operator is informed.
46
3/03802 LZU 108 3827 Rev. A
3.6.1
FAD Procedure
Figure 3.11 Fraudulent Activity Detection
1. 2. 3. 4.
Registration A mobile subscriber in MSC-B service area registers with the HLR. Fraud suspected The HLR detects that the MSs MIN is currently in use. Fraud verified MSC-A is checked to see if the MS is still on a voice channel. Fraud concluded The MS is marked as busy in the MSC-A, concluding that it is a fraudulent activity as the MS cannot be on a call in two different exchanges at the same time. Fraud reported and logged When a fraudulent event is detected, the elements which could possibly be interpreted as fraud are recorded. The events (ESN, exchange ID, time and activity type) can be sent to an I/O device where a reporting function generates a printout containing the MS identity and a reason code for each event.
5.
3.6.2
Call Barring Upon Fraudulent Activity

An alternative to sending a report to an I/O device is that the HLR can activate the Call Barring Upon Fraudulent Activity Detection feature. This is a fraud prevention tool that allows the automatic barring of originating calls when fraud is detected. Once a phone is barred due to a detected fraud, it can only originate certain types of calls pre-defined in its subscriber type. The operator can determine the FAD events which will be
3/03802 LZU 108 3827 Rev. A
47
HLR/AC Overview
used as triggers for Call Barring Upon FAD and also select the type of subscriber for which Call Barring upon FAD will be activated.
3.7 Serial Number Screening

Because each mobile station's ESN is unique, a screening process can be used to determine if the mobile station can be allowed to access the services provided by the cellular system. This Serial Number Screening feature reduces the number of fraudulent calls, as well as the number of unnecessary location registrations and validation requests processed by a subscriber's home system (that is HLR). The ESN and the MIN are verified before the call is set-up. Both numbers are screened based on their range of possible values.
Figure 3.12 Serial Number Screening
The feature operates as follows in the network nodes: Serving MSC (ESN Validation) At first system access in a visited exchange, the MSC-V checks the format and range of a received ESN and MIN. During subsequent accesses, the ESN and MIN are checked against those stored in the mobile subscriber's record in the HLR. The MSC-V denies access to a subscriber who attempts an access with a ESN that differs to that stored in the subscriber record. Home Location Register (Missing ESN) The HLR will bar a subscriber when there is no ESN previously stored in an HLR by the system operator. This particular function requires the operator to manually enter all valid ESNs into the HLR data. This eliminates fraudulent calls made to or from mobiles.
3/03802 LZU 108 3827 Rev. A
48
3.8 Summary
Authentication counteracts fraudulent methods, such as:
Cloning Duplicating a legitimate MS, including the MIN and ESN. Hijacking Stealing a voice channel from a legitimate subscriber. Tumbling ESN Stepping ESN and MIN ranges until access is gained to the system.
The main security and authentication functions are:
Authentication When performing any access to the system, the MS will send its authentication data. This data, which is independently calculated by the mobile station and the system, will be compared to confirm the MS identity. Voice Privacy The Voice Privacy feature provides a degree of cryptographic protection against eavesdropping on the digital air interface. Call Barring Upon Fraudulent Activity Detection Serial Number Screening.
As part of authentication:
The AC holds secret subscriber data (A-Key and SSD) and is involved in the authentication procedures. The CAVE algorithm uses the A-Key, the ESN and a random number to generate the SSD. When passing authentication information between the AC and MSCs, the SSD is transmitted instead of the A-Key. Authentication procedures are performed for different system accesses. Authentication procedures include:
SSD update Base station challenge Unique challenge Global challenge.
3/03802 LZU 108 3827 Rev. A
49
HLR/AC Overview
50
3/03802 LZU 108 3827 Rev. A
Module 4. OA&M in the HLR/AC
4.1 Introduction
Module Objectives
After completing this module you will be able to: Understand the OA&M model in the HLR/AC Describe the main tasks related to Operation, Administration and Maintenance of the HLR/AC Differentiate between alarms and notifications Understand geographical HLR redundancy. This module outlines the Operation, Administration and Maintenance (OA&M) architecture in the HLR/AC. It explains the standard OA&M modelling concepts and applies them to the HLR/AC implementation. It summarizes some of the typical OA&M activities performed by the operator. It differentiates between alarms and notifications and illustrates some typical alarms in the HLR/AC. A high level description of geographical redundancy is also given and the main actions performed during node recovery.
4/03802 LZU 108 3827 Rev. A
51
HLR/AC Overview
4.2 The OA&M Model Within the HLR/AC

The management of increasingly complex telecommunications networks is heading in the direction of open standards. The HLR/AC offers an OA&M solution using a Telecommunications Management Network (TMN) model and a manager-agent system.
4.2.1
Telecommunications Management Network (TMN)

As networks increase in complexity, so the demands on network management become greater. For many years networks were managed through proprietary protocols. This introduced problems when interconnecting networks. It also meant that different information was required to interrogate equipment on the network; the network operator had to learn a new set of commands for new equipment being added to the network. The trend in network management has moved from proprietary solutions to open system solutions, for example Telecommunications Management Network (TMN). TMN is an ITU-T network management standard for the operation, administration and maintenance of telecommunication networks. It specifies a standard interaction methodology between telecommunications equipment and management operations systems. TMNs architecture is open, and interoperable, and its goal is to provide for solutions that are distributed, object-oriented and off-the-shelf. The intent of TMN is to be able to manage all types of telecommunications networks and network equipment (for example analog networks, digital networks, public networks, private networks, switching systems, transmission systems) as well as telecommunications software and services, along with logical resources of the network such as circuits and paths. The network operator wants to ensure that the network is kept running and with optimal performance, and the device manufacturer wants to ensure that his devices can be managed through whatever protocol is being used on the network.
52
4/03802 LZU 108 3827 Rev. A
Module 4 - OA&M in the HLR/AC
Figure 4.1 TMN and the HLR/AC
A Managed Object View of Node Resources In adherence with the TMN standard, the HLR/AC describes elements using an object model. Objects are software entities that represent entities in the real world, for example, people or computers. The objects may reside on the HLR/AC system itself, for example, a subscriber or a group of subscribers. Or they may live outside the system on the network, for example, other nodes. Objects are called Managed Objects (MOs) because they can be managed, that is created, modified or deleted. Managed Objects are characterised by: Attributes Associations.
Attributes are characteristics of a managed object. For example, a subscriber can be represented as a managed object, the operator enters information about the terminal type of the subscriber as an attribute of the subscriber managed object. Associations represent the relationship between managed objects; they show the other managed objects to which a managed object is logically linked. Associations for the subscriber managed object include the service and location objects. Managed objects can be arranged in a hierarchical manner. For example, the Logical Group managed object represents a group of subscribers on a particular HLR/AC. In a hierarchical structure, the subscriber managed
4/03802 LZU 108 3827 Rev. A
53
HLR/AC Overview
object is placed underneath the Logical Group managed object; subscriber inherits all of the attributes from Logical Group and it also has its own non-inherited attributes. Managed objects can be classified according to their type and functionality into object classes. A managed object class groups together objects which share similar properties. For example, a directory number could be a managed object and a range of reserved directory numbers could be said to be a managed object class containing a number of DNs.
Figure 4.2 Managed Objects
The Graphical User Interface (GUI) for the HLR/AC contains an object browser which enables the operator to manipulate the HLR/AC data in accordance with TMN principles.
4.3 Typical OA&M Tasks

4.3.1 Logical Group
A logical group contains a collection of subscribers. Operators may wish to maintain subscribers in different groups for administrative purposes, for example to produce reports and statistics for different groups of subscribers. One HLR can contain a number of different logical groups and a logical group can contain a number of subscribers.
4.3.2
Group Profile
The group profile contains a set of default features automatically assigned to the subscriber. The operator can group a set of subscriber features
54
4/03802 LZU 108 3827 Rev. A
together into a group profile. This means that the operator can assign subscribers a set of features using the group profile, rather than having to assign each feature individually upon initial creation.
Figure 4.3 Group Profile
The operator can change the service levels for subscriber features held within the subscriber default profile. Changes made to the contents of a subscriber default profile do not affect subscribers whose features were previously defined using the subscriber default profile. When the service level of a subscriber feature is changed, its activity status, if it has one, will remain unchanged. The operator can change the activity status, either active or inactive, of subscriber features held within a group profile. When specifying the subscriber features to be deactivate, the operator can either specify all or some of the specific subscriber features to be deactivated. If the activity of a feature within a subscriber default profile is set to active, but at assignment of the default profile to the subscriber, the necessary supplementary data (for example call forward-to numbers) is not available, the activity is assigned as inactive.
4.3.3
Subscriber Number Administration

