rfc2636.txt
来自「RFC 的详细文档!」· 文本 代码 · 共 1,582 行 · 第 1/5 页
TXT
1,582 行
Network Working Group R. Gellens
Request for Comments: 2636 Qualcomm
Obsoletes: 2604 July 1999
Category: Informational
Wireless Device Configuration (OTASP/OTAPA) via ACAP
Status of this Memo
This memo provides information for the Internet community. It does
not specify an Internet standard of any kind. Distribution of this
memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (1999). All Rights Reserved.
Abstract
Wireless carriers today are faced with creating more efficient
distribution channels, increasing customer satisfaction, while also
improving margin and profitability. Industry trends are pushing the
sale of handsets further into the retail channel. The cost and
effort of provisioning handsets, activating users, and updating
handset parameters can be greatly reduced by using over-the-air
activation mechanisms. A comprehensive and extensible means for
over-the-air provisioning and handset parameter updating is required.
One approach is to purchase EIA/TIA/IS-683A (Over-the-air Service
Provisioning of Mobile Stations in Spread Spectrum Systems)
equipment. The cost of this has led carriers to seek alternative
solutions. A very viable means for providing over-the-air (OTA)
provisioning is to leverage the rollout of IS-707 data services
equipment, which most carriers are in the process of deploying. This
paper presents an approach to OTA provisioning that utilizes the
deployment of IS-707 to deliver OTA provisioning and parameter
upgrading.
IS-707 data services makes available several methods of providing
over-the-air provisioning and parameter updating. A well thought-out
approach utilizing Internet-based open standard mechanisms can
provide an extensible platform for further carrier service offerings,
enhanced interoperability among back-end services, and vendor
independence.
This paper describes a viable and attractive means to provide
OTASP/OTAPA via IS-707, using the ACAP [ACAP] protocol.
Gellens Informational [Page 1]
RFC 2636 OTASP/OTAPA via ACAP July 1999
Table of Contents
1. Terms . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Feature Descriptions . . . . . . . . . . . . . . . . . . . 6
2.1. OTASP Feature Description . . . . . . . . . . . . . . . 6
2.2. OTAPA Feature Description . . . . . . . . . . . . . . . 6
3. Operation . . . . . . . . . . . . . . . . . . . . . . . . . 7
3.1. Initial Provisioning Activity . . . . . . . . . . . . . 7
3.2. OTASP for Authorized Users . . . . . . . . . . . . . . . 8
3.3. OTAPA Activity . . . . . . . . . . . . . . . . . . . . 8
4. Requirements . . . . . . . . . . . . . . . . . . . . . . . . 9
4.1. General Requirements . . . . . . . . . . . . . . . . . 9
4.2. OTASP Requirements . . . . . . . . . . . . . . . . . . . 9
4.3. OTAPA Requirements . . . . . . . . . . . . . . . . . . 10
4.4. Provisioning Server Requirements . . . . . . . . . . . . 10
4.5. Security Requirements . . . . . . . . . . . . . . . . . 11
5. Architecture . . . . . . . . . . . . . . . . . . . . . . . . 11
5.1. ACAP over TCP/IP . . . . . . . . . . . . . . . . . . . 11
5.1.1. Mobile Authentication and A-Key Generation . . . . . 12
5.1.2. Mobile Identification . . . . . . . . . . . . . . . 12
5.1.3. ACAP Server . . . . . . . . . . . . . . . . . . . . 12
5.1.4. Overview of ACAP Structure . . . . . . . . . . . . 13
5.1.5. Data Organization and Capabilities . . . . . . . . . 13
5.1.5.1. Structure . . . . . . . . . . . . . . . . . . . 14
5.1.5.2. Conventions . . . . . . . . . . . . . . . . . . 15
5.1.5.3. Dataset . . . . . . . . . . . . . . . . . . . . 15
5.1.5.4. Entries and Attributes . . . . . . . . . . . . . 15
5.1.5.5. NAM Records . . . . . . . . . . . . . . . . . . 16
5.1.5.6. Server Roaming Lists . . . . . . . . . . . . . . 17
5.1.5.7. Requested-Data Record . . . . . . . . . . . . . 18
5.1.5.8. Sample Server Entry . . . . . . . . . . . . . . 18
5.1.6. Administrative Client . . . . . . . . . . . . . . . 19
