3G & WLAN Dual Network Integration

and Proposed Applications

Chiou Wen-Yuh
Senior Engineer
Chunghwa Telecom
Mobile Business Group
07/Apr/2005
Forward
The NICI (National Information Communications Initiative) has established
the iB3G Dual Band Integration Office to promote and move forward the
integration of both platform infrastructure and applications between Cellular
and WLAN.
The M-Taiwan project goals are to provide a dual band wireless roaming
environment by bringing together all aspects of broadband, dual band
integration and wireless networking, in hopes to stimulate the growth and
innovation revolving around this platform to incubate many new
industries/products for the communications industry.
Mobile operators including CHT, FET and TCC are in the process of rolling
out the 3G network. Very soon, new mobile services on 384Kbps wireless
bandwidths will be available to local subs.
The meaning of dual band integration is to select the right solutions from the
two modes based on technology, bandwidth resources, security, end
devices, costs and application support to provide an acceptable quality of
services for end users to access high speed mobile services.
This report will go through integration issues between Wi-Fi&3G,advanteges
of the integration, also, we will discuss upon the proposed applications of
the dual-band network.

The Definition of Dual Band Services
A single terminal device to access WLAN and mobile
network
Realization of the virtual office
At least 128Kbps (or higher) of wireless bandwidth
Direct access to Internet/Intranet services without security issues.
Seamless access and handover to both networks
transparent to the user
Seamless International and local roaming capabilities
Seamless integrated single billing policies
WLAN (indoor /low, Hotspot /low)+3G(outdoor/high) ?
New Services and new deployments of making Wireless
broadband and making Broadband wireless
Video Conferencing

The Definition of Dual Band Integration
Create a mobile device which is reasonable in both
dimensions and weight that accesses both WLAN and
mobile networks.
Wireless, mobile and small form factor
Single devices that accesses both voice and data services
A wireless broadband and highly secure seamless
network
128K full mobility network. Speeds should be adequate for video applications
Seamless roaming between two networks
Secure enough for commerce applications (SIM CARD based)
Payment methods and fees which are acceptable by
both the subscriber and network provider.
Single billing integration
Integrated fees (Indoor WLAN/Outdoor 2.5G/3G usage fee integration)
User paid services and billing mechanisms to sustain content services and
overall industry.

How two networks complement each other
Mobile network characteristics in a dual mode network
High portability and range (2km)
Outdoor 384Kbps
High access fees
Mobile Internet
Highly secure OTA authentication and billing
WLAN characteristics in a dual mode network
Low portability and range (100m)
Indoor 3Mbps speed
Low access fees
Unsecured OTA access
Utilizes pre-paid points by credit card or scratch cards for billing



WLAN Interworking Drivers
Access network support for fixed
mobile convergence of packet
switched services

Users will require access to operator
services from any location over any
access network

Users will have multiple terminals
and multi-mode terminals

People are getting mobile, expecting
services to also be mobile

Emerging access types require
higher bandwidth for services

CDMA/UMTS vs. WLAN Pico / Indoor Cells
For CDMA/UMTS, there are engineering solutions for each of the
mentioned challenges, however, it takes very experienced
engineers to deploy these indoor solutions
For WLAN pico-/ indoor cells, the situation is very different
WLAN uses different frequency spectra from cellular or PCS, so there
is no interference between indoor WLAN with outdoor cellular / PCS
The multi-mode NIC will always choose WLAN over cellular/PCS if
WLAN signal can be detected. This guarantees micro/pico/indoor
high-speed users using WLAN and release micro/pico/indoor traffic
load from the outdoor cellular/PCS system
WLAN coverage is very limited, that means less signal will be spilled
over to neighboring cells and less interference between neighboring
WLAN cells.
WLAN indoor cell deployment is much easier, less experienced
people can do it. Most of time one only needs to provide coverage in
a certain area.
Increasing challenge for larger area deployment. In this case some frequency
planning will improve capacity
Key factor to integrate WLAN/3G
- To Simplified Network Selection
Drive simple connectivity