Each subscriber is assigned two numbers in the HLR/AC: Directory Number (DN) The subscribers number Mobile Identification Number (MIN) The number to identify the mobile on the radio path.
4/03802 LZU 108 3827 Rev. A
55
HLR/AC Overview
4.3.4
Subscriber Administration
In order to set-up a new subscriber in the HLR/AC, the operator selects the next number from the range of number series and specifies the relevant subscriber data. Subscriber data consists of ESN, DN, MIN and PIN assigned to the subscribers. The operator can assign features to subscribers, specifying the required information for that feature, for example forward-to number.
4.3.5
Peripheral Equipment Gateway Data
Figure 4.4 PEG Data
The Peripheral Equipment Gateway (PEG) is a node in the network which connects the MSCs and HLRs to external equipment, specifically the Voice Mail System (VMS). When the HLR/AC detects that a subscriber has diverted calls to the VMS, the calls are routed via the PEG to the appropriate Voice Mail Box (VMB). In order to assign the voice mail feature to a subscriber, the subscriber must have a PEG and voice mail box number.
4.3.6
Subscriber Activity Report

This function provides the operator with statistics on the subscribers connected to the HLR/AC. The statistics that can be accessed include: Number of subscribers connected to the HLR Number of subscribers connected to the AC.
56
4/03802 LZU 108 3827 Rev. A
4.3.7
Administration of Co-operating Exchanges

A co-operating exchange is an MSC or MC that accesses the HLR/AC for subscriber information. Means are provided to specify, delete and modify co-operating exchange data. The data specifies the following: Exchange identity (Global Exchange Name) Signaling network information Signaling protocol to be used for routing to a destination in the network.
The signaling systems currently supported are the IS-41 MAP protocol via ANSI SS7.
4.3.8
Forward-To Number Analysis

The HLR validates a forward-to number for a subscriber against the forward-to number analysis table specified for that subscriber. The forward-to number is checked against operator specified numbers that cannot be call forward-to numbers e.g. 911, 1800 etc. This validation against the forward-to number analysis table results in a rejection or an approval.
4.3.9
Tables in the HLR/AC

The operator is responsible for setting up and maintaining all information related to the HLR/AC. Some of this information is stored in the format of tables in the database. The operator maintains the following tables in the HLR/AC: Forward-to number analysis table PIC to CIC translation table Procedure code analysis table Announcement code analysis table Restricted digits table Fraud event table Co-operating exchange table.
4.3.10
Alarm Management
The OA&M functionality of the HLR/AC monitors the traffic within the system. The traffic data in the HLR/AC is quite dynamic; the OA&M functionality is periodically refreshed and updated in order to cater for it. Objects within the HLR/AC system can generate alarms or notifications.
4/03802 LZU 108 3827 Rev. A
57
HLR/AC Overview
Figure 4.5 Alarms and Notifications
Alarms The HLR/AC generates an alarm when an error or fault occurs within the system. An alarm alerts the operator, indicating that something out of the ordinary within the system has taken place. An alarm requires human interaction in order to acknowledge or clear it. Each situation outside or within the HLR/AC system that causes meaningful operational disturbance or requires manual intervention generates an alarm. A number of different elements in the HLR/AC can have one or more alarms that it can generate when circumstances warrant. There are various levels of severity associated with alarms which indicate the degree of operator intervention necessary: Warning A warning indicates that a potential fault has been found. Actions should be taken to diagnose and correct the problem, if necessary, in order to prevent it from escalating to a more serious alarm. Minor A minor alarm indicates that a fault has been detected; however, this fault does not interfere with the performance of the HLR/AC. Action should be taken at an appropriate time, preferably within one week. Major A major alarm indicates a condition that affects the service of the HLR/AC and urgent corrective action is required. This might occur
58
4/03802 LZU 108 3827 Rev. A
when there is a severe degradation in the capability of a managed object and its full capability must be restored. HLR/AC Critical A critical alarm indicates a condition that affects the service of the HLR/AC and immediate corrective action is required. This might occur when a managed object becomes totally out of service and its full capability must be restored. Action should be taken immediately, regardless of the time of day when the alarm is generated.
There are a number of possible alarms which can be generated by the HLR/AC: Back-up generation failed Alarm log full A-key timeout Ethernet interface unavailable TelORB file system out of disk space TelORB file system unavailable TelORB processor unavailable.
The HLR/AC logs all alarms and presents them to the user via the Graphical User Interface indicating the probable cause of the alarm and the level of severity. The HLR/AC automatically presents the operator with the relevant procedure in order to resolve the cause of the alarm. Once an operator attends to an alarm the HLR/AC system acknowledges that it is being taken care of. When the operator has resolved the cause of the alarm he/she informs the HLR/AC that it has been cleared. This information is stored and updated in the Live Alarm Display.
4/03802 LZU 108 3827 Rev. A
59
HLR/AC Overview
Figure 4.6 Live Alarm Display
For example, the alarm log may be configured to store a maximum amount of alarms. If the amount of alarms that the HLR/AC wishes to store exceeds the maximum amount of alarms allowed to be stored in the log, the HLR/AC will generate an alarm called Log Full is Halting which is initially ranked as a critical alarm as the HLR/AC cannot log any further alarms. The operator can select to view the appropriate on-line documentation on how to clear the alarm. In this case the operator could delete old alarms to make space for potential new ones. Once the cause of the alarm has been resolved, the alarm is marked as cleared in the Live Alarm Display. Notifications A notification reports the occurrence of a specific event in the system. In general, a notification does not require operator intervention.
60
4/03802 LZU 108 3827 Rev. A
There are a number of possible notifications which can be generated by the HLR/AC for both the alarm log and the notification log: New log created TelORB system reloaded Back-up done.
Figure 4.7 Live Notification Display
The HLR/AC informs the operator via the GUI when a notification has occurred. It is possible to set-up filters where operators can receive only the notifications that they are interested in. The Live Notification Display presents detailed information relating to notifications to the operator. Alarm and Notification Classification There are different types of alarms and notifications: Communication Convey information from one point to another Quality of Service (QoS) Degradation in the QoS Processing A software processing fault Equipment A fault in the equipment Environmental A condition relating to the enclosure in which the equipment resides.
The alarm category indicates the possible personnel categories that should take action, since it indicates the source of the alarm, for example computer equipment, power supply equipment.
4/03802 LZU 108 3827 Rev. A
61
HLR/AC Overview
4.4 Geographical HLR Redundancy