5.1.7. Mobile Client . . . . . . . . . . . . . . . . . . . 20
5.2. WAP with ACAP . . . . . . . . . . . . . . . . . . . . . 22
5.3. Network-Resident vs. Configuration Data . . . . . . . . 23
5.4. Intellectual Property Issues . . . . . . . . . . . . . 23
6. Handset Protocol Suites . . . . . . . . . . . . . . . . . . 23
6.1. ACAP over TCP/IP . . . . . . . . . . . . . . . . . . . 23
7. IS-683A Compatibility . . . . . . . . . . . . . . . . . . . 24
7.1. OTASP Operations . . . . . . . . . . . . . . . . . . . 24
7.2. OTASP Call Flow . . . . . . . . . . . . . . . . . . . . 24
7.3. OTAPA Operations . . . . . . . . . . . . . . . . . . . 24
7.4. OTAPA Call Flow . . . . . . . . . . . . . . . . . . . . 25
8. Alternative Methods . . . . . . . . . . . . . . . . . . . . 25
8.1. IS-683A over TCP/IP . . . . . . . . . . . . . . . . . . 25
8.1.1. OTAF Server . . . . . . . . . . . . . . . . . . . . 25
8.1.2. Interface Application . . . . . . . . . . . . . . . 26
8.1.3. Protocol Handset Suite . . . . . . . . . . . . . . 26
Gellens Informational [Page 2]
RFC 2636 OTASP/OTAPA via ACAP July 1999
8.2. Browser-Based Forms . . . . . . . . . . . . . . . . . . 26
9. Conclusion . . . . . . . . . . . . . . . . . . . . . . . . 27
10. References . . . . . . . . . . . . . . . . . . . . . . . . 28
11. Security Considerations . . . . . . . . . . . . . . . . . 28
12. Acknowledgments . . . . . . . . . . . . . . . . . . . . . 28
13. Author's Address . . . . . . . . . . . . . . . . . . . . 28
14. Full Copyright Statement . . . . . . . . . . . . . . . . . 29
1. Terms
Application Configuration Access Protocol (ACAP) -- An Internet
protocol (RFC-2244) that provides remote storage and access of
configuration and preference information.
Activation -- A process in which a mobile station and network become
programmed so that a mobile station becomes operable and can be used
for cellular service once authorized by the service provider.
Authentication -- A procedure used to validate a mobile station's
identity.
Authentication Center -- An entity that manages the authentication
information related to the mobile station.
Authentication Key (A-key) -- A secret 64-bit pattern stored in the
mobile station. It is used to generate and update the mobile
station's shared secret data. The A-key is used in the
authentication process.
Authorization -- An action by a service provider to make cellular
service available to a subscriber.
Call -- A temporary communication between telecommunications users
for the purpose of exchanging information. A call includes the
sequence of events that allocates and assigns resources and signaling
channels required to establish a communications connection.
Cellular Service Provider -- A licensee of the responsible government
agency (in the U.S. a licensee of the Federal Communications
Commission) authorized to provide Cellular Radiotelephone Service.
Challenge/Response Authentication Mechanism using Message Digest 5
(CRAM-MD5) -- An authentication mechanism which is easy to implement,
and provides reasonable security against various attacks, including
replay. Supported in a variety of Internet protocols. Specified as
baseline mechanism in ACAP. CRAM-MD5 is published as RFC 2195.
Gellens Informational [Page 3]
RFC 2636 OTASP/OTAPA via ACAP July 1999
Code Division Multiple Access -- A technique for spread-spectrum
multiple-access digital communications that creates channels through
the use of unique code sequences.
Customer Service Center -- An entity of a service provider that
provides user support and assistance to subscribers.
Customer Service Representative -- A person that operates from a
customer service center and provides user support and assistance to
subscribers.
Diffie-Hellman Algorithm -- A public-key cryptography algorithm for
exchanging secret keys. Uses the equation , where k is the secret
key. The equation is executed by each party of the session based on
the exchange of independently generated public values.
