1

BCMCS Framework

TSG-X BCMCS AdhocAugust 20, 2003

2

Current Status

• Stage 1 Document (S.P 0030-A, v. 0.4.3): – Ad hoc and TSG-S WG1 jointly reviewed the document– Under other TSGs review now

• Security Framework Document (S.P 0083, v.0.6): – Adhoc and TSG-S WG4 jointly reviewed the document– Under other TSGs review

• BCMCS Framework Document (X.P 0019, v.0.1.3): – Draft baseline text are under other TSGs review– One open issue: Framing

• TSG-X: – Stage 2 and 3 work started, will be in a separate document from X.P0011

(TIA-835)

• TSG-A: – Stage 2 and 3 will be in a separate document from IOS 5.0?

• TSG-C: – 1X EVDV: Plans to be in C.S0001-C.S0005 (TIA-2000-D)?– 1X EVDO: Baseline in July and V&V is compete (C.S0054)

3

BCMCS Concepts

Shared CDMA Broadcast Radio Channel

Base StationCell phone

Laptop computer

Laptop

Laptops

Cell phone

Laptop computer

Cell phone

Content Server

Network

4

Overview

• Optimize use of the cdma2000 radio interface over the air

• BCMCS provides delivery of the IP flows that comprise BCMCS Programs (content) to one or more terminals in one or more regions of the 3GPP2 network.

• The 3GPP2 operator has control of:– Transmission Areas of BCMCS IP flows

– Billing of the user and/or content provider

– Encryption of the IP flows

• Examples: weather, stock, news, pay per view movies, sport events etc.

5

Architecture

BSC/PCF PDSN

S-AAA BCMCSController

H-AAA

SubscriberProfile

Database

BCMCSContentProvider

Home Network

Serving Network

MS/UIM

Signaling

Bearer Path (Original content)

Third party

BCMCSSubscriber

ProfileManager

Out of Scope of this Document

BCMCSContentServer

BCMCSContentProvider

BCMCSContentProvider

Bearer Path (Contentmay be reformatted)

MR

6

Architecture

• BCMCS Controller:– Communicates with the mobile to provide detailed information

necessary to choose and receive a BCMCS program. May also provide lists of available programs.

– Communicates with the BCMCS Content Provider to control the ability of a Content Provider to send BCMCS programs to a BCMCS Content Server.

– May generate BCMCS Access Keys (BAKs) to encrypt BCMCS program content.

– Distributes BAK to the MS

– Communicates via the S-AAA with the PDSN to provide IP multicast addressing and flow treatment information to the PDSN.

• BCMCS Content Provider:– Is the source of BCMCS programs sent to users.

– Communicates with the BCMCS Controller to arrange the delivery of a program to a BCMCS Content Server.

7

Architecture

• BCMCS Content Server:– Is the last application that manipulates the BCMCS IP flows

before they are sent to the PDSNs.

– May combine several input programs from BCMCS Content Providers, e.g., traffic + weather + advertising combining.

– Provides upper layer encryption of BCMCS programs when so chosen by the operator.

• BCMCS Client on the mobile:– Communicates with the BCMCS Controller via normal IP

methods in a client-server relationship to obtain detailed information necessary to receive desired BCMCS programs.

– Decrypts and displays BCMCS program.

8

Basic Procedures• Service Discovery/Announcement

– Used to find out available BCMCS service– Distribute information about the service, parameters required for information

acquisition and program schedule– Via out of band mechanisms

• Content Subscriptions– Subscribes to BCMCS– RK (Registration Key) is provisioned– Via out of band mechanisms

• Information Acquisitions– Obtain BCMCS Session related info from Controller (BCMCS_FLOW_ID, header

compression etc) – Obtain Security Parameters (BAK etc)

• Content Availability Determination– Determines whether a Multicast IP flow is available in a particular sector and the

BCMCS radio configuration information – Via the overhead messages from a BS

• BCMCS Registration– Request for delivering the IP flows in a particular sector– The first user may trigger the Bearer Path establishment– Notify where to page the MS

• Reception of the Content

• BCMCS Deregistration

9

Key Hierarchy for CS-MS Security

SK (Session Key)– Used to decrypt content.– Changes frequently to discourage session theft– Generated by the UIM card and sent to the ME

BAK (BCMCS Access Key)– Used to generate SK– Provides access to program/multicast IP flow– Decrypted and stored in the UIM

TK (Temporary Key)– Used to encrypt/decrypt the BCMCS Access Key (BAK) for transmission to the MS– Generated from RK

RK (Registration Key)– Used to generate TK– RK is obtained when user subscribes to broadcast services– Stored in the UIM

10

Security Architecture

ServingSystem

ContentSource

ContentEncrypter

ME UIM

BCMCS Functions Mobile Station

SKManager

BAKDistributor

SubscriptionManager

BAKGenerator

11

Protocol Stack

MSBSC/PCF

PDSNRouter(s) BCMCS

Content Server

IP/(IPSec optional)

L2

L1

IP

L2

L1

IP/(IPSecoptional)

L2

L1

L2

(R-P)

L1

PPP-likeEncapsulation

L2

(R-P)

L1

MUX

PhysicalChannel

Link LayerEncryption(Optional)

Application(Ex. MPEG-4)

Transport

(Ex. RTP)

Encryption (Ex.SRTP)(Optional)

IP/(IPSec optional)

PPP-likeEncapsulation

PhysicalChannel

Link LayerEncryption(Optional)

MUX

Application(Ex. MPEG-4)

Transport(Ex. RTP)

Encryption (Ex.SRTP)(Optional)

Transport (UDP) Transport (UDP)

Framing Framing Framing

Note: The framing in BSC or PDSN is an open issue.