If the HLR/AC becomes inaccessible due to node or link failure then this severely impacts traffic handling in the network, as the HLR/AC is involved in all terminating calls, authentication and some registrations (about 20% registrations involve the HLR/AC). To reduce the impact of losing a HLR/AC the HLR/AC can be deployed in a geographical redundancy configuration. This configuration consists of a mated pair which means that a secondary HLR/AC exists at a different geographical location and contains the same subscriber data as the primary HLR/AC. Each node in the pair contains information on all subscribers and can take over if its mated HLR/AC becomes unavailable.
Figure 4.8 Geographical HLR Redundancy Configuration
One node in the pair is in an active state and the other is in stand-by state. The system is configured so that the primary node always tries to be active and the secondary node stand-by. In normal operation, the active node performs all the usual operations of a HLR/AC, (for example traffic functions and subscriber data changes) and communicates with the MSCs or other nodes in the network, while the stand-by node refreshes its data from the latest dumps received from the active side.
62
4/03802 LZU 108 3827 Rev. A
Three Stages of HLR Redundancy
HL R /A C 1
HL R /A C 2
MSC
MSC
N orm al
HL R /A C 1
HL R /A C 2
MSC
MSC
Failure
HL R /A C 1
HL R /A C 2
MSC
MSC
R ecovery
Figure 4.9 Three Stages of HLR Redundancy
A general overview of how HLR/AC redundancy works can be based on the actions taken by both HLR/ACs during three different stages: 1) Normal Operations Each node checks that its application is executing correctly and that the SS7 interface is active (the SS7 interface connects the HLR/AC to other nodes in the network). An automatic backup is performed regularly in the active node by the schedular process which resides in the I/O system. The schedular compares the backup with the last backup and transfers the difference between the two backups over an Internet connection (TCP/IP) to the I/O system in the stand-by node. The I/O system in the stand-by receives the difference file and performs a reload to update its data. While the reload is being executed the SS7 interface is blocked. The sequence outlined ensures that the stand-by side receives the latest data from the active node and so is relatively up-to-date. 2) HLR/AC Failure If a fault is detected in the active node, then the SS7 interface is blocked so that MSCs will not send traffic to it. The traffic will instead be directed to the stand-by node. The stand-by immediately becomes active and handles all subscriber traffic for the mated pair. It also performs backups which maybe used in the recovery process.
4/03802 LZU 108 3827 Rev. A
63
HLR/AC Overview
3) HLR/AC Recovery Once the failed node becomes active again its SS7 interface will be unblocked and it will receive all the traffic. Prior to becoming active the node may request a backup from the surviving node. This depends on which side has the most up-to-date data. Benefits of HLR Redundancy
Figure 4.10 Benefits of HLR Redundancy
Operators that implement HLR Redundancy in their cellular networks can gain a competitive edge because: The down-time is significantly reduced meaning the In-Service Performance (ISP) is increased The call completion ratio increases generating more revenue The customer is satisfied.
4.4.1
Documentation
The HLR/AC application has on-line hyperlinked documentation including OA&M related information such as: User Guides System Administration Guide Network Administrator Guide Subscriber Support Guide.
Reference Objects List of alarms List of objects List of services.
Third Party Documentation Links to third party documentation.
64
4/03802 LZU 108 3827 Rev. A
4.5 Summary
The HLR/AC adheres to the TMN standard, which is an open standard for the OA&M of communication networks. Entities such as subscribers, services and traffic support tables are defined as managed objects in the system. These have attributes and associations with other managed objects. Objects can be managed (created, deleted, modified) by using the GUI object browser which follows the TMN standard. Typical OA&M tasks include:
Subscriber administration Table administration Alarm management.
The HLR/AC generates an alarm when an error or fault occurs within the system. An alarm usually requires operator intervention. Alarms are assigned different severity levels, warning, minor, major and critical and are displayed in the Live Alarm Display window. Documentation for fixing the alarm can be accessed form this window. Old alarms are stored in an alarm log. The HLR/AC uses notifications to report the occurrence of a specific event in the system. In general, a notification does not require operator intervention. Old notifications can be accessed from the notifications log. Geographical redundancy provides a secondary HLR/AC which can take over if the primary HLR/AC node fails. The primary node generally has an active state which means that is handles traffic while the secondary has a stand-by state, which does not handle traffic. Regular backups are transferred from the active node to refresh the data in the stand-by side. The HLR/AC provides on-line user guides and reference documentation for managing subscribers, traffic tables, alarms etc.
4/03802 LZU 108 3827 Rev. A
65
HLR/AC Overview
66
4/03802 LZU 108 3827 Rev. A
Module 5 - HLR/AC Components
Module 5. HLR/AC Components
5.1 Introduction
Module Objectives
After completing this module you will be able to: Describe the application platform Outline how the HLR/AC communicates according to CORBAcompliant interfaces Explain how TelORB, network signaling support and the OA&M implementation are combined in the HLR/AC List the hardware components of the HLR/AC Identify the application software of the HLR/AC. This HLR/AC Components module takes a look at how the HLR/AC is put together. The modules examines the platform on which the HLR/AC is built. It looks at both the hardware and software that make up this platform, and looks at the communication within and around the platform. This module also summarises the methods for dimensioning an HLR/AC and determining an operators Right To Use the equipment.
5/03802 LZU 108 3827 Rev. A
67
HLR/AC Overview
5.2 HLR/AC
The new HLR/AC provides a combination of availability, reliability, scalability and Internet readiness, which runs on an application platform using commercially available hardware and software. Application platforms of different sizes and configurations are needed to build efficient and manageable network nodes. These platforms must be capable of growing in a flexible manner. To sustain such network growth it must be possible to scale node growth within broad limits, while at the same time, maintaining redundancy, reliability and availability. All this must be achieved in a cost efficient and future-proof manner in order to provide support for the changing needs. The main benefits of the HLR/AC platform are: Cost effective solution Efficient, cost-effective OA&M Minimal system downtime Flexible and future proof architecture Multi-application support.
68
5/03802 LZU 108 3827 Rev. A
5.2.1
Application Platform
The application platform on which the HLR/AC is implemented is Jambala, which consists of the Ericsson TelORB operating system/ middleware and off-the-shelf hardware components. This platform offers an extensive range of features to address the high levels of reliability, redundancy and availability needed for a traffic and memory intensive network node such as the HLR.
Figure 5.1 Jambala Features
Jambalas range of features include: Automatic software error recovery The execution environment provides mechanisms to handle faulty code, incorrect data, and erroneous data that can lead to execution failures. These mechanisms ensure that execution failures are automatically recovered from or terminated without affecting the network node operation. This is achieved by killing individual processes rather than letting them hang. Data fault tolerance and redundancy All data is replicated, so if a processor goes down, all data is accessed from to its replicate. Once the processor is rebooted, all the data is retransferred.
5/03802 LZU 108 3827 Rev. A
69
HLR/AC Overview
On-line backup The HLR data, stored in the database, is log-marked. This means it can be backedup on-line at regular intervals. These backups can be performed automatically by the operating system's backup scheduler or be initiated manually by a system administrator. At backup, application data is copied to disk, where they are sorted into files in a backup archive partition of the file system. The hardware platform configuration is scaled to eliminate the effect of such backups on HLR performance through the use of additional hardware resources.
Adaptive hardware configuration When a processor board is added to the platform, its configuration manager will automatically reallocate its data and processes to the new processor, according to the platform's configuration data. The configuration manager will monitor the platform's processors and trigger the appropriate alarm(s), should a failure occur. It will attempt to recover the processor if a failure is detected. Recovery involves the automatic reloading of the processor data and processes from replicas kept on other processors.
Smooth software upgrade Upgrading software does not require any system downtime. The new version of the software co-exists with the incumbent version during software upgrades. The platform allows for the concurrent execution of both old and new software in the same processor, at the same time. All software processes executed at the time of upgrade, are allowed to continue using the old software, while all new processes are directed to the new software.
N+1 hardware redundancy Redundancy exists in signaling links, ethernet switches, O&M processors and all other hardware. Therefore there is no single point of failure.
Hot swap hardware replacement Hot swap hardware replacement allows for smooth replacement of any hardware component. Hardware can be swapped out without affecting the system and there is no need to power down.
Geographical node redundancy Geographical node redundancy allows a standby HLR/AC node to be deployed in a different area. This node is capable of taking over the HLR/AC functions in the event of an active node failure. This ensures that a node loss have no impact on the overall network performance.
70
5/03802 LZU 108 3827 Rev. A
The following figure shows a block diagram of the different components of the Jambala platform and the applications which it can run.
Figure 5.2 Block Diagram Of Jambalas Components
To communicate with other applications, Jambala can make use of the open CORBA interface to access the Jambala resources and to communicate with the applications running there.
5/03802 LZU 108 3827 Rev. A
71
HLR/AC Overview
5.2.2
Common Object Request Broker Architecture

