Mobility Management

The main task of 'Mobility Management (MM) is to support the mobility of the mobile station; for example, by reporting the current location to the network or verifying the subscriber identity. Another task of the MM sublayer is to offer MM connections and associated services to the CM sublayer above. The message format for MM messages is the uniform Layer 3 signaling message format (Figure 7.21). MM has its own protocol discriminator, and the MM messages are marked with a type code (MT, Table 7.5).

All MM procedures presume an established RR connection, i.e. a dedicated logical channel must be assigned with an established LAPDm connection in place, before MM transactions can be performed. These transactions occur between MS and MSC, i.e. messages are passed through the BSS transparently without interpretation and forwarded to the MSC with the DTAP transport mechanism. The MM procedures are divided into three categories: common, specific, and MM Connection Management. Whereas common procedures can always be initiated and executed as soon as an RR connection exists, Specific procedures exclude one another, i.e. they cannot be processed simultaneously or during an MM connection. Conversely, an MM connection can only be set up if no Specific procedure is running. Common MM Procedures

The common MM procedures are summarized in Figure 7.25. Besides the IMSI Detach procedure, they are all initiated from the network side. An important role for the protection of subscriber identity is held by the TMSI Reallocation procedure. If the confidentiality of a subscriber's identity IMSI is to be protected (an optional network service), the signaling procedures across the air interface use the TMSI instead of the IMSI. This TMSI has only local significance within a Location Area and must be used together with the LAI for the unique identification of a subscriber.

Implicit Imsi Detach
Figure 7.25: MM signaling procedures of category common

For further protection, the TMSI can also be repeatedly reallocated (TMSI reallocation) which must be done at the latest when the location area changes. Otherwise this TMSI change is left as an option to the network operator, but it can be performed any time after an encrypted RR connection to the mobile station has been set up. The TMSI reallocation is either executed explicitly as a standalone procedure, or implicitly from other procedures using the TMSI, e.g. the location update. In the case of explicit TMSI reallocation, the network sends a tmsi reallocation command with the new TMSI and the current LAI on an encrypted RR connection to the mobile station (Figure 7.25).

The MS stores the TMSI and LAI in nonvolatile SIM storage and acknowledges it with the message tmsi reallocation complete. If this message reaches the MSC before the timer expires, the timer is cancelled, and the TMSI is valid. However, if the timer expires before the acknowledgement arrives, the procedure is repeated. If it fails a second time, the old as well as the new TMSI are barred for a certain time interval, and the IMSI is used for paging the mobile station. If the mobile station answers a paging call, TMSI reallocation is started again. Furthermore, the TMSI is assumed valid in spite of failed reallocation if it is used by the MS in subsequent transactions.

Two more common procedures are used for the identification of a mobile station or a subscriber (identification procedure) and for the verification of the respective identity (authentication procedure). For the identification of a mobile station, there is the equipment identity IMEI as well as the subscriber identity IMSI which is assigned to the MS

through the SIM card. The network may request these two identity parameters at any time from the mobile station with an identity request. Therefore the mobile station must be able at any time to supply these identity parameters to the network with an identity response message.

Authentication also assigns a new key for encryption of user payload data. This procedure is started from the network with an authentication request message. A mobile station must be able to process this request at any time during an RR connection. The MS calculates the new key Kc for the encryption of user data from the information obtained during authentication which is locally stored, and it also calculates authentication information to prove its identity without doubt. This authentication data is transmitted with an authentication response message to the MSC which evaluates them. If the answer is not valid and the authentication has therefore failed, further processing depends on whether the IMSI or TMSI was used. In the case of TMSI, the network can start the identification procedure. If the implied IMSI is not identical to the one associated with the TMSI by the network, the authentication is restarted with new correct parameters. If the two IMSIs agree, or the IMSI was used a priori by the MS, the authentication has failed, which is indicated to the MS with an authentication reject message. This forces the MS to cancel all the assigned identity and security parameters (TMSI, LAI, Kc) and to enter idle mode, so that only simple cell selection and emergency calls are enabled.


