Upload
giona
View
33
Download
0
Embed Size (px)
DESCRIPTION
BCMCS Framework TSG-X BCMCS Adhoc August 20, 2003. Current Status. Stage 1 Document (S.P 0030-A, v. 0.4.3): Ad hoc and TSG-S WG1 jointly reviewed the document Under other TSGs review now Security Framework Document (S.P 0083, v.0.6): Adhoc and TSG-S WG4 jointly reviewed the document - PowerPoint PPT Presentation
Citation preview
1
BCMCS Framework
TSG-X BCMCS AdhocAugust 20, 2003
2
Current Status
• Stage 1 Document (S.P 0030-A, v. 0.4.3): – Ad hoc and TSG-S WG1 jointly reviewed the document– Under other TSGs review now
• Security Framework Document (S.P 0083, v.0.6): – Adhoc and TSG-S WG4 jointly reviewed the document– Under other TSGs review
• BCMCS Framework Document (X.P 0019, v.0.1.3): – Draft baseline text are under other TSGs review– One open issue: Framing
• TSG-X: – Stage 2 and 3 work started, will be in a separate document from X.P0011
(TIA-835)
• TSG-A: – Stage 2 and 3 will be in a separate document from IOS 5.0?
• TSG-C: – 1X EVDV: Plans to be in C.S0001-C.S0005 (TIA-2000-D)?– 1X EVDO: Baseline in July and V&V is compete (C.S0054)
3
BCMCS Concepts
Shared CDMA Broadcast Radio Channel
Base StationCell phone
Laptop computer
Laptop
Laptops
Cell phone
Laptop computer
Cell phone
Content Server
Network
4
Overview
• Optimize use of the cdma2000 radio interface over the air
• BCMCS provides delivery of the IP flows that comprise BCMCS Programs (content) to one or more terminals in one or more regions of the 3GPP2 network.
• The 3GPP2 operator has control of:– Transmission Areas of BCMCS IP flows
– Billing of the user and/or content provider
– Encryption of the IP flows
• Examples: weather, stock, news, pay per view movies, sport events etc.
5
Architecture
BSC/PCF PDSN
S-AAA BCMCSController
H-AAA
SubscriberProfile
Database
BCMCSContentProvider
Home Network
Serving Network
MS/UIM
Signaling
Bearer Path (Original content)
Third party
BCMCSSubscriber
ProfileManager
Out of Scope of this Document
BCMCSContentServer
BCMCSContentProvider
BCMCSContentProvider
Bearer Path (Contentmay be reformatted)
MR
6
Architecture
• BCMCS Controller:– Communicates with the mobile to provide detailed information
necessary to choose and receive a BCMCS program. May also provide lists of available programs.
– Communicates with the BCMCS Content Provider to control the ability of a Content Provider to send BCMCS programs to a BCMCS Content Server.
– May generate BCMCS Access Keys (BAKs) to encrypt BCMCS program content.
– Distributes BAK to the MS
– Communicates via the S-AAA with the PDSN to provide IP multicast addressing and flow treatment information to the PDSN.
• BCMCS Content Provider:– Is the source of BCMCS programs sent to users.
– Communicates with the BCMCS Controller to arrange the delivery of a program to a BCMCS Content Server.
7
Architecture
• BCMCS Content Server:– Is the last application that manipulates the BCMCS IP flows
before they are sent to the PDSNs.
– May combine several input programs from BCMCS Content Providers, e.g., traffic + weather + advertising combining.
– Provides upper layer encryption of BCMCS programs when so chosen by the operator.
• BCMCS Client on the mobile:– Communicates with the BCMCS Controller via normal IP
methods in a client-server relationship to obtain detailed information necessary to receive desired BCMCS programs.
– Decrypts and displays BCMCS program.
8
Basic Procedures• Service Discovery/Announcement
– Used to find out available BCMCS service– Distribute information about the service, parameters required for information
acquisition and program schedule– Via out of band mechanisms
• Content Subscriptions– Subscribes to BCMCS– RK (Registration Key) is provisioned– Via out of band mechanisms
• Information Acquisitions– Obtain BCMCS Session related info from Controller (BCMCS_FLOW_ID, header
compression etc) – Obtain Security Parameters (BAK etc)
• Content Availability Determination– Determines whether a Multicast IP flow is available in a particular sector and the
BCMCS radio configuration information – Via the overhead messages from a BS
• BCMCS Registration– Request for delivering the IP flows in a particular sector– The first user may trigger the Bearer Path establishment– Notify where to page the MS
• Reception of the Content
• BCMCS Deregistration
9
Key Hierarchy for CS-MS Security
SK (Session Key)– Used to decrypt content.– Changes frequently to discourage session theft– Generated by the UIM card and sent to the ME
BAK (BCMCS Access Key)– Used to generate SK– Provides access to program/multicast IP flow– Decrypted and stored in the UIM
TK (Temporary Key)– Used to encrypt/decrypt the BCMCS Access Key (BAK) for transmission to the MS– Generated from RK
RK (Registration Key)– Used to generate TK– RK is obtained when user subscribes to broadcast services– Stored in the UIM
10
Security Architecture
ServingSystem
ContentSource
ContentEncrypter
ME UIM
BCMCS Functions Mobile Station
SKManager
BAKDistributor
SubscriptionManager
BAKGenerator
11
Protocol Stack
MSBSC/PCF
PDSNRouter(s) BCMCS
Content Server
IP/(IPSec optional)
L2
L1
IP
L2
L1
IP/(IPSecoptional)
L2
L1
L2
(R-P)
L1
PPP-likeEncapsulation
L2
(R-P)
L1
MUX
PhysicalChannel
Link LayerEncryption(Optional)
Application(Ex. MPEG-4)
Transport
(Ex. RTP)
Encryption (Ex.SRTP)(Optional)
IP/(IPSec optional)
PPP-likeEncapsulation
PhysicalChannel
Link LayerEncryption(Optional)
MUX
Application(Ex. MPEG-4)
Transport(Ex. RTP)
Encryption (Ex.SRTP)(Optional)
Transport (UDP) Transport (UDP)
Framing Framing Framing
Note: The framing in BSC or PDSN is an open issue.