The Common Object Request Broker Architecture (CORBA) is an open distributed object computing infrastructure, standardized by the Object Management Group (OMG). The HLR/AC uses a CORBA architecture to implement the CMISE manager-agent interface.
Figure 5.3 CORBA Architecture
The core of the CORBA architecture is the real-time Object Request Broker (ORB), that isolates the HLR/AC from the underlying operating system (TelORB) and language dependencies. The ORB acts as the object bus, over which objects transparently interact with other objects located locally or remotely, for example, modifying a subscriber which is represented with the subscriber object. The ORB passes requests from clients to the objects located on the server. The CORBA architecture makes it possible to connect applications, databases, and network elements in a modular way, as long as they are compatible with CORBA. This also means, that if some changes need to be done in any application, database, or network element, CORBA will handle the compatibility adjustments that these changes require. The changes that need to be made, will not affect each and every other module connected to the HLR/AC system, but only the interface to CORBA.
72
5/03802 LZU 108 3827 Rev. A
Remote OA&M on the HLR/AC from OMC
Figure 5.4 Remote and On-site OA&M
The HLR/AC supports an external CORBA interface over an Ethernet connection to the Customer Administration System (CAS). The operations use the CMISE format for customer data administration. CORBA makes it possible to use the Internet/Intranet as a backbone through which customer administration systems can bridge to perform on-line, on-site and remote OA&M operations. This provides operators with a Web-based OA&M solution and the ability to develop and use new OA&M applications.
5/03802 LZU 108 3827 Rev. A
73
HLR/AC Overview
IIO P /G IO P TC P IP SSL E th e rn e t
Figure 5.5 CORBA Stack
There are many different ORB products available from different vendors. This creates the need for ORBs to interoperate. The HLR/AC implements a CORBA stack which supports interoperability. There are several layers in the CORBA stack: GIOP/IIOP TCP/IP SSL Ethernet.
GIOP/IIOP The General Inter-Orb Protocol (GIOP) supports the interoperability of different ORB products. GIOP specifies a set of message formats and common data representations for communications with other ORB-based systems or nodes. GIOP messages are exchanged over TCP/IP networks using Internet Inter-ORB Protocol (IIOP). IIOP is a mapping of GIOP on a TCP/IP connection. IIOP facilitates ORB interoperability across the Internet. IIOP is used as a transport mechanism for CMISE requests. TCP/IP The TCP/IP layer allows messages from the HLR/AC to be routed to data networks.
74
5/03802 LZU 108 3827 Rev. A
Secure Socket Layer (SSL) SSL provides security over the Internet. It supports client and server authentication. Ethernet The Ethernet network transports the TCP/IP data messages to their destination.
5.2.3
TelORB
TelORB is the real-time, distributed, fault tolerant operating system on which the HLR/AC runs. TelORB is an Operating System (OS) that contains many constituent parts and implements many functional capabilities. TelORB is designed to keep the application running through various conditions. A processor may go down, an Ethernet switch may fail, new software may be added, or a new processor maybe added. Throughout all of these conditions, an application running on TelORB will carry on doing whatever it was designed for. TelORB is a distributed operating system, that is, applications run in processes that are not confined to one TelORB processor. The application can be distributed across a number of processors. This distribution is transparent to the applications. The TelORB operating system is object-oriented in design and implementation. Not only is the Operating System itself object oriented, but it is designed to run programs that are written in an object oriented language. TelORB includes an Object Request Broker (ORB) which provides a standard communication protocol to communicate information within the system. Using CORBA (the Common Object Request Broker Architecture), TelORB can distribute information to other ORBs running on different machines and systems (TelORB and non-TelORB based). The TelORB OS or Kernel, runs on the processors as shown in the following figure.
5/03802 LZU 108 3827 Rev. A
75
HLR/AC Overview
Figure 5.6 TelORB Operating System
Processor The processor is responsible for handling and processing all the traffic information. This includes storing some subscriber data from the database on each processor, making the database distributed. Kernel The kernels distribute the core operating system across all the processors. The single kernel that exists on a TelORB processor, provides the management of processes, memory, scheduling and so on. For this, the kernels adapt the timers, interrupts and other facilities provided by the processors. Communication Layer The Communication Layer of TelORB connects the different processors to each other. Database Layer The Database Layer provides access to the database. The TelORB database is a distributed, object oriented database. For quick access, data is stored in main memory ensuring high availability is obtained by utilizing replication, that is, the objects in the database are configured to reside in more than one processor. If a processor returns from a reload or repair situation, it will synchronize its database contents with the rest of the system. Backups are made at regualr intervals (or at operator requests) and in the case of a complete system crash can be reloaded.
76
5/03802 LZU 108 3827 Rev. A
Software Management Layer The Software Management Layer handles the configuration of the executing software, so that it runs on the designated processors according to the designed distribution scheme. The Software Management Layer also performs the upgrade of software in a running system without any disturbance. O&M The O&M environment runs mainly in the Software Management layer. The O&M tasks are run on a UNIX-based element manager which is used to manipulate all the managed objects in the Operating System. CORBA ORB The CORBA ORB is included to allow the TelORB based system to communicate with other systems, including the graphical user interfaces which are used to manage the system.
5/03802 LZU 108 3827 Rev. A
77
HLR/AC Overview
5.2.4
Network Signaling
Network Signaling is performed by an SS7 Stack. Two stacks are provided for redundancy. Each stack consists of an SS7 Processor and compact PCI cards which terminate the SS7 Signaling Links. Each stack handles traffic with one stack operating as an overall controller. In the event of a stack failure, the other stack can take over all traffic and control functions. The SS7 processors, which are processors outside the TelORB system, control the compact PCI cards. They are connected to internal Ethernet so that they can communicate with the TelORB processors and with each other using TCP/IP. The SS7 stacks are implemented by these processors. The SS7 stack sends the incoming IS-41 MAP messages to one TelORB processor (one TelORB processor each time, in round robin rotation). This TelORB processor, using the MIN as a distibution key, distibutes the message to a traffic process on the TelORB processor where the requested instance of the subscriber data is stored. Associated with each SS7 processor is a Link Controller. This link contoller monitors the state of the SS7 stack and activates or deactivates a link when necessary. The Link Controller is used by the Geographical Redundancy feature.
Figure 5.7 SS7 Stacks
78
5/03802 LZU 108 3827 Rev. A
5.2.5
OA&M
The Operation, Administration and Maintenance object provides the User Interface to operate and maintain the HLR/AC. The OA&M allows access to subscriber data, network data, number analysis trees, access privileges, as well as event recording and alarm handling, while isolating clients from the database. The overall O&M architecture is composed of three layers:
Figure 5.8 OA&M Architecture
Traffic Database DBN The traffic database contains objects that define subscribers, services, network elements, number analysis trees and other information needed by the HLR in its normal operation. Database Abstraction Layer The Database Abstraction Layer consists of a set of Interface Definition Language (IDL) interfaces that provide access to traffic objects (subscriber data, network element data, number analysis trees). This layer also includes an event service mechanism, that allows processes on the traffic system to report events to the OA&M system. The Database Abstraction layer isolates the OA&M from the implementation of the Traffic Database DBN.
5/03802 LZU 108 3827 Rev. A
79
HLR/AC Overview
OA&M Service Layer The OA&M Service Layer includes services that provide access to the objects of the Database Abstraction Layer. Other services manipulate objects in the OA&M layer itself, including data kept in persistent storage on the I/O processor. These include Event recording, Alarm Handling, management of users and access privileges. Client Application Interface All access to the OA&M services goes through a CORBA-based Application Programming Interface (API) that isolates clients from the OA&M implementation. Local User Interface The LUI is a Local User Interface that provides access to the system and application management aspects of the OA&M Services. The LUI also provides the functionality to perform subscriber administration. One or more instances of the LUI may execute simultaneously on the I/O processor or on other systems, through network connections.
5.3 HLR/AC Components

The HLR/AC is made up of the following components: HLR/AC Application Software Application Platform Software and Hardware.
80
5/03802 LZU 108 3827 Rev. A
5.3.1
Application Platform Hardware
Figure 5.9 Application Platform Hardware
5/03802 LZU 108 3827 Rev. A
81
HLR/AC Overview
The application platform hardware is made up of the following components: Terminal Server 1 x Terminal Server - This allows local workstations connect into the Input/Output (I/O) system, to display console information that TelORB may provide. This information would be processor state changes or boot-up cycle stage etc. Ethernet Switches 2 x Ethernet Switches - There are two identical 100 Mbps Ethernet switches (one for redundancy) in the cabinet, each of which is connected to an Ethernet board in each TelORB processor. Each set of switches, cables, and Ethernet boards form an Ethernet interface. Theres a total of 16 ports, which allows up to 8 dual processor connections. The Ethernet switches are used to transport messages across a data network, for example, the Internet and transport messages internally, for example, between TelORB processors. This allows the HLR/AC to be managed remotely via the Internet. Input/Output 2 * UltraSPARC 300 MHz Processors - two I/O processors, one for redundancy, both operating in master slave format. CD ROM Drive 1 x CD ROM Drive - for input purposes, for example, initial loading. Tape Drive 1 x 40 Gbyte Tape Drive - for input/ouput purposes, for example, backups. Hard Drives 2 x 9.2 Gbyte Hard Drives - for backup and to store all the executable units for startup. Central Processor Unit 7 x PCI Boards - 200 MHz Pentium Peripheral Component Interconnect (PCI) boards with 512 Mbytes RAM (7 x 512 = 3584 MBytes RAM). The PCI boards, which are the TelORB processors, are contained in a compact PCI card cage with 7 slots (maximum number of TelORB processors per cabinet). Power Supply The Power Supply input to the cabinet is 48 Volts. Different hardware require different voltages and this power supply is capable of supplying 3.3 Volts, 5 Volts or 12 Volts of power.
82
5/03802 LZU 108 3827 Rev. A
Signaling Processors 2 x SS7 Processors, which execute the SS7 protocol stack on a Unix Sun Solaris platform and also have connections to the outside world.
Signaling Cards 8 x compact PCI Signaling Cards - 4 per stack. Each card has a T1/ E1 connection, where 4/8 channels can be used from each T1/E1 link.
Inverter 2 x Inverter - The inverter stablises the power supply signal and converts the signal to the appropriate power for each hardware unit.
Cabinet 1 x BYB 501 cabinet - Standard Ericsson Cabinet which uses forced air ventilation, allowing heat dissipation through the doors and out the top of the cabinet
All the hardware is front panel accessible, which makes it easy for maintenance and replacement, if the need arises. All the metering and status information is on the front in full view, giving immediate visual status of each hardware component in the HLR/AC.
5.3.2
HLR/AC Application Software