Enable single billing &
authentication & secure
communication



Enable seamless roaming

PAN (10M)
LAN (100M)
WAN (1000M)
Access Point
802.11
BT*
CellModem
Carrier A
Carrier B
Desktop
Wired
Enterprise
Hot Spots
Carrier C
Notebook Connectivity As Easy As Voice
Calling
3GPP scenario 2; GSMA IR61; IRAP
Wi-Fi Security Issues
Wi-Fi security issues and
authentication standards
Under normal conditions, if a user is within range of a
WiFi AP, the user can obtain an IP via DHCP and intrude
into the network.
WEP (Wired Equivalent Privacy) keyis a single static
encryption key and can be broken within seconds.
Due to the demand of higher security, 802.1x was
developed
802.1x defined as:
Server side authentication
EAP (Extensible Authentication Protocol) Dynamic WEP key
for authentication
WPA( Wi-Fi Protected Access)
WPA is part of the 802.11i standards. 802.11i includes
encryption protocols such as TKIP, AES, etc.
WPA as a total secure solution
User Authentication
802.1x + EAP
Data encryption protocols
Temporal Key Integrity Protocol (TKIP)
802.1x Dynamic WEP keys
Message integrity check (MIC)
WPA=802.1x + EAP +TKIP + MIC
SOHO uses Pre-Shared Key authentication
methods (no need for server side authentication)


3GPP Dual-Mode Integration
3GPP Standards
3GPP Standards Process on 3GPP-WLAN Interworking
2000. 06: A new feature FS on WLAN-UMTS Interworking was
proposed and supported by Telenor, Ericsson, Telia, Nokia,
Sonera, Voicestream, Nortel, Alcatel, Toshiba, Cisco, Vodafone
Two work items for Feasibility study on WLAN-UMTS
Interworking work in progress
3GPP SA1(service requirements)
3GPP SA2(Interworking architectures)
WLAN-UMTS Interworking is a Feature of 3GPP
Release 6
Related Specifications
3GPP TR 22.934 V6.2.0 (2003-09): " Feasibility study on 3GPP
system to Wireless Local Area Network (WLAN) interworking
3GPP TS 23.234 V2.4.0 (2004-01) : 3GPP system to Wireless
Local Area Network (WLAN) Interworking; System Description
3GPP TR 23.934 V1.0.0 (2002-08) : "3GPP system to Wireless
Local Area Network (WLAN) Interworking; Functional and
architectural definition
3GPP TS 33.234 V1.0.1 (2004-02) : Wireless Local Area
Network (WLAN) Interworking Security
3GPP WLAN-3G interworking (six phases)
Scenario 1 Common Billing and Customer Care
Integrated single billing and customer services
3G and WLAN security mechanisms can be independent of each other
Scenario 2 3G system based Access Control and Charging
WLAN (AAA) handled by 3G standards backend
Scenario 3 Access to 3G system PS based services
Subscribers can access 3G packet services ( PS services) via WLAN
Scenario 4 Service Continuity
PS services roaming between WLAN & 3G will remain connected
(handover)
When a change in network occurs, the user might experience a data
stream loss
Scenario 5 Seamless Service
Roaming from different networks handles transparent handover
The handover is seamless, no interruption of data stream or service to
the user
Scenario 6 Access to 3G CS Services
Access to 3G Circuit Switched (CS) services via WLAN
Seamless handover of CS services across hybrid networks
Scenario 2
Scenario 2 is an access authentication method, where the access is of type 802.1x
UE
WLAN-AN
802.1x
AAA-proxy
AAA-Server
EAPOL
EAP over
Diameter/Radius
Wa/Wd
interface
Authentication is outsourced from WLAN-AN to PLMN via AAA infra
3GPP defined the Wa/Wd interface from NAS client to AAA-Server

