Today's topic is IMSI (International Mobile Subscriber Identity) and GUTI (Globally Unique Temporary Identifier). These two are parameters (identifiers) used in identifying UEs in LTE networks.
What is IMSI?
IMSI is a unique ID that globally identifies a mobile subscriber. It is composed of two parts, PLMN ID and MSIN, as shown in Figure below. A PLMN ID is an ID that globally identifies a mobile operator (e.g. combination of MCC (450) and MNC (05) for SK Telecom in Korea). MSIN is a unique ID that identifies a mobile subscriber within a mobile operator.
Then, why do mobile operators need to identify its mobile subscribers?
First because that way the operators can tell whether to allow a subscriber attempting to access their network (LTE network) or not. Second they need to identify their subscribers to decide which QoS policy (bandwidth, priority, etc.) to apply to each of them, and finally to charge for the services rendered to each subscriber.
When a user subscribes to a mobile network, the user gets a device and a USIM card (SIM card) that has an IMSI in it.
By then, the LTE network should already have the same IMSI registered as well. IMSIs are stored in an HSS and an SPR, the LTE entities. In the HSS, a key to be used along with an IMSI in authenticating subscribers, and QoS profile to be used by the user are stored. So, when users attempt to access (i.e. who send Attach Request message), the HSS (the MME on behalf of the HSS, to be accurate. See LTE Authentication for further explanation) denies the users with an unregistered IMSI, but allows ones with a valid registered IMSI by delivering authentication information and QoS profile to the MME. An SPR works with an PCRF to apply a policy to a subscriber. We will revisit SPRs and PCRFs later sometime.
What is GUTI?
Now, we know what IMSI is. But, what is GUTI then?
As mentioned above, IMSI is one of the most important parameters that identify a subscriber. So, if it is exposed over radio link, serious security problem can be caused. Let's say, a hacker somehow finds out your IMSI over the radio link and uses the IMSI in his device. He can disguise himself as you and use LTE services without paying a penny. Then, you will end up paying for the services that you don't use. (Of course, you can fix this problem through device authentication (using the unique serial number). We will not talk about how you fix it now, though.
So, to keep an IMSI secure, an alternate value that a subscriber (UE) can use instead of the IMSI (whenever possible) to access the LTE network was needed. That is why GUTI is used. Unlike an IMSI, a GUTI is not permanent and is changed into a new value whenever generated.
When a UE initially attaches to an LTE network (e.g. turning on the UE), it sends its IMSI to the network for authentication to have itself identified. In other words, it uses the IMSI as its ID. Once connection is established (i.e. once successfully authenticated), the network (MME) delivers a GUTI value through Attach Accept message to the UE, which then remembers the value to use it as its ID instead of the IMSI when it re-attaches to the network (i.e. when it is turned off and then on again later).
The network (MME) can also allocate a GUTI to a UE during TAU process. That is, the GUTI, the temporary ID that identifies the UE, can be changed into a new value even while the UE stays attached to the network.
The network also remembers the GUTI value it allocated to the UE, and thus can recognize the UE even when it requests access using the GUTI, not the IMSI.
As such, since "GUTIs that are temporary values and can be changed as needed" are used as IDs for UEs, they have a greater chance of staying secure even when exposed frequently over the radio link.
The format of a GUTI is illustrated in the lower part of the following figure. Since a GUTI is allocated by an MME, it contains an MME identifier (MMEI) that shows which MME allocates the GUTI and an M-TMSI, a temporary value that uniquely identifies a subscriber in that particular MME.
|
|
Register | About Us | Sponsor Channel Service (Korean Market) | Advertise | Contact Us | LinkedIn | Our Korean Site
|
|||
|
HQ: 201, Hanho Building 33, Nonhyeon-ro 64-gil, Gangnam-gu, Seoul, 06228, Rep. of KOREA Netmanias USA: 5214 36th Ave. NE Seattle, WA 98105 USA Netmanias was founded in year 2002, and provides in-depth analysis and overview of 4G & 5G mobile, IoT, SDN/NFV, Gigabit Internet and video streaming technologies as well as trends in the evolution of Korean operators’ networks and services Copyright ⓒ 2002-2023 NMC Consulting Group. All rights reserved. |
||||
Cant we use the same IP address allocated for a UE to connect multiple PDNs? Why different IPs for each PDN?
No, IP address shall be different for each PDN connection because there should be ONLY ONE default bearer per PDN.
TS 23.401
5.3.1 IP address allocation
The IP address allocated for the default bearer shall also be used for the dedicated bearers within the same PDN connection. IP address allocation for PDN connections, which are activated by the UE requested PDN connectivity procedure, is handled with the same set of mechanisms as those used within the Attach procedure.
* Default Bearer: The EPS bearer which is first established for a new PDN connection and remains established throughout the lifetime of the PDN connection.
I hope this will be helpful for you. (source: http://lteuniversity.com/ask_the_expert/f/59/t/2435.aspx)
Why multiple IP addresses are needed, if at all. This is more of a practical implementation discussion. IF the UE asks to be connected to two different APNs (Access Point Name) (please note the emphasis on the If) AND IF the Service Provider has implemented the APNs on two different PGWs then the UE will be setup with two PDN Connections and each of the PGWs will give the UE a different IP address. Remember, as far as the external routers are concerned the packets are coming from a PGW and the IP addresses are at the PGW and the packets destined for the UE must be sent to the PGW. It is the PGW that knows which EPS bearer to tunnel these packets through. Does the Service Provider have to configure the APNs in two separate PGWs - NO. But, for larger networks and as an example networks who serve multiple end user clients the Service Providers are almost required through their Service Level Agreements (SLAs) to take this approach.
can you explain me GUTI concept and ghummi concept in lte attach
can you explain usim and usim secret key
Refer to the LTE Authentication section of Netmanias https://www.netmanias.com/en/?m=view&id=techdocs&no=5902. For details of the Auth algorithms refer to spec 33205, 33206 and 33208
That helped me in understanding the concept. Thank's!!