Product Structure of the HLR/AC
Figure 5.10 Product Structure of the HLR/AC
5/03802 LZU 108 3827 Rev. A
83
HLR/AC Overview
Software Product Structure of the HLR Subsystem
Figure 5.11 HLR Software Product Structure
The Home Location Register Software is split up into seventeen blocks, which implement all of the features and operations supported by the HLR in accordance with IS-41. LOCREQ - Location Request The Location Request operation block, provides the routing information used by the MSC-G to set-up a call to a mobile subscriber, located in the MSC-V. REGNOT - Registration Notification The Registration Notification operation block is used to report the location of a mobile station, validate the mobile station and obtain its profile. FEATREQ - Feature Request The Feature Request operation block is used to request featurerelated treatment on behalf of a registered MS. TRANTONUM - Transfer To Number Request The TransferToNumber Request block is used during feature processing, to obtain an MSs forward-to number from the HLR. RESTRICTSERVICE - Restrict Service The Restrict Service operation block is used to request a change of the subscriber profile.
84
5/03802 LZU 108 3827 Rev. A
QUALDIR - Qualification Directive The Qualification Directive block is used to notify a subscribers temporary location, or their last registered location, of updates to the subscription profile.
QUALREQ - Qualification Request The Qualification Request block is used to request validation of an MS, to request a profile for an MS, or both.
MSINACTIVE - Mobile Station Inactive The MSInactive operation block is used by the serving MSC, to notify the HLR of the inactivity of an MSs registration and optionally the cancellation of an MSs registration.
SERVREPLY - Service Reply The Service Reply service block is used to acknowledge the result of delivery of the announcement of messages waiting by the MSC, for the Message Waiting Service (MWI). The Message Waiting Announcement indicator for the subscriber is then set accordingly.
REGCAN - Registration Cancellation The REGCAN block is used to manually override a subscriber's location. Block REGCAN handles the cancellation of a subscriber from the cooperating exchange, stored as the subscribers stored location.
UNRELROAMDATADIR - Unreliable Roamer Data Directive This block sends the Unreliable Roamer Data Directive message when the subscriber data may not be fully up to date, for example after node redundancy.
HLRAUTHDIR - Authentication Directive The Authentication Directive operation block is used to request modification of an MSs authentication parameters.
PERIFNOT - Peripheral Equipment Information Notification The Peripheral Equipment Information Notification block is used to notify the change of Message Waiting status in the subscribers voice mail-box.
PROFREQ - Service Profile Request The Service Profile Request block is used to request a profile for an MS.
SMSREQ - SMS Request The SMS Request Invoke message block is used to verify the status of a mobile station in order to deliver an SMS message.
5/03802 LZU 108 3827 Rev. A
85
HLR/AC Overview
HLRAUTHREQ - HLR Authentication Request The HLR Authentication Request operation block is used to request authentication of an authentication-capable MS.
HLRGENERICAUTH - HLR Generic Authentication The HLRGENERICAUTH block handles the operation to report a security event associated with an MS, to report authentication failures detected by the MSC, or the VLR and to request a response to a Base Station Challenge Order received from an MS.
86
5/03802 LZU 108 3827 Rev. A
Software Product Structure of the AC Subsystem
Figure 5.12 AC Software Product Structure
The Authentication Center software is split up into seven blocks, which implement authentication operations handled by the AC. AUTHREQ - Authentication Request The Authentication Request operation block is used to request authentication of an authentication capable MS. BSCHALL - Base Station Challenge The Base Station Challenge operation block is used to request a response to a Base Station Challenge order received from an MS. AUTHSCHED - Authentication Scheduler The Authentication Scheduler block checks for A-Key time out and if it is time for an SSD update. ASREPORT - Authentication Status Report The Authentication Status Report operation block is used to report a security event associated with an MS and the results of an AC-initiated action. AFREPORT - Authentication Failure Report The Authentication Failure Report operation block is used to report on an authentication failure for a mobile station.
5/03802 LZU 108 3827 Rev. A
87
HLR/AC Overview
DBAACDATA - DBN Access to Authentication Center Data The DBN Access to Authentication Center Data block provides access to the Authentication center database for operation and maintenance functions.
AUTHDIR - Authentication Directive The Authentication Directive operation block is used to request modification of an MSs authentication parameters.
5.3.3
Example of an Incoming Message

This example describes what happens when an invoke message is received and a result message is returned. The incoming invoke message could be a Location Request message, Authentication Request message etc. but in this example, a Registration Notification message is used.
Figure 5.13 Incoming Message
1. 2. 3.
The MS sends a Registration Access message to the seving MSC. The serving MSC does not find the subscriber record in the VLR and sends a Registration Notification message to the HLR. The HLR receives the IS-41 message through the SS7 processor and the SS7 stack distributes the message to a TelORB processor over a TCP/IP link. In TelORB, the MIN is used to decide which processor deals with the message.
4.
88
5/03802 LZU 108 3827 Rev. A
5. 6. 7. 8. 9.
This TelORB processor intereacts with many HLR software blocks, but essentially block REGNOT. Block REGNOT analyses the signal data. Block REGNOT requests the subscriber data from the DBN using the Database Abstraction Layer. The subscriber data is returned. Block REGNOT verifies that the MS is not registered elsewhere. Then REGNOT sets the subscriber state to active, sets the location data to the new serving MSCID and stores this subscriber data in the DBN. The Registration Notification Return Result message and data are sent to the TelORB processor. The Registration Notification Return Result message and data are sent via a TCP/IP link to the SS7 processor. The subscriber data is sent to the serving MSC in the Registration Notification Return Result message and stored in the VLR.
10. 11. 12.
5/03802 LZU 108 3827 Rev. A
89
HLR/AC Overview
5.4 Dimensioning the HLR/AC

The scalability of memory and signaling links offered by the new platform, provide operators with the flexibility to dimension the HLR/AC to match both the subscriber and traffic levels needed within their mobile networks.
5.4.1
Dimension the HLR/AC Traffic Intensity

The purpose of dimensioning the HLR/AC traffic intensity is to determine the number of Transactions Per Second (TPS) needed to be carried out by the HLR/AC, to provide a service without interruption or delay. TPS are the amount of transactions an HLR/AC can complete per second. The following are the factors which influence the dimensioning of the HLR/AC traffic intensity: Number of connected HLR subscribers Percentage of connected HLR subscribers active TPS generated due to authentication, per number of active subscribers TPS generated due to call delivery, per number of active subscribers TPS generated due to power down registration or inactive detection, per number of active subscribers TPS generated due to registration or registration cancellation, per number of active subscribers TPS generated due to other requests (for example, call forwarding or subscriber feature modifications), per number of active subscribers.
Messages sent to and from the HLR/AC, have a large influence on the number of TPS dimensioned for traffic intensity. In order to determine the appropriate TPS required per HLR, the operator examines the number of message traffic to/from the HLR/AC. The following are the normal default message percentages used in the TPS calulations: Messages Registration Handling Call Delivery Handling Inactivity Handling Authentication Handling Remainder Percentage 55 % 20 % 13 % 7% 5%
By using the dimensioning parameters described above, the theoretical Transaction Per Second value can be caluclated.
90
5/03802 LZU 108 3827 Rev. A
In order to account for busy peak hours, the actual TPS required should be 130% to 140% of the theorectical value. An average HLR/AC with 50,000 subscribers may require 15 Transactions Per Second, to provide a service without interruption or delay.
5.4.2
Dimension the HLR/AC Subscriber Database Size

The purpose of dimensioning the HLR/AC Subscriber Database, is to determine the size of the database needed for the number of subscribers connected to the HLR/AC. All subscriber information is kept in active memory, and some information is replicated on different processors. The scope of the estimation includes the data elements associated with the HLR/AC functionality. These include: Subscriber Data and Profile Table Call Forward-to Number Analysis Table Procedure Code Analysis Table Fraud Event Analysis Table Carrier Identification Code (CIC) to Preferred Interexchange Carrier (PIC) Translation Table Announcement Code Analysis Table Restriction Digits Group Table.
5/03802 LZU 108 3827 Rev. A
91
HLR/AC Overview
To calculate the memory allocation of the HLR/AC subscriber database, needed for an average HLR/AC, an estimate of the size of a single entry in the relevant HLR/AC table and the number of entries to be stored in any table must be all be considered. The following table shows the estimation of the size of a single entry in each HLR/AC table: Value (in bytes) 360 125 266 145 124 124 144 155 180
HLR/AC Table Entries Size for 1 HLR subscriber record with no profile information Average size for each HLR service in the profile Size for 1 HLR CIC and PIC record entry Size for 1 call forward-to number analysis record entry, for one origin for call forward-to number analysis Size for 1 fraud event analysis record entry Record size for each service that requires one or more announcements Size for 1 announcement record entry Size for 1 restriction digits group record entry Size for 1 procedure code analysis record entry, for one procedure code analysis origin
The above estimated entry values coupled with the estimated number of subscribers, make up the HLR/AC Database Memory Allocation. This allocation is measured in Mega Bytes (Mbytes).
92
5/03802 LZU 108 3827 Rev. A
5.5 HLR and Middleware Right-To-Use

The sales object structure is based on a minimum configuration that is expandable to fit individual customer needs. HLR RTU The Home Location Register Right-To-Use (RTU) supports a minimum block of 50,000 subscribers on its application. The HLR RTU also provides support to blocks of 50,000 of additional HLR subscribers beyond the original 50,000 subscribers. MW RTU The Middleware (MW) Right-To-Use contains the TelORB operating system, OA&M functionality etc. It will support a minimum amount of 15 Transactions Per Second (TPS) capacity. The MW RTU also provides additional Transaction Per Second capacity beyond the original 15 tps.
5/03802 LZU 108 3827 Rev. A
93
HLR/AC Overview
5.6 Summary
The following are the main points covered in the lesson: The application platform used is Jambala The operating system used is TelORB The network signaling is performed by SS7 Processors The hardware components include:
1 x terminal server 2 x 100 Mbps Ethernet switches 2 x I/O UltraSPARC 300 MHz processors 1 x CD ROM drive 1 x 40 Gbyte tape drive 2 x 9.2 Gbyte hard drives 7 x 200 MHz Pentium PCI boards with 512 Mbytes RAM 3.3V / 5V / 12V power supply 2 x SS7 processors 4 x signaling cards 2 x inverter 1 x BYB 501 cabinet.
The Software Product structure comprises of:
The HLR subsystem of 17 blocks The AC subsystem of 7 blocks.
The HLR/AC can be dimensioned to match the subscriber and traffic intensity levels within an operators mobile network. To operate the HLR/AC an operator must have HLR and MW RTU.
94
5/03802 LZU 108 3827 Rev. A
Module 6. HLR Subscriber Features
6.1 Introduction
Module Objectives
After completing this module you will be able to: Identify the most common subscriber features supported by the HLR. The HLR supports a wide range of features designed to provide the subscriber with maximum control with respect to accessibility and cost and the operator with a high-performance system and a set of competitive features to offer subscribers. This module summarizes the main subscriber features supported by the HLR.
6/03802 LZU 108 3827 Rev. A
95
HLR/AC Overview
6.2 Calling Number Identification (CNI)

