GB2365685A - Communication system utilising encryption in a gsm network - Google Patents

Communication system utilising encryption in a gsm network Download PDF

Info

Publication number
GB2365685A
GB2365685A GB0018863A GB0018863A GB2365685A GB 2365685 A GB2365685 A GB 2365685A GB 0018863 A GB0018863 A GB 0018863A GB 0018863 A GB0018863 A GB 0018863A GB 2365685 A GB2365685 A GB 2365685A
Authority
GB
United Kingdom
Prior art keywords
bts
bsc
encryption process
encryption
area
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
GB0018863A
Other versions
GB0018863D0 (en
Inventor
Stephen Hugh Babbage
Christopher David Pudney
Peter Thomas Howard
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Vodafone Ltd
Original Assignee
Vodafone Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Vodafone Ltd filed Critical Vodafone Ltd
Priority to GB0018863A priority Critical patent/GB2365685A/en
Publication of GB0018863D0 publication Critical patent/GB0018863D0/en
Publication of GB2365685A publication Critical patent/GB2365685A/en
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption

Abstract

In GSM telecommunications networks, there are base station controllers (BSC) each of which controls a plurality of base transceiver stations (BTS). Communication traffic between a mobile station (MS) in the operational area or cell corresponding to a particular BTS is transmitted to and from the BSC, and the rest of the network and other networks, via the BTS of that cell. In existing GSM networks, such traffic is encrypted by an encryption process the end points of which are at the MS and the BTS. In order to provide enhanced security, the invention adds an encryption process which has its end points at the MS and the BSC - that is, the encryption acts on a single communications link extending between these two end points. This added encryption process in currently deployed GSM systems leaves the existing encryption process between the MS and the BTS unaffected. In new GSM networks, the encryption process acting only on the link between the MS and the BTS can be removed.

