7/29/2019 06103817

1/3

EIR Based Mobile Communication Network Security Technology

Dong HuiSchool of command automation

PLA University of Science and Technology

Nan Jing, China

e-mail:zlqydh@gmail.com

Huan LeiSchool of command automation

PLA University of Science and Technology

Nan Jing, China

e-mail:zzzhi1981@163.com

AbstractBased on EIRs MS (mobile station) legality control

ability, discuss on how to improved mobile communication

network security. Innovative ideas are proposed to enhance

network security. Indicate the role of EIR deployment in

communication network security.

Keywords: EIR, Network Security, MS control

I. INTRODUCTIONCell phone is the representative of MS, the MS is basic

device that subscriber used to access and enjoy mobilenetwork service. In recent years, the mobile terminaltechnology gets rapid development. Various types ofterminals access to the mobile network. This greatlyfacilitates the subscribers mobile communications activities.However, different strong MS technologies require differentmobile network resources. It impact on mobile networksecurity.

With the development of international and domesticsituation, violent crime, smuggling, theft and other incidents

have occurred, more and more countries began to requireoperators to deploy the EIR to improve network security,protect MS manufacturers legitimate interests, and combatthe smuggling of communication terminal and theft, to builda harmonious society.

II. EIRARCHITECTUREEIR [1] (Equipment Identity Register [2]), is launched in

2004 by GSM mobile operators worldwide businessassociations. As defined in the 3GPP 23.002[3], EIRequipment is located as a core network element in theGSM/UMTS networks. It focuses on the MS legalitymanagement. The EIR position in the mobile network shownin Figure 1

Figure1 EIR position in the mobile network

From the above architecture we can see, the EIR is one ofNEs in core network: the MSC inter-working with EIR tocontrol the MS in CS domain via F reference point; and theSGSN inter-working with EIR to control the MS in PSdomain via Gf reference point.

Each MS has an identity, called IMEI [4] (International

Mobile Equipment Identity). The MS legality check is tocheck the IMEI status and then decide whether allow the MSto access the network. The legality check process shows asfollowing:

When the subscriber access the network or make call, theMSC/SGSN will send MAP_CHECK_IMEI [5] messages toEIR for querying the IMEI status, After get the IME status,the MSC/SGSN controls whether to allow the terminal toaccess the network. Three list is defined in EIR withdifferent MS control strategy:

- Black list: Reject the MS to access mobile network- White list: Allow the MS to access mobile network- Grey list: The operator can define whether to allow the

MS to access mobile network

According to the MS legality control principle, we canimprove the mobile communication network security by thefollowing methods.

III. IMPROVENETWORKSECURITY METHODSA. Legitimate MS control

When the MS enter the market through legal means,national functional department (e.g. CommunicationAuthority) can site these MSs IMEI number to the white list,the other MS set to black or gray list. In this way, only theMS that entry into the market by legitimate means andpermit to use by government and operator can use the mobilenetwork. This can effective combat on MS smuggling and

improve network security. Figure 2 shows the legitimate MScontrol function.

2011 Third International Conference on Multimedia Information Networking and Security

978-0-7695-4559-2/11 $26.00 2011 IEEE

DOI 10.1109/MINES.2011.136

478

2011 Third International Conference on Multimedia Information Networking and Security

978-0-7695-4559-2/11 $26.00 2011 IEEE

DOI 10.1109/MINES.2011.136

477

7/29/2019 06103817

2/3

Figure 2 shows the legitimate MS control function.

After the Cell phone robbery or theft, the legitimatesubscriber can go to the service center, and apply for settingphone's IMEI to blacklist. If the subscriber can not directlyprovide the IMEI number, operators can retrieve the IMEInumber according to the mobile phone use records based oncell phone number and set the IMEI number to the blacklist.The phone will not be able to access the network. Theoffender lacks the driving, and cell phone crime is reducednaturally. This can help to create a harmonious society.

If the terminal state exception, the EIR can send SMS forthe MS in grey list or send email for the MS in black list toinform them with the cause of the exception. Not onlyimproves network security, but also reflects the operator'shuman care, to improve the user's satisfaction, increasecustomer stickiness.