NAS Client
EAP-SIM
authentication
Scenario 3
Scenario 3 is a means of connecting to the packet core to make use of packet core services
IP enabled mobile sets up an IPSec tunnel using IKE_v2 to the PDG.
Need to establish user credentials => authentication/authorization needed => SIM/AKA
auth.
Path from user to PDG may be over untrusted networks => IPSec tunnel in the user
plane
PDG is the gateway to the (Gi/Wi) services

UE
PDG
Services
EAP-SIM over IKE_v2
EAP-SIM over
Diameter
AAA-Server
IPSec

Ww
3GPP Home Network
WLAN Access Network
WLAN
UE
Packet Data
Gateway
HSS
HLR
Offline
Charging
System
OCS
D
'

/

G
r
'
W
f
W
o
Intranet / Internet
3GPP Visited Network
3GPP AAA
Proxy
Offline
Charging
System
WAG
Wn
W
a
Wf
W
d
W
p
W
m
W
i
Wx
W
L
A
N

3
G
P
P

I
P

A
c
c
e
s
s
W
g
Wu
D
w
3GPP AAA
Server
SLF
Wy
W
z
New topics to be added to IR.61 roaming
guidelines from 3GPP Rel-6 I-WLAN
EAP-AKA authentication
New well defined AAA
entities (AAA Server and
Proxy)
Packet Data Gateway
role and description
Wireless Access
Gateway role and
description
DNS usage, 802.1X
migration guidelines and
AN requirements in
WLAN AN deployments
W-APN resolution and
end-2-end IKEv2 IPSec
VPN tunnel use
scenarios & profiles for
PS data services
RADIUS-Diameter
translation issues on Wa
& Wd interfaces
General migration and
alignment towards 3GPP
Copyright GSM Association
3GPP Evolution Vision
IP subnet


IP subnet


GPRS
WLAN
WLAN
GGSN

FW

G
i
/W
i

WLAN
MIPv4 HA

IPsec GW
(3GPP PDG)

WLAN AP

Multi-access
mobile device

MIPv4 signaling
user-plane traffic
Services
Multi-access
mobile device

WLAN AP

Multi-access
mobile device

WLAN AP

Multi-access
mobile device

Multi-access
mobile device

Multi-access
mobile device

Multi-access
mobile device

Multi-access
mobile device

Multi-access
mobile device

IPsec protected traffic
mobility signalling
Copyright GSM Association
EAP-SIM Dual-mode sign on process
Sign-on process
Utilize the SIM card as authentication token. No need for NAI and
password
Needs GSM/WLAN Dual mode network card or device
Allows WLAN to utilize existing GSM authentication
infrastructure
Mutual authentication of the Mobile Terminal and the
Network(HLR)
Basic IMSI privacy protection
An optimized re-authentication procedure
The advantages of
EAP-SIM dual mode integration
One bill and single authentication
SIM PIN authentication. Unique SIM card is safe and reliable.
WLAN and mobile billing is integrated as one
International/Network roaming uses existing GSM
roaming mechanisms. Mature and established.
Multi-vendor systems based on EAP-SIM and
802.1x/WPA
GSM/WPA Over The Air encryption. Resolving WiFi
security concerns.
Works for dual band handsets
iBake-off EAP-SIM based network
architecture
1M band-width
for Internet /mobile
Internet access
Packet based
services
HLR
CGW
Cellular Network
3GPP AAA
Server
WISP
()
Internet
Apple
Music Store
SIM
WLAN/Cellular
Dual Mode UE
Printer
Fax
WISP
802.1X AP
CHT mobile network and emome
International Conventional Center
Key functions of integrated network
WLAN Interworking will enable mobile operators
to deliver PS services over any access