Description

<Desc/Clms Page number 1> TELECOMMUNICATION SYSTEMS AND METHODS The invention relates to telecommunication systems and methods. A telecommunication system embodying the invention, and to be described in more detail below by way of example only, is a GSM mobile telecommunications system incorporating enhanced security.
According to the invention, there is provided a GSM telecommunications network, comprising at least one base station controller (BSC) which controls a plurality of base transceiver stations (BTS), each BTS having a respective operational area such that communication traffic between a mobile station (MS) in the area and the BSC is handled by the BTS of that area, such traffic being encrypted and the end points of that encryption being the MS and the BSC.
According to the invention, there is further provided a method of enhancing the security of communication traffic in a GSM telecommunications network comprising at least one base station controller (BSC) controlling a plurality of base transceiver stations (BTS) each of which has a respective operational area such that communication traffic between a mobile station (MS) in that area and the BSC is handled by the BTS of that area, the communication security being enhanced by applying encryption to that communication traffic by an encryption process the end points of which are the MS and the BSC.
<Desc/Clms Page number 2>
According to the invention, there is also provided a method of enhancing the security of communication traffic in an existing GSM telecommunications network comprising at least one base station controller (BSC) controlling a plurality of base transceiver stations (BTS) each of which has a respective operational area such that communication traffic between a mobile station (MS) in that area and the BSC is handled by the BTS of that area and such traffic is encrypted by an encryption process having end points at the MS and the BTS respectively, the communication security being enhanced by applying encryption to that communication traffic by an encryption process the end points of which are the MS and the BSC.
Telecommunication systems and methods according to the invention will now be described, by way of example only, with reference to the accompanying diagrammatic drawings in which: Figure 1 is a schematic diagram of part of a GSM telecommunication system; and Figure 2 is a simplified signalling diagram for explaining the operation of one of the systems embodying the invention.
Figure 1 shows a GSM telecommunication system comprising a switching centre (MSC) 10 which controls a plurality of base station controllers (BSC), of which one is shown at 12 in Figure 1. Each BSC 12 controls several base transceiver stations (BTS) 14. Each
<Desc/Clms Page number 3>
BTS 14 communicates with a plurality of mobile stations (MS) 16 - that is, mobile telephone handsets for example. Communication between each BTS 14 and the MS 16 is normally by means of a wireless link.
Each BTS 14 has a respective service area or cell 18 having a particular geographical size. Communication can take place between the BTS and an MS within the cell. As an MS moves out of the area of the cell of one BTS and into the area of the cell of another BTS, communication is handed over from the first to the second BTS, in the usual way for GSM networks.
In order to provide security for information transmitted by or to each MS, an encryption process is used. This encryption process in a normal GSM system encrypts transmissions between the MS and the BTS. Such transmissions include not only "user communication" - that is voice or data messages transmitted by or to a user of the MS, but also signalling data - that is, data for setting up, monitoring and handing over voice and data communications to or from the MS.
The invention is concerned with improving the security of transmissions to and from the MS.
In order to improve communication security, therefore, it is proposed in accordance with the invention to apply the encryption process directly between the BSC and the mobile
<Desc/Clms Page number 4>
stations (MS). In this way, the security of transmissions (both user and signalling transmissions) is enhanced because such communications are encrypted over the whole path between the MS and the BSC.
This process is diagrammatically illustrated in Figure 2. The normal encryption process in GSM, as described earlier above, is indicated at A where the encrypted communications are those between the MS and the BTS. The enhanced encryption process provided by the invention, and extending between the BSC and the MS, is indicated at B.
The extended encryption process provided by the invention has a number of advantages:- (a) It provides greater security than existing encryption processes, in that communications are encrypted between the BSC and the MS instead of only between the BTS and the MS.
(b) The extended encryption process can easily be applied to existing GSM networks, because the existing encryption process carried out between the BTS and the MS is not affected and will continue, with the new encryption process applied directly between the BSC and the MS being added to it. However, in such a case the existing encryption process does not transmit unencrypted or decrypted information between the BTS and the BSC.
<Desc/Clms Page number 5>
(c) In new GSM network installations, the existing encryption process between the BTS and the MS can simply be removed.
(d) The expanded encryption process according to the invention brings the encryption process into line with that proposed for Third Generation telecommunications systems.
In order to provide encryption extending between the MS and the BSC, an encryption process could instead be added to the link between the BTS and the BSC. Thus, the existing encryption process used in GSM between the MS and the BTS would continue, and a new encryption process would be added between the BTS and the BSC. However, such a two-link arrangement would be disadvantageous as compared with the encryption process proposed according to the invention. In such a two-link encryption system, the user and signalling traffic would exist in unencrypted form in the BTS (that is, where it passed between one encryption link and the other). This would create a security vulnerability. Furthermore, such a two-link encryption process would require two separate key management systems to be established, one for each of the two links. The invention enables only one key management scheme to be used.
Another way of providing expanded security would be to replace the existing encryption functions in the MS and in the BTS with stronger encryption functions. However, for existing GSM networks this is difficult and costly to implement. The extended security
<Desc/Clms Page number 6>
provided by the encryption process of the invention provides extended security because encryption is applied to user and signalling traffic over the whole path between the MS and the BSC and is much simpler to implement than attempting to change existing encryption functions acting between the MS and the BTS. If at some time in the future, it is desired to increase security still further, by using stronger encryption functions, it is relatively easy to implement this with the invention. By definition there are fewer BTS entities than BSC entities, and BSC entities are generally more conveniently located than the BTS entities. It is therefore much easier to implement stronger encryption functions in already deployed BSCs than in already deployed BTSs.
<Desc/Clms Page number 7>

Claims (1)

  1. CLAIMS 1. A GSM telecommunications network, comprising at least one base station controller (BSC) which controls a plurality of base transceiver stations (BTS), each BTS having a respective operational area such that communication traffic between a mobile station (MS) in the area and the BSC is handled by the BTS of that area, such traffic being encrypted and the end points of that encryption being the MS and the BSC. 2. A network according to claim 1, in which such traffic is also encrypted by a separate encryption process the end points of which are the MS and the BTS. 3. A method of enhancing the security of communication traffic in a GSM telecommunications network comprising at least one base station controller (BSC) controlling a plurality of base transceiver stations (BTS) each of which has a respective operational area such that communication traffic between a mobile station (MS) in that area and the BSC is handled by the BTS of that area, the communication security being enhanced by applying encryption to that communication traffic by an encryption process the end points of which are the MS and the BSC. 4. A method of enhancing the security of communication traffic in an existing GSM telecommunications network comprising at least one base station controller (BSC) controlling a plurality of base transceiver stations (BTS) each of which has a respective
    <Desc/Clms Page number 8>
    operational area such that communication traffic between a mobile station (MS) in that area and the BSC is handled by the BTS of that area and such traffic is encrypted by an encryption process having end points at the MS and the BTS respectively, the communication security being enhanced by applying encryption to that communication traffic by an encryption process the end points of which are the MS and the BSC. S. A GSM telecommunications network, substantially as described with reference to the accompanying drawings. 6. A method of providing enhanced communications security for a GSM telecommunications network, substantially as described with reference to the accompanying drawings.
GB0018863A 2000-08-01 2000-08-01 Communication system utilising encryption in a gsm network Withdrawn GB2365685A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
GB0018863A GB2365685A (en) 2000-08-01 2000-08-01 Communication system utilising encryption in a gsm network