Digits -- Digits consist of the decimal integers 0,1,2,3,4,5,6,7,8,
and 9.
Dual-mode Mobile Station -- A mobile station capable of both analog
and digital operation.
Electronic Serial Number (ESN) -- A 32-bit number assigned by the
mobile station manufacturer used to identify a mobile station. The
ESN is unique for each legitimate mobile station.
Home Location Registry (HLR) -- The location register or database to
which a MIN is assigned for record purposes such as subscriber
information.
Message Digest 5 (MD5) -- A one-way cryptographic hash function.
Widely deployed in Internet protocols. Published as RFC 1321.
Mobile Identification Number (MIN) -- The 10-digit number that
represents a mobile station's directory number.
Mobile Station (MS) -- A station, fixed or mobile, which serves as
the end user's wireless communications link with the base station.
Mobile stations include portable units (e.g., hand-held personal
units) and units installed in vehicles.
Mobile Switching Center (MSC) -- A configuration of equipment that
provides cellular radiotelephone service.
Mobile Terminal Authorizing System (MTAS) -- A control system that
provides the capability to load the CDMA network HLR with mobile
station profile information.
Gellens Informational [Page 4]
RFC 2636 OTASP/OTAPA via ACAP July 1999
Number Assignment Module (NAM) -- The mobile station's electronic
memory module where the MIN and other subscriber-specific parameters
are stored. Mobile stations that have multi-NAM features offer users
the option of using their units in several different markets by
registering with a local number in each location.
Over-the-air Service Provisioning Function (OTAF) -- A configuration
of network equipment that controls OTASP functionality and messaging
protocol.
Over-the-air Parameter Administration (OTAPA) -- Network initiated
OTASP process of provisioning mobile station operational parameters
over the air interface.
Over-the-air Service Provisioning (OTASP) -- A process of
provisioning mobile station operational parameters over the air
interface.
Quick-Net-Connect (QNC) -- An IS-707 data service capability that
utilizes the Async Data Service Option number but bypasses the modem
connection for a direct connection to an IP-based internet.
Roamer -- A mobile station operating in a cellular system or network
other than the one from which service was subscribed.
Simple Authentication and Security Layer (SASL) -- An Internet
protocol (RFC-2222) that provides a framework for negotiating
authentication and encryption mechanisms.
Service Provider -- A company, organization, business, etc. which
sells, administers, maintains, and charges for the service. The
service provider may or may not be the provider of the network.
Shared Secret Data (SSD) -- A 128-bit pattern stored in the mobile
station (in semi-permanent memory) and known by the network. The A-
key is used to generate the SSD at the network and in the mobile
station for comparison.
Wireless Application Protocol (WAP) -- A set of network and
application protocols including a datagram protocol (WDP), Transport
Layer Security (WTLS), Transaction Protocol (WTP), Session Protocol
(WSP), and Application Environment (WAE), which use carrier-based
gateways to enable wireless devices to access Web resources. See
<http://www.wapforum.org> for specifications and details.
Gellens Informational [Page 5]
RFC 2636 OTASP/OTAPA via ACAP July 1999
2. Feature Descriptions
2.1. OTASP Feature Description
The Over the Air Service Provisioning (OTASP) feature allows a
potential wireless service subscriber to activate new wireless
services, and allows an existing wireless subscriber to make
services changes without the intervention of a third party. OTASP
includes the following:
* A way to establish a user profile.
* "Over-The-Air" programming of a Number Assignment Module (NAM),
IMSI and Roaming Lists, including Data option parameters, and
optionally, service provider or manufacturer specific parameters
(e.g., lock code, call timer).
* An Authentication Key (A-key) Generation procedure.
* A-key storage
2.2. OTAPA Feature Description
The Over-the-Air Parameter Administration (OTAPA) feature allows
wireless service providers to update a NAM, IMSI, and Roaming List
information in the mobile station remotely without the intervention
of a third party. This capability increases flexibility and reduces
costs for carriers involved with mass changes that affect every
handset, such as area-code splits.
⌨️ 快捷键说明
复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?