IP/(IPSecoptional)

12

BCMCS Parameters (Non-security related)

• Content Name– Content Name represents the name given to the BCMCS Content Stream by the

service provider.

– Content Names are likely to be human-friendly.

– Content Name is discovered by the user via SMS, WAP, HTML, etc.

• Multicast IP Address and Transport Layer Port Number– A {Multicast IP Address and Transport Layer Port Number} tuple identifies the

destination multicast IP address and the destination transport layer (e.g., UDP) port number for an IP flow within a BCMCS Content Stream.

• BCMCS_FLOW_ID– BCMCS_FLOW_ID is an alias for the {Multicast IP Address and Transport

Layer Port Number} . Used to efficiently transport over the air.

• Radio Parameters– Examples of these parameters are physical channel identification and

characteristics, logical channel identification, logical channel to physical channel mapping, soft handoff group and registration parameters.

Radio LinkA8

ConnectionA10

Connection

Multicast IPAddr. & Port

Number

BCMCS_FLOW_ID

ContentName

LM 1 1 L K 1 1 K 1

13

Operational Scenarios-

Service Discovery, Information Acquisition, and Content Availability

Determination

1. PPP Establishment

ME BSC/PCF PDSNBCMCS

Controller

3. BCMCS Information Request (Content Name)

AAA

5. BCMCS Information Response (Security Parameters and BCMCS SessionRelated Info)

UIM

4. Authentication and Authorization

6. Security Parameters

2. BCMCSController IP

address discovery

0. MS must acquireinformation on availableBCMCS content name,and may acquire BCMCSSession Related info viaSMS, MMS, email, webpage, user input, etc.

Steps 1-6 are required forthe MS to acquire the BAK

and may be used foracquiring BCMCS Session

Related info.

7. MS may acquireBCMCS content

availability info andradio channel

information fromoverheadmessages

14

Operational Scenarios- Bearer Path Setup (PPP Required)

BSC transmitsMulticast IP

Flow(s)

MS

BCMCSRegistration

Request(BCMCS_FLOW_ID(s), user-ID)

2

BSC/PCF

PDSN-1BCMCSContentServer

Radio Channelinformation

BCMCSRegistration

Request(BCMCS_FLOW_ID

(s), user ID,location-info)

3

BCMCSRegistrationResponse(auth=OK)

BCMCS Multicast IP Flow(s)

PDSN-2

Authorization Request(BCMCS_FLOW_ID(s),

user ID,location-info)

AuthorizationResponse (OK)

5

BCMCSController

4

BCMCS accounting informationmay be sent to the AAA at this

point.

11

12

MS monitorsthe radiochannel

13

MR

OverheadChannel

10

PPP Establishment,if not already established.

1

6

S-AAA

BCMCS Content Request(BCMCS_FLOW_ID(s)

8

7

BCMCS Content Response(BCMCS info)

9

Multicast IPFlow(s)

Multicast IPFlow(s)

15

BSC transmitsthe Multicast IP

Flow(s)

MS

BCMCSRegistration

Request(BCMCS_FLOW

ID(s), user-ID,Auth-info)

1

BSC/PCF

PDSNBCMCSContentServer

Radio Channelinformation

BCMCSRegistration

Request(BCMCS_FLOW_ID

(s), user ID, auth-info, location info)

2

BCMCSRegistrationResponse

(auth=OK, BCMCSinfo)

Multicast IP Flow(s)

S-AAA

Authorization Response (OK)

4

BCMCSController

3

10

MS monitorsthe radiochannel

11

MR

BCMCS accounting information maybe sent to the AAA at this point.

MulticastIP Flow(s)Overhead

ChannelMulticast

IP Flow(s)

6

7

8

9

Authorization Request/Response

5

Authorization Request(BCMCS_FLOW_ID, user ID,

auth-info, location info)

Operational Scenarios - Bearer Path Setup (w/o

PPP Required)

16

Accounting

• Collected accounting data should be able to help service provider:– Billing on BCMCS Originators/Content Provider– Billing on BCMCS viewers/subscribers

• Accounting type:– Flat fee (e.g., monthly payment)– Pay per view– Usage Based

• Accounting data may be collected by:– RAN – PDSN– BCMCS Controller

• Accounting data should send to HAAA.

17

Example for Accounting by BCMCS Controller

1. The BCMCS client application on the MS communicates with the BCMCS Controller to acquire BCMCS information.

2. The BCMCS Controller responds with the BCMCS information. This information may include BAK values that will allow the user to receive and properly decode BCMCS content streams.

3. The BCMCS Controller sends accounting information to the AAA.

4. The AAA responds to acknowledge the accounting information.

2. BCMCS Response

BCMCSController

1. BCMCS Request

MS

4. Accounting Response

AAA

3. Account Request (AccountingRecord)

• The BCMCS Controller may include the following accounting information for each subscribed user:

- User Identity (NAI) - BCMCS Controller Identity

- BCMCS_FLOW_ID - Content name

- BAK_ID - BAK lifetime

- Multicast IP address(es)/port number(s) of the content stream