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
GB0018863A GB2365685A (en) 2000-08-01 2000-08-01 Communication system utilising encryption in a gsm network

Publications (2)

Publication Number Publication Date
GB0018863D0 GB0018863D0 (en) 2000-09-20
GB2365685A true GB2365685A (en) 2002-02-20

Family

ID=9896762

Family Applications (1)

Application Number Title Priority Date Filing Date
GB0018863A Withdrawn GB2365685A (en) 2000-08-01 2000-08-01 Communication system utilising encryption in a gsm network

Country Status (1)

Country Link
GB (1) GB2365685A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100442881C (en) * 2005-03-31 2008-12-10 华为技术有限公司 Method for realizing information encryption transmission in wireless communication system

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0462728A2 (en) * 1990-06-18 1991-12-27 Nortel Networks Corporation Mobile communications
US5537610A (en) * 1990-06-18 1996-07-16 Northern Telecom Limited Mobile communication having mobile subscribers, PCN network, PBX and a local exchange
WO1999026420A2 (en) * 1997-11-04 1999-05-27 Nokia Netwokrks Oy Method of setting encryption for a connection in a radio system

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0462728A2 (en) * 1990-06-18 1991-12-27 Nortel Networks Corporation Mobile communications
US5537610A (en) * 1990-06-18 1996-07-16 Northern Telecom Limited Mobile communication having mobile subscribers, PCN network, PBX and a local exchange
WO1999026420A2 (en) * 1997-11-04 1999-05-27 Nokia Netwokrks Oy Method of setting encryption for a connection in a radio system

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100442881C (en) * 2005-03-31 2008-12-10 华为技术有限公司 Method for realizing information encryption transmission in wireless communication system

Also Published As

Publication number Publication date
GB0018863D0 (en) 2000-09-20

Similar Documents

Publication Publication Date Title
JP3113671B2 (en) Communications system
US6021333A (en) Method and system for transferring information within a mobile communication system
JP4555261B2 (en) Method for cryptographic processing of data transmission and cellular radio system using the method
CN100382616C (en) Wireless telecommunications system utilizing CDMA radio frequency signal modulation in conjuction with the gsm a-interface telecommunications network protocol
CN101945384B (en) Method, device and system for processing safe key in reconnection of RRC (Radio Resource Control)
CN103327483B (en) Method, aerogram base station and the radio communication terminal of user data is encrypted in transmission and reception
AU5223400A (en) Arranging authentication and ciphering in mobile communication system
NO953572L (en) Method for sending and receiving power control messages in a CDMA type cellular radio system
WO2001095657A3 (en) Method for monitoring communications in a cellular radiocommunication system, and network core therefor
AU1151199A (en) Paging control method and apparatus
AU2001244949A1 (en) Method and arrangement for reducing the amount of handover-related signalling traffic in a telecommunication system
CN1444811A (en) Data transmission method, user equipment and GPRS/EDGE radio access network
ES2080659A2 (en) Procedure for performing operations of supervision, maintenance and control in fixed cellular networks and means for carrying this out.
FR2792155B1 (en) METHOD FOR PROVIDING SERVICES TO MOBILE RADIO COMMUNICATION STATIONS, NETWORK EQUIPMENT AND MOBILE STATIONS FOR IMPLEMENTING SAME
KR101194135B1 (en) A method of adjusting the transmission power of base stations transmitting in macro-diversity
ES2097035T3 (en) PROCEDURE FOR THE MANAGEMENT OF TRANSMISSION ERRORS BETWEEN A BASE STATION AND A TRANSCODIFIER IN A NUMERICAL RADIOCOMMUNICATION SYSTEM, BASE STATION AND CORRESPONDING TRANSCODER.
EP1384387A1 (en) Improvements in a third generation cellular network
CN104185177A (en) Security key management method, device and system
AU2005305753B2 (en) Intelligent base station comprising all functions relevant to its operation
WO2001045435A3 (en) Handover method in telecommunications network employing macrodiversity
CN102098685A (en) Global system for mobile communication (GSM) network-based spectrum reuse communication system and method
WO2002043417A3 (en) System and method of fault management in a mobile communications network having a proxy switch
EP1406423A1 (en) Network structure for encrypting of mobile communication system terminal and the method of realizin it
GB2365685A (en) Communication system utilising encryption in a gsm network
US20050113094A1 (en) Global authentication continuity feature for handoff to a neighboring mobile switching center

Legal Events

Date Code Title Description
WAP Application withdrawn, taken to be withdrawn or refused ** after publication under section 16(1)