B. Copy-Card prevent SolutionCopy card, also known as clone card, is a technology that

copying the contents of the SIM card to another SIM card. Ifclone card is used without lawful subscriber permission,there will be "I make call, you pay for the bill" phenomenon.Serious damage to the legitimate subscribers rights andinterests, and violated the subscribers privacy.

As the two cards with exactly same information, it is hardto get the problem evidence. This will cause disputesbetween operator and subscriber, make subscriber distrustthe operator. Affect the operator's brand. In order to solvethis problem, Operators has been exploring differentsolutions for a long time. After EIR deployment, the MSlegality check function can effectively prevent the generationof clone cards. There are two options solution: active defenseand static checking.

- Active defense: The subscriber bind the cell phone andSIM card in service center, indicating that the SIM card canonly be used on the specified one or a few phone. When thesubscriber accesses the network, the EIR will detect therelationship between IMEI and IMSI. If do not meet the

binding requirements, it will send blacklist status informationto the MSC/SGSN, then the subscriber will be denied accessnetwork. Achieve the clone card can not be used purpose.

- Static checking: As the copy card will be used indifferent MS, the card will be much more frequently accessto the network to normal subscriber, this will result the IMEIand IMSI mate record frequently changes. The operators canperiodically analyze EIR database, according to therelationship between the IMEI and IMSI's replacement,

determine a suspect clone card users and inform subscriber.If suspected crime, operators can provide IMEI/IMSIactivities region information to help the police solve the caseas soon as possible.

C. MS based network resource protectionIf the Mobile communication network keeps

continuously running under normal load conditions, it willgreatly improve the network reliability and security. Thenetwork access mechanisms of current variety MS isdifferent, results the consumption of network resources arenot the same. For example, the following two scenarios canbe achieved through the EIR on the communication networkto protect and improve the network security.

- In the earthquakes, hurricanes and other disastersregion, the communication network resources always is lack.Operators can disable the high consumption networkresources MS access PS domain network, but can access CSdomain network. Thus more network resources allocated toemergency use for most subscribers. It will improvecommunication network security, help people quickly

recover from the disaster, reflecting the operators socialresponsibility, and enhance operator brand.

- During the recovery process after the devices failurerepaired, the operations of these devices are weak, oncesubjected to the impact of high-load operations, may causethe device not resume. One recommended strategy is toreject the high consumption network resources MS accessnetwork. After the Mobile network is completely restored tonormal, then allow these MS access the network, therebyenhancing fault repair efficiency and accuracy.

D. Enhanced security on terminal servicesSome service providers, for security considerations,

require authentication by using mobile phone, that is, the

user can make call using specified phone number to servicecenter for change password, account information. If the userchanges phone numbers, it will cause inconvenience to users.In this case, service providers can cooperate with operatorsto support authentication by Cell phone number or cell phone,this can provide safe and convenient service to users. Theoperator also can get profit from open EIR data to serviceprovider.

In order to ensure the legitimate interests of the users,before using a credit card, the bank will ask the user to activethe card by using the specified phone number. However, ifthe user's card is cloned, the user will cause potentialinterests harm. If the bank required to active card by bothspecific phone number and IMEI, it will more safe to user.

IV. CONCLUSIONThis dissertation discussed EIR values. Explore how to

enhance the mobile communication network security throughthe EIR's innovative ideas, and initiate gives severalscenarios and solutions. By deployment of the EIR, it canenhance network security, improve customer satisfaction,and with the government to build a harmonious society.

479478

7/29/2019 06103817

3/3

REFERENCES

[1] [1] Tian Hui, Kang Guixia, Li Yinong. . POSTS&TELECOM PRESS. 2007.

[2] [2] 3GPP TR 21.905 V7.1.0, Vocabulary for 3GPP Specifications,2006.03.

[3] [3] 3GPP TS 23.002 V7.6.0, Network architecture, 2008.12.[4] [4] 3GPP TS 22.016 V7.1.0, International Mobile station Equipment

Identities (IMEI), 2008.12.

[5] [5] 3GPP TS 29.002 V7.1.0, Mobile Application Part (MAP)specification, 2005.10.

480479