The calling number identification feature provides a subscriber with the possibility to view the number of a calling party before accepting or rejecting the call. This enables the subscriber to decide whether to accept the call immediately or note the number for future use. There are three features associated with CNI: CNI Presentation (CNIP) This feature displays the A-number on the mobile station screen. CNI Presentation Restriction (CNIR) This feature overrides the CNIP feature and prevents a subscribers number from being presented on another subscribers phone. CNI Presentation Restriction Override (CNIROR) This feature overrides the CNIR feature to ensure that the A-number is displayed regardless of the A-subscribers preferences.
Figure 6.1 Calling Number Identification
96
6/03802 LZU 108 3827 Rev. A
Module 6 - HLR Subscriber Features
6.3 Enquiry Call (ENQ)

The enquiry call feature allows the subscriber to perform various activities, called enquiries, while on a call. It has a number of different service levels which differentiate between the capabilities of the enquiry call feature. With the most basic service level for example, a subscriber can put a called party on hold and make an enquiry call to a third party. This is normally achieved by pressing a pre-defined button on the mobile station and dialing the number of the third party. While in speech with the new third party, the calling subscriber can swap between the initial called party and the third party. Variations on the service levels inlcude the ability to transfer a current call to another subscriber or terminal, and the establishment of conference calls.
6.4 Group 3 Fax (G3FAX)

The group 3 fax feature enables a mobile subscriber to use their mobile number for receiving faxes. If an incoming call is identified as a fax call, the call is routed to a subscriber-identified fax machine.
6.5 Malicious Call Tracing (MCT)

If the malicious call tracing feature is activated by a subscriber directly after a call, the mobile network will trace the call to determine its origin. The result of the trace is normally printed or stored in the cellular network operators premises for future use.
6.6 Mobile Priority Subscriber (MPS)

If a subscriber uses the mobile priority subscriber feature, calls from that subscriber are assigned an increased level of priority. This ensures that under circumstances such as emergencies, such subscribers are given priority over other subscribers and their calls will be handled by the mobile network first.
6.7 Asynchronous Data (ADS)

The asynchronous data feature enables a subscriber to send and receive circuit-switched data to and from their mobile station. For example, with this feature a mobile subscriber could send files from their computer to another data terminal via the mobile station. This feature is supported by data privacy encryption to ensure a higher level of data protection.
6/03802 LZU 108 3827 Rev. A
97
HLR/AC Overview
6.8 Call Waiting (CAW)

The call waiting feature alerts a mobile subscriber that a call is waiting while he/she is already on a call. The subscriber may choose to perform one of the following options: Ignore the new call Terminate the call in progress and initiate the new call Alternate between calls by putting the other call on hold.
6.9 Mobile Charging Area (MCA)

The mobile charging area feature enables a mobile network operator to offer flexible charging for subscribers. Subscribers could be offered lower tariff rates in a certain area and a higher rate when outside this area. A tone notification will be sent to the subscriber each time they initiate a call outside the lower tariff area.
Figure 6.2 Mobile Charging Area
This is very useful, for example, for commuting subscribers who wish to pay less while at home or at work and are prepared to pay higher tariffs when outside those areas. Similarly, business subscribers could pay tariffs comparable with wireline services while at work and normal tariffs outside of the work area. Lower and higher tariff areas are defined on a cell-by-cell basis. Each area may consist of many cells. The HLR/AC stores the low and high charging areas for each subscriber.
6.10 Short Message Service (SMS)

The short message service enables a subscriber to send and receive short, alphanumeric text messages to and from other terminals. The maximum length of the message is 239 characters. If the subscriber is not active, the message will be stored in the MC until the intended recipient is available.
98
6/03802 LZU 108 3827 Rev. A
6.11 Call Forwarding

The call forwarding feature enables a subscriber to forward calls to another number, known as a forward-to number. The forward-to number may be any subscriber number in either a PLMN or PSTN. The reasons for forwarding a call are outlined below, under call forwarding types.
6.11.1
Call Forwarding Types

There are three call forwarding types: immediate, busy, and not reachable. Any of these call forwarding types can be subscriber-activated. Immediate Call Forwarding If this feature is active for a subscriber, then it is triggered unconditionally at each and every call delivery. Busy Call Forwarding If this feature is active for a subscriber, then it is triggered at the time a call is being delivered, when a subscriber is busy in a two-party call and has no active call waiting (CAW) feature. Not Reachable Call Forwarding In mobile telephony a subscriber may not be reachable under three different circumstances: a) Inactive At the time a call is being delivered, the subscriber record in the HLR or in the VLR is marked inactive. No page response The MS fails to answer the page attempts within the paging times during call delivery. No answer A call is delivered to the subscriber, the MS rings, but the subscriber does not answer before timeout of the not reachable call forwarding timer.
b)
c)
6/03802 LZU 108 3827 Rev. A
99
HLR/AC Overview
6.11.2
Busy Call Forwarding
Figure 6.3 Busy Call Forwarding
The involvement of the HLR/AC in an example where a subscriber has the busy call forwarding feature active is described below. 1. 2. 3. 4. 5. A mobile terminating call arrives at the HLR/AC (from the MSC-G). The HLR/AC checks the mobile subscribers profile to determine the location of the subscriber. The HLR/AC requests the subscribers current activity status from the serving MSC, that is busy or idle. The serving MSC indicates that the called party is busy. The HLR/AC checks the subscribers profile for any possible required actions when the subscriber is busy and finds that the busy call forwarding feature is active. The HLR/AC provides the gateway MSC with the subscribers forward-to number. The gateway MSC routes the call using the forward-to number.
6. 7.
100
6/03802 LZU 108 3827 Rev. A
6.11.3
Call Forwarding Variations

Three call forwarding variations are associated with the call forwarding. Variable Variable has the highest priority of the three call forwarding variations. In other words, if it is active, it is used. Variable means that the subscriber can set and change the call forward-to number and the activity state through service calls. Voice Mail Voice mail is the second highest in priority among the variations. Voice mail is used to forward a call to voice mail, using an auxiliary DN, to deliver the call to the MSC which has the VMS (Voice Mail System) connected to it. The call forward-to number and activity state can only be controlled by the HLR operator. Fixed Fixed is the lowest priority call forwarding variation. It is only used if it is active and the other two variatons are not available. Fixed means that the call forward-to number can only be set by the HLR operator. The activity state can be controlled by the subscriber through service calls.
Therefore, there can be several call forwarding features depending on the combination of call forwarding type and the call forwarding variation. Each call forward feature has a forward-to number and an activity state. The activity state determines whether or not the feature is active.
6/03802 LZU 108 3827 Rev. A
101
HLR/AC Overview
Call Forwarding Voice Mail The call forwarding voice mail feature provides a subscriber with a voice mailbox and enables a subscriber to route calls to that mailbox under subscriber-defined conditions. Examples of such conditions include: busy (VMB), not reachable (VMN) or immediate (VMT). This feature operates in a similar manner to the busy call forwarding feature in that the HLR indicates a forward-to number to the MSC-G. The difference is that the forward-to number identifies a voice mailbox and not a subscriber. For each subscriber with this feature, a PEG is identified in the HLR/AC, along with the subscribers mailbox number and PIN code.
Figure 6.4 Call Forwarding Voice Mail
The HLR is informed of any subscriber-activated updates to the voice mail profile that may be made during a call to a mailbox, for example deleting voice mail messages.
6.11.4
Forward-to Number Provision

Forward-to numbers are alternate DNs used for routing of calls if a subscriber has certain subscriber features activated indicating that calls should be diverted. In order to provide control over what forward-to number subscribers are allowed to have, the forward-to number analysis table is used to validate a forward-to number specified by the subscriber.
102
6/03802 LZU 108 3827 Rev. A
6.12 Immediate Charging (ISE)

The immediate charging feature provides detailed information for a call immediately after call termination. Immediate charging only provides information about the call and not the price of the call. The output for that call can be sent to a pre-defined terminal (for example a fax machine). For example, a car rental company may provide rental mobile phones with their cars, and could use this feature to retrieve charging information about calls to/from their rental phones.
Figure 6.5 Immediate Charging
When a mobile terminating call arrives at the HLR (from the MSC-G) the HLR checks the mobile subscribers feature profile to determine whether the subscriber has the ISE feature activated. If so, the HLR informs the MSC-G of this and identifies the terminal to which the charging information must be delivered. At the end of the call, the MSC-G will send charging information about the call to the identified terminal.
6/03802 LZU 108 3827 Rev. A
103
HLR/AC Overview
6.13 Message Waiting Indication (MWI)

The message waiting indication feature provides a subscriber with an indication that there are new voice mail messages waiting to be listened to. This means that subscribers are promptly informed of any new voice mail messages and also avoid unnecessary calls to check for new voice mail messages. The indication provided can be in the form of a tone, an announcement or a short message sent to the mobile station.
Figure 6.6 Message Waiting Indication
When a subscriber has received a voice mail message, the MC informs the HLR that voice messages are waiting to be delivered to the subscriber. If the subscriber has the MWI feature, the next time the subscriber becomes available to receive voice mail messages, the HLR sends a signal to the MSC-V to inform it to provide a message waiting indication to the subscriber.
6.14 Do Not Disturb (DDB)