Location Updating Request identification

Authentication identification


Cipher Mode Activation

Location Updating Accept

TMSI Reallocation Complete

Location Update

Figure 7.26: MM signaling procedures of category specific

Figure 7.26: MM signaling procedures of category specific

If the mobile station is powered off or the SIM has been removed, the MS is not reachable because the MS does not monitor the paging channel, and calls cannot be delivered. In order to relieve the paging load on the BSS caused by unnecessary paging calls, a network operator can optionally request an explicit deregistration message from the mobile station, which is not normally required. This option is signaled by setting a flag on the BCCH (system information Type 3) and on the SACCH (system information Type 8). If the flag is set, the MS sends an imsi detach indication message when it powers off or when the SIM is removed, which allows the network to mark the MS as inactive. The IMSI detach procedure is the only common procedure that cannot be started at an arbitrary time even during a specific procedure. Is start has to be delayed until any specific procedure has ended. Specific MM Procedures

In GSM systems, updating of current location information is the sole responsibility of the mobile station. Using the information broadcast on BCCH channels, it has to recognize any change in the current location area and report it to the network, so that the databases HLR and VLR can be kept up to date. The generic structure of a location update is shown in Figure 7.26: The mobile station requests to update its current location information in the network with a location updating request. If this can be done successfully, the network acknowledges this with a message location updating accept. In the course of a location update, the network can ask for the mobile station's identity and check it out (identification and authentication). If the service "confidential subscriber identity'' has been activated, a new TMSI assignment is a permanent component of the location update. In this case, enciphering of user data on the RR connection is activated, and the new TMSI is transmitted together with the message location updating accept and is acknowledged with the message reallocation complete. Periodic updating of location information can be used to indicate the presence of the mobile station in the network. For this purpose, the mobile station keeps a timer which periodically triggers a location update procedure. If this option is in use, the timer interval to be used is broadcast on the BCCH (system information Type 3). The procedure IMSI Attach is the converse of the procedure IMSI Detach (see Figure 7.25) and is executed as a special variant of the location update if the network requires this. However, the mobile station executes an IMSI Detach only if the LAI broadcast on the BCCH agrees with the LAI stored in the MS. If the stored LAI and received LAI differ, a normal location update procedure is executed. MM Connection Management

Finally, there is a third category of MM procedures which are needed for the establishment and the operation of MM connections (Figure 7.27). An MM connection is established on request from the CM sublayer above and serves for the exchange of messages between CM entities, where each CM entity has its own MM connection (Figure 7.12).

UM Connection Establishment Figure 7.27: MM signaling procedures of category MM connection management

The procedures for the setup of MM connections are different depending on whether initiation occurs from the network or the mobile station.

Setting up an MM connection from the side of the mobile station presumes the existence of an RR connection, but a single RR connection can be used by multiple MM connections. The MM connection can only be established if the mobile station has executed a successful location update in the current location area. An exception is an emergency call, which is possible at any time. If there is a request from the CM sublayer for an MM connection, it may be delayed or rejected if there are specific procedures active, depending on implementation. If the MM connection can be established, the mobile station

Table 7.6: CC messages for circuit-switched connections





Call establishment


N —



Call confirmed

MS — N


Call proceeding

N —




N «



Connect acknowledge

N «



Emergency setup

MS — N







N «



Call Information Phase


N «



Modify complete



Modify reject



User information



Call Clearing







Release complete




Congestion control






Start DTMF

MS — N


Start DTMF acknowledge




Start DTMF Reject







Status enquiry




MS — N


Stop DTMF acknowledge




sends the message cm-service request to the network. This message contains information about the mobile subscriber (IMSI or TMSI) as well as information about the requested service (outgoing voice call, SMS transfer, activation or registration of a supplementary service, etc.). Depending on these parameters, the network can execute any common MM procedure (except IMSI Detach) or activate enciphering of user data. If the mobile station receives the message cm-service accept or the local message from

Mobile Originating Call
Figure 7.28: Call setup (mobile station): mobile-originating and mobile-terminating

the RR sublayer that enciphering was activated, it treats this as an acceptance of the service request, and the requesting CM entity is informed about the successful setup of an MM connection. Otherwise, if the service request has been rejected by the network, the MS receives a message cm-service reject, and the MM connection cannot be established.

The network-initiated setup of an MM connection does not require an exchange of CM service messages. After successful paging, an RR connection is established, and the sublayer on the network side executes one of the MM procedures if necessary (mostly location update) and requests from the RR sublayer the activation of user data encryption. If these transactions are successful, the service requesting CM entity is informed, and the MM connection is established.

Was this article helpful?

0 0
DIY Battery Repair

DIY Battery Repair

You can now recondition your old batteries at home and bring them back to 100 percent of their working condition. This guide will enable you to revive All NiCd batteries regardless of brand and battery volt. It will give you the required information on how to re-energize and revive your NiCd batteries through the RVD process, charging method and charging guidelines.

Get My Free Ebook


  • vesa
    Why required TMSI and LAI no in servies request?
    3 years ago

Post a comment