IP/(IPSecoptional)
12
BCMCS Parameters (Non-security related)
• Content Name– Content Name represents the name given to the BCMCS Content Stream by the
service provider.
– Content Names are likely to be human-friendly.
– Content Name is discovered by the user via SMS, WAP, HTML, etc.
• Multicast IP Address and Transport Layer Port Number– A {Multicast IP Address and Transport Layer Port Number} tuple identifies the
destination multicast IP address and the destination transport layer (e.g., UDP) port number for an IP flow within a BCMCS Content Stream.
• BCMCS_FLOW_ID– BCMCS_FLOW_ID is an alias for the {Multicast IP Address and Transport
Layer Port Number} . Used to efficiently transport over the air.
• Radio Parameters– Examples of these parameters are physical channel identification and
characteristics, logical channel identification, logical channel to physical channel mapping, soft handoff group and registration parameters.
Radio LinkA8
ConnectionA10
Connection
Multicast IPAddr. & Port
Number
BCMCS_FLOW_ID
ContentName
LM 1 1 L K 1 1 K 1
13
Operational Scenarios-
Service Discovery, Information Acquisition, and Content Availability
Determination
1. PPP Establishment
ME BSC/PCF PDSNBCMCS
Controller
3. BCMCS Information Request (Content Name)
AAA
5. BCMCS Information Response (Security Parameters and BCMCS SessionRelated Info)
UIM
4. Authentication and Authorization
6. Security Parameters
2. BCMCSController IP
address discovery
0. MS must acquireinformation on availableBCMCS content name,and may acquire BCMCSSession Related info viaSMS, MMS, email, webpage, user input, etc.
Steps 1-6 are required forthe MS to acquire the BAK
and may be used foracquiring BCMCS Session
Related info.
7. MS may acquireBCMCS content
availability info andradio channel
information fromoverheadmessages
14
Operational Scenarios- Bearer Path Setup (PPP Required)
BSC transmitsMulticast IP
Flow(s)
MS
BCMCSRegistration
Request(BCMCS_FLOW_ID(s), user-ID)
2
BSC/PCF
PDSN-1BCMCSContentServer
Radio Channelinformation
BCMCSRegistration
Request(BCMCS_FLOW_ID
(s), user ID,location-info)
3
BCMCSRegistrationResponse(auth=OK)
BCMCS Multicast IP Flow(s)
PDSN-2
Authorization Request(BCMCS_FLOW_ID(s),
user ID,location-info)
AuthorizationResponse (OK)
5
BCMCSController
4
BCMCS accounting informationmay be sent to the AAA at this
point.
11
12
MS monitorsthe radiochannel
13
MR
OverheadChannel
10
PPP Establishment,if not already established.
1
6
S-AAA
BCMCS Content Request(BCMCS_FLOW_ID(s)
8
7
BCMCS Content Response(BCMCS info)
9
Multicast IPFlow(s)
Multicast IPFlow(s)
15
BSC transmitsthe Multicast IP
Flow(s)
MS
BCMCSRegistration
Request(BCMCS_FLOW
ID(s), user-ID,Auth-info)
1
BSC/PCF
PDSNBCMCSContentServer
Radio Channelinformation
BCMCSRegistration
Request(BCMCS_FLOW_ID
(s), user ID, auth-info, location info)
2
BCMCSRegistrationResponse
(auth=OK, BCMCSinfo)
Multicast IP Flow(s)
S-AAA
Authorization Response (OK)
4
BCMCSController
3
10
MS monitorsthe radiochannel
11
MR
BCMCS accounting information maybe sent to the AAA at this point.
MulticastIP Flow(s)Overhead
ChannelMulticast
IP Flow(s)
6
7
8
9
Authorization Request/Response
5
Authorization Request(BCMCS_FLOW_ID, user ID,
auth-info, location info)
Operational Scenarios - Bearer Path Setup (w/o
PPP Required)
16
Accounting
• Collected accounting data should be able to help service provider:– Billing on BCMCS Originators/Content Provider– Billing on BCMCS viewers/subscribers
• Accounting type:– Flat fee (e.g., monthly payment)– Pay per view– Usage Based
• Accounting data may be collected by:– RAN – PDSN– BCMCS Controller
• Accounting data should send to HAAA.
17
Example for Accounting by BCMCS Controller
1. The BCMCS client application on the MS communicates with the BCMCS Controller to acquire BCMCS information.
2. The BCMCS Controller responds with the BCMCS information. This information may include BAK values that will allow the user to receive and properly decode BCMCS content streams.
3. The BCMCS Controller sends accounting information to the AAA.
4. The AAA responds to acknowledge the accounting information.
2. BCMCS Response
BCMCSController
1. BCMCS Request
MS
4. Accounting Response
AAA
3. Account Request (AccountingRecord)
• The BCMCS Controller may include the following accounting information for each subscribed user:
- User Identity (NAI) - BCMCS Controller Identity
- BCMCS_FLOW_ID - Content name
- BAK_ID - BAK lifetime
- Multicast IP address(es)/port number(s) of the content stream