The do not disturb feature enables a subscriber to specify that calls to them should be routed to a special announcement stating that they do not wish to be disturbed. When a mobile terminating call arrives at the HLR (from the MSC-G) the HLR checks the mobile subscribers feature profile to determine whether the subscriber has the DDB feature activated. If so, the HLR informs the MSC-G of this and the MSC-G routes the call to an announcement machine which contains the do not disturb announcement.
104
6/03802 LZU 108 3827 Rev. A
6.15 Absent Subscriber

The absent subscriber feature allows all incoming calls to be diverted to a message, tone or other termination for a specific period of time. This feature can be controlled by the operator (ASU) or by the subscriber (CCA). This feature is useful for subscribers who do not wish to receive calls while on vacation, for example.
Figure 6.7 Absent Subscriber
The operation of this feature is similar to that for the do not disturb feature. When a mobile terminating call arrives at the HLR (from the MSC-G) the HLR checks the mobile subscribers feature profile to determine whether the subscriber has the absent subscriber feature activated. If so, the HLR informs the MSC-G of this and the MSC-G routes the call to an announcement or tone generation machine which contains the appropriate absent subscriber indication.
6/03802 LZU 108 3827 Rev. A
105
HLR/AC Overview
6.16 Summary
The HLR supports a wide range of subscriber features. Some of the most common features which are supported include:
Enquiry Call Calling Number Identification Group 3 Fax Malicious Call Tracing Mobile Priority Subscriber Asynchronous Data Call Waiting Mobile Charging Area Short Message Service Call Forwarding Immediate Charging Message Waiting Indication Do Not Disturb Absent Subscriber.
106
6/03802 LZU 108 3827 Rev. A
List of Abbreviations and Acronyms
A
AC ..................................................................... Authentication Center AIN....................................................... Advanced Intelligent Network AMPS ............................................... Advanced Mobile Phone System ANSI........................................ American National Standards Institute API ...............................................Application Programming Interface ASN.1........................................................ Abstract Syntax Notation.1 ASCII ..............American Standard Code for Information Interchange
B
BS ......................................................................................Base Station BSCHALL....................................................... Base Station Challenge
C
C7 ........................................................................................... CCITT 7 CAC......................................................................Carrier Access Code CAS ................................................. Customer Administration System CAVE........................... Cellular Authentication and Voice Encryption CCITT ..................Comit Consultatlif International Tlgraphique et .........................................................................................Tlphonique CC............................................................................... Control Channel CCS ......................................................... Common Channel Signaling CCM .................................................................Control Channel Mode CFB ................................................................... Call Forwarding Busy CFNA .........................................................Call Forwarding No Reply CFNRV........................................Call Forwarding No Reply, Variable CFU .................................................... Call Forwarding Unconditional
7/03802 LZU 108 3827 Rev. A
107
HLR/AC Overview
CFUF ....................................... Call Forwarding Unconditional, Fixed CFUV .................................. Call Forwarding Unconditional, Variable CIC ............................................................ Carrier Identification Code CLIP ...................................... Calling Line Identification Presentation CLIR........................................ Calling Line Identification Restriction CMIP ............................. Common Management Information Protocol CMIS ...............................Common Management Information Service CMISE.............. Common Management Information Service Element COLP................................ Connected Line Identification Presentation COLR ................................. Connected Line Identification Restriction CORBA ....................... Common Object Request Broker Architecture CPU ................................................................ Central Processing Unit CW ................................................................................... Call Waiting
D
D-AMPS............................... Digital Advanced Mobile Phone System DCCH............................................................. Digital Control Channel DMH................................................................. Data Message Handler DN ........................................................................... Directory Number DPC ................................................................. Destination Point Code DTC................................................................. Digital Traffic Channel
E
EC............................................................................... Echo Cancellors ECDH .................................................Echo Cancellor Device Handler EIA ..................................................... Electronic Industry Association ESN ............................................................ Electronic Serical Number ETSI ..................... European Telecommunications Standards Institute
F
FCC ......................................... Federal Communications Commission
108
7/03802 LZU 108 3827 Rev. A
G
GB..................................Gigabyte (230 bytes or 1,073,741,800 bytes) GIOP........................................................ General Inter-ORB Protocol GT...................................................................................... Global Title GUI ................................................................ Graphical User Interface
H
HLR ............................................................... Home Location Register HTML................................................... Hyper Text Markup Language HW ........................................................................................Hardware
I
IC ....................................................................... Interexchange Carrier IDL ....................................................... Interface Definition Language IIOP ......................................................... Internet Inter-ORB Protocol ILR...................................................... Interworking Location Register IMSI......................................International Mobile Subscriber Identity IN.......................................................................... Intelligent Network INAP...........................................Intelligent Network Application Part I/O.....................................................................................Input/Output IP................................................................................ Internet Protocol ISDN............................................Integrated Services Digital Network ISO..............................................International Standards Organisation ISP ...................................................................In Service Performance ISUP ............................Integrated Services Digital Network User Part IS-41 ..................................................................... Interim Standard 41 ITU ......................................International Telecommunications Union ITU-7 .......................................................ITU Signaling System No. 7
K
Kbs......................................................................... Kilobits per second
7/03802 LZU 108 3827 Rev. A
109
HLR/AC Overview
L
LA...................................................................................Location Area LATA ............................................... Local Access and Transport Area LNP ..............................................................Local Number Portability LOCID..................................................... Location Area Identification LRN............................................................ Location Routing Number LUI .......................................................................Local User Interface
M
MAP ...............................................................Mobile Application Part MATS ............................................ Multiple Access Time Supervision MB........................................Megabyte (220 bytes = 1,048,576 bytes) MBPS ................................................................ Mega Bits Per Second MC............................................................................... Message Center MF .....................................................................Management Function MHz.......................................................Megahertz (one million hertz) MIB ..................................................... Management Information Base MIN ...................................................... Mobile Identification Number MML ............................................................. Man-Machine Language MO ............................................................................. Managed Object MS .................................................................................Mobile Station MSC ............................................................. Mobile Switching Center MSCID ...................................Mobile Switching Center Identification MSC-G ......................................... Gateway Mobile Switching Center MSC-V ............................................. Visited Mobile Switching Center MTP...................................................................Message Transfer Part MW.................................................................................... Middleware
N
NPA ....................................................................Numbering Plan Area NPDB ................................................... Number Portability Databases
110
7/03802 LZU 108 3827 Rev. A
NSP..................................................................... Network Service Part
O
OA&M......................... Operation Administration and Administration OATS ..................................................Over the Air Activation System OMC ............................................. Operation and Maintenance Center OMG..........................................................Object Management Group OPC ................................................................. Originating Point Code ORB..................................................................Object Request Broker OSI....................................................... Open Systems Interconnection O&M....................................................... Operations and Maintenance
P
PA ......................................................................................Paging Area PCI ............................................... Peripheral Component Interconnect PCM.................................................................Pulse Code Modulation PCS ...............................................Personal Communications Services PEG..................................................... Peripheral Equipment Gateway PIC......................................................Preferred Interexchange Carrier PIN...................................................... Personal Identification Number PLMN .................................................... Public Land Mobile Network PPC ......................................................................Prepaid Card Calling PRM............................................................................... Premium Rate PSTN ..........................................Public Switched Telephone Network
R
RAM .............................................................Random Access Memory ROM ..................................................................... Read Only Memory RTU ................................................................................. Right To Use RUIDIR ......................................... Remote User Interaction Directive
S
7/03802 LZU 108 3827 Rev. A
111
HLR/AC Overview
SA.....................................................................................Service Area SCCP ..................................... Signalling Connection and Control Part SCP..................................................................... Service Control Point SCE....................................................... Service Creation Environment SCF............................................................... Service Control Function SMAS ................................. Service Management Application System SME...............................................Service Management Environment SMS .................................................................. Short Message Service SMSDPP..................... Short Message Service Delivery Point to Point SNMP ..................................... Simple Network Management Protocol SP .................................................................................Signaling Point SPC..................................................................... Signaling Point Code SS7 .......................................................... Signaling System Number 7 SSD......................................................................... Shared Secret Data SSL .......................................................................Secure Socket Layer SSN...................................................................... Sub-System Number STP ............................................................... Signalling Transfer Point SW.......................................................................................... Software
T
TC...................................................................Transaction Capabilities TCAP.................................. Transaction Capabilities Application Part TCP/IP ..................... Transmission Control Protocol/Internet Protocol TDMA ................................................ Time Division Multiple Access TIA .................................... Telecommunications Industry Association TLDN ..........................................Temporary Local Directory Number TLOC ................................................................... Temporary Location TMN ................................Telecommunications Management Network TPS ................................................................ Transactions Per Second TUP ......................................................................Telephony User Part
112
7/03802 LZU 108 3827 Rev. A
U
UAN ........................................................... Universal Access Number UPT.......................................Universal Personal Telecommunications
V
VLR .............................................................. Visitor Location Register VM.............................................................................. Virtual Machine VMB ............................................................................ Voice Mail Box VMS ....................................................................... Voice Mail System VP ................................................................................... Voice Privacy VPMASK ............................................................. Voice Privacy Mask VPN ................................................................ Virtual Private Network
W
WIN ........................................................ Wireless Intelligent Network WWW........................................................................World Wide Web
7/03802 LZU 108 3827 Rev. A
113
HLR/AC Overview
114
7/03802 LZU 108 3827 Rev. A
Index
Index
A Absent Subscriber 105 ASU 105 CCA 105 AC 3, 36 Activity status 13 Administrative Fraud 35 ADS 97 Advanced Mobile Phone System 2 A-Key 37 Alarm Management 57 Alarms 58 AMPS 2 Application Platform 69 Application Platform Hardware 81 Asynchronous Data 97 Authentication 36 Authentication Center 3 Authentication Centre 36 Authentication Data 37 Authentication Failure Reporting 44 Authentication Key 37 Authentication Procedures 39 Authentication Statistics 44 B Base Station 3 Base Station Challenge 41 BS 3 C Cabinet 83 Call Barring Upon Fraudulent Activity 47 Call Delivery 22 Call Forwarding 30, 99 Busy Call Forwarding 100 Call Forwarding Types 99 Busy Call Forwarding 99 Immediate Call Forwarding 99 Not Reachable Call Forwarding 99 Call Forwarding Variations Fixed 101 Variable 101 Voice Mail 101 Call Waiting 98 Calling Number Identification 96 CAVE 38 CAW 98 CCM 13 CD ROM 82 Cell 6 Cellular Authentication and Voice Encryption 38 Central Processor Unit 82 Client Application Interface 80 Cloning 34 CNI 96 CNI Presentation 96 CNI Restriction 96 CNI Restriction Override 96 CNIP 96 CNIR 96 CNIRO 96 C-Number 11 Common Object Request Broker Architecture 72 Communication Layer 76 Control Channel Mode 13
Co-operating exchange 8, 57 CORBA 72 CORBA stack 74 GIOP 74 IIOP 74 CORBA ORB 77 CPU 82 D D-AMPS 2 Database Abstraction Layer 79 Database Layer 76 DDB 104 Digital Advanced Mobile Phone System 2 Dimensioning the HLR/AC 90 Directory Number 10 DN 10 Do Not Disturb 104 Documentation 64 E Electronic Serial Number 10 Encryption 45 ENQ 96 Enquiry Call 96 Equal Access Pre-Subscription 24 ESN 10 Ethernet Switches 82 F FAD Procedure 47 Forward To Number 11 Forward-To Number Analysis 57 Fraudulent Activity Detection 46 G G3FAX 97 Gateway MSC 8 General Inter-Orb Protocol 74 Geographical HLR Redundancy 62 GIOP 74 Global Challenge 42 Group 3 Fax 97 H Hard Drive 82 Hijacking 35 HLR 3 Database Function 12 HLR Redundancy 62 HLR RTU 93 HLR/AC Application Software 83 HLR/AC Components 80 HLR/AC Subscriber Database Size 91 HLR/AC Traffic Intensity 90 Home Location Register 3 Database Function 12 Redundancy 62 Subscriber Data 12 I IC 7 IIOP 74 Immediate Charging 103 Interexchange Carrier 7 Internet Inter-ORB Protocol 74 Inverter 83 IS-136 Alphanumeric Paging 26 ISE 103
03802 LZU 108 3827 Rev. A
115
HLR/AC Overview
J Jambala 71 K Kernel 76 L LA 6 LATA 6 Live Alarm Display 60 Live Notification Display 61 Local Access and Transport Area 6 Local User Interface 80 Location Area 6 Location Area Identification 13 LOCID 13 M Malicious Call Tracing 97 Managed Object 53 Associations 53 Attributes 53 MC 4 MCA 98 MCT 97 Message Center 4 Message Waiting Indication 104 MIN 10 MO 53 Mobile Charging Area 98 Mobile Identification Number 10 Mobile Priority Subscriber 97 Mobile Station 4 Mobile Switching Center 2 MPS 97 MS 4 MSC 2 MSC-G 8 MSCID 13 MSC-V 9 MW RTU 93 MWI 104 N Network Signaling 78 Notifications 60 NPA 6 nterrogation Exchange 8 Numbering Plan Area 6 Numbers in a Cellular Network 10 O O&M 77 OA&M 79 OA&M Service Layer 80 Object Managed Object 53 Object Class 54 OMC 5 Operation and Maintenance Center 5 P PEG 8 Peripheral Equipment Gateway 8 Personal Identification Number 11 PIC 7 PIN 11 Power Supply 82 Preferred Interexchange Carrier 7 Processor 76 Product Structure of the HLR/AC 83 R Registration 18, 19 REGNOT 84 Right-To-Use 93 RTU 93 S SA 6 SCP 4 Secure Socket Layer 75 Serial Number Screening 48 Service Area 6 Service Control Point 4 Serving Exchange 9 Serving MSC Identification 13 Shared Secret Data 38 Short Message Service 26, 98 Signaling Cards 83 Signaling Processors 83 SMS 98 Software Management Layer 77 Software Product Structure of the AC Subsystem 87 Software Product Structure of the HLR Subsystem 84 SS7 stack 78 SSD 38 SSD Update 40 SSL 75 Subscriber Activity Handling 21 Subscriber Data 12 Subscriber Service Calls 28 Subscription Fraud 35 Support of Subscriber Features 30 T Tape Drive 82 Telecommunications Management Network 52 TelORB 75 Temporary Local Directory Number 11 Temporary Location 13 Terminal Server 82 TLDN 11 TLOC 13 TMN 52 TPS 90 Traffic Database DBN 79 Traffic Functions of the HLR 18 Transactions Per Second 90 Tumbling ESN 35 Types of Fraud 34 U Unique Challenge 43 V Visited Mobile Switching Center 9 Visitor Location Register 3 VLR 3 Voice Privacy 45 Voice Privacy Mask 45 VPMASK 45
116
03802 LZU 108 3827 Rev. A