committed to developing 3GPP WLAN
Interworking compliant solutions
Scenario 2 for for 3GPP based access control and
charging
Scenario 3 for access to PS based services
Scenario 4 for service continuity
Current Status of IR.61
IR.61 describes & defines best practices and roaming
guidelines for RADIUS based WLAN roaming..
Web based login using username/password authentication or
one-time passwords
802.1X based login using EAP-SIM authentication
Interoperator RADIUS profiles for both web based and EAP-
SIM based WLAN roaming -> authentication and accounting
Migration & co-existence guidance for pre-802.1X and
802.1X WLAN AN deployments
Open Interface Open Interface
Authentication
Authorization
Accounting
Visited Network Home Network
Open Interface Open Interface
Authentication
Authorization
Accounting
Visited Network Home WLAN /
Home PLMN
Copyright GSM Association
Proposed Applications
Revenue drivers
WLAN Interworking will increase data services as well as
mobile multi-media usage.
Business data services
Corporate application connectivity/hosting
Adopted to all terminal types and any access type
Mobile content services
Personalization, entertainment, streaming and
multimedia
Adopted to all terminal types and any access type
IP communication services
IMS, RTVS, PoC, content sharing, instant messaging
Adopted to terminal terminals and any access type
Marketing strategy
WLAN is another bearer for mobile services,
Multi-bearer offering provides a ubiquitous
mobile data service
Enterprise case
Managed VPN for enterprises private applications
Bundling package, building credibility in business market,
substantially halving customer churn in core cellular business
At the beginning stage, most of the dual-band customers will be
business people, then consumers and younger generations
Becoming a teen-age status symbol to have a WLAN
subscription and a laptop
Daul-mode integration to create
wireless sweet-spots
Extended
spotty
ubiquitous
56k 128k 512k
local
spotty
10k >2M
GPRS
WiFi
Dial-up
ISDN
CDMA
1xRTT
WiMax
3G
SAT
vast
Ethernet
EDGE
WiFi
ADSL
Soft
Cert.
Copyright GSM Association
Services VS. Bandwidth
GPRS
3G/WLAN
Voice & music
1.Remote surveillance
2.Remote education &
Medication
Intranet
Server
Internet
Server
Video
conference
ISP & ICP
Enterprise
Internet Application:
1.Web browsering
2.Email
3.On-line game
4.E-commerce
1.FTP
2.Email
Remote LAN
Various applications via dual-band wireless access
Mobile Internet Access
WLAN
GPRS

(WAP Gateway)


(HTTP Proxy)
GPRS handset subs
Dual-mode handset subs
SIM-based authentication and
billing
4 Mbps transmission speed
High service quality ,support
high quality of multimedia
services

AAA
Server
SIM-based
AAA
GPRS/3G contentr
Enterprise Internet/Intranet access
Corp.
intranet

Radius/DHCP
AP
Server

DNS
Enterprise
VPN
GPRS
Modem

Indoor
AP

AP

Gn

GI
SGSN

GGSN

()
FW/VPN
CHT-M/GPRS
E1

emome
Internet
Corp A Handset
Wireless+GPRS
ADSL
Outdoor
HotSpot
Or other
ADSL
HiNet
ERX (LAC)
ERX (LNS w/IPSec)
(PPPoE)
(PPPoE+IPsec)
CHT-D
Indoor+HiBox
Outdoor
GPRS+PC Base Internet Browser
GPRS+Cell Phone Browser
Conclusions
WLAN Interworking will increase data services as well as
mobile multi-media usage.
EAP-SIM methodology can solve WLAN security and
provide roaming scheme for inter-network across country
Following 3GPP revolution and GSMA IR.61
standardization, WLAN has no boundary limitation and
makes contribution to wireless broadband data service
Enterprise Internet/Intranet access via notebook/PDA
with Wi-Fi whenever at work or at play as the
fundamental application.
Dual-band wireless access basic services are main on
E-mail, IMS and VoIP. Consequent applications and
digital contents development depends on collaboration of
all walks of life.
Thank You!
Chiou Wen-Yuh
Senior Engineer
Mobile Business Group
Chunghwa Telecom(TAIWAN)
e-mail: chiouwy@cht.com.tw
Tel: +886 23316-6205
Mobile: + 886 937400416