HLR&amp;AC Overview

Diunggah oleh

Informasi Dokumen

Deskripsi Asli:

Hak Cipta

Format Tersedia

Bagikan dokumen Ini

Bagikan atau Tanam Dokumen

Opsi Berbagi

Apakah menurut Anda dokumen ini bermanfaat?

Apakah konten ini tidak pantas?

Hak Cipta:

Format Tersedia

HLR&amp;AC Overview

Diunggah oleh

Hak Cipta:

Format Tersedia

Home Location Register/ Authentication Center Overview

LZU 108 3827 REV R1A

LZU 108 3827 REV R1A

HLR/AC Overview Course

03802 LZU 108 3827 Rev. A

Module 1. The Wireless Network 1/03802 LZU 108 3827

2. HLR Traffic Functions 2/03802 LZU 108 3827

3. Security and Authentication 3/03802 LZU 108 3827

4. OA&M in the HLR/AC 4/03802 LZU 108 3827

03802 LZU 108 3827 Rev. A

Module 5. HLR/AC Components 5/03802 LZU 108 3827

6. HLR Subscriber Features 6/03802 LZU 108 3827

Identify the most common subscriber features supported by the HLR

03802 LZU 108 3827 Rev. A

03802 LZU 108 3827 Rev. A

The Wireless Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1

HLR Traffic Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

Security and Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33

OA&M in the HLR/AC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51

03802 LZU 108 3827 Rev.A

4.3.7 4.3.8 4.3.9 4.3.10 4.4 4.4.1 4.5

HLR Subscriber Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95

03802 LZU 108 3827 Rev. A

Absent Subscriber . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106

List of Abbreviations and Acronyms . . . . . . . . . . . . . . . . . . . . . . . 107

03802 LZU 108 3827 Rev.A

Module 1. The Wireless Network

1/03802 LZU 108 3827 Rev. A

1.2 Entities in a Cellular Network

Figure 1.1 Entities in a Cellular Network

Mobile Switching Center (MSC)

1/03802 LZU 108 3827 Rev. A

Module 1 - The Wireless Network

Base Station (BS)

The Authentication Center (AC)

Home Location Register (HLR)

Visitor Location Register (VLR)

1/03802 LZU 108 3827 Rev. A

Mobile Station (MS)

Message Center (MC)

Service Control Point (SCP)

1/03802 LZU 108 3827 Rev. A

Module 1 - The Wireless Network

Operation and Maintenance Center (OMC)

1.3 Areas in a Cellular Network

Figure 1.2 Areas in a Cellular Network

1/03802 LZU 108 3827 Rev. A

Location Area (LA)

Service Area (SA)

Numbering Plan Area (NPA)

Local Access and Transport Area (LATA)

1/03802 LZU 108 3827 Rev. A

Module 1 - The Wireless Network

1.4 Terminology in a Cellular Network

Figure 1.3 NPA, LATA and IC

Interexchange Carrier (IC)

Carrier Identification Code (CIC)

1/03802 LZU 108 3827 Rev. A

Peripheral Equipment Gateway (PEG)

Gateway MSC (MSC-G)

1/03802 LZU 108 3827 Rev. A

Module 1 - The Wireless Network

Figure 1.4 MSC-G and MSC-V

HLR&AC Overview

HLR&AC Overview