rfc2636.txt

<VC++网络游戏建摸与实现>源代码

Network Working Group                                       R. Gellens
Request for Comments: 2636                                    Qualcomm
Obsoletes: 2604                                              July 1999
Category: Informational


          Wireless Device Configuration (OTASP/OTAPA) via ACAP

Status of this Memo

   This memo provides information for the Internet community.  It does
   not specify an Internet standard of any kind.  Distribution of this
   memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (1999).  All Rights Reserved.

Abstract

   Wireless carriers today are faced with creating more efficient
   distribution channels, increasing customer satisfaction, while also
   improving margin and profitability.  Industry trends are pushing the
   sale of handsets further into the retail channel.  The cost and
   effort of provisioning handsets, activating users, and updating
   handset parameters can be greatly reduced by using over-the-air
   activation mechanisms.  A comprehensive and extensible means for
   over-the-air provisioning and handset parameter updating is required.

   One approach is to purchase EIA/TIA/IS-683A (Over-the-air Service
   Provisioning of Mobile Stations in Spread Spectrum Systems)
   equipment.  The cost of this has led carriers to seek alternative
   solutions.  A very viable means for providing over-the-air (OTA)
   provisioning is to leverage the rollout of IS-707 data services
   equipment, which most carriers are in the process of deploying.  This
   paper presents an approach to OTA provisioning that utilizes the
   deployment of IS-707 to deliver OTA provisioning and parameter
   upgrading.

   IS-707 data services makes available several methods of providing
   over-the-air provisioning and parameter updating.  A well thought-out
   approach utilizing Internet-based open standard mechanisms can
   provide an extensible platform for further carrier service offerings,
   enhanced interoperability among back-end services, and vendor
   independence.

   This paper describes a viable and attractive means to provide
   OTASP/OTAPA via IS-707, using the ACAP [ACAP] protocol.



Gellens                      Informational                      [Page 1]

RFC 2636                  OTASP/OTAPA via ACAP                 July 1999


Table of Contents

   1.  Terms  . . . . . . . . . . . . . . . . . . . . . . . . . . .  3
   2.  Feature Descriptions  . . . . . . . . . . . . . . . . . . .   6
     2.1.  OTASP Feature Description  . . . . . . . . . . . . . . .  6
     2.2.  OTAPA Feature Description . . . . . . . . . . . . . . .   6
   3.  Operation  . . . . . . . . . . . . . . . . . . . . . . . . .  7
     3.1.  Initial Provisioning Activity . . . . . . . . . . . . .   7
     3.2.  OTASP for Authorized Users . . . . . . . . . . . . . . .  8
     3.3.  OTAPA Activity  . . . . . . . . . . . . . . . . . . . .   8
   4.  Requirements . . . . . . . . . . . . . . . . . . . . . . . .  9
     4.1.  General Requirements  . . . . . . . . . . . . . . . . .   9
     4.2.  OTASP Requirements  . . . . . . . . . . . . . . . . . . . 9
     4.3.  OTAPA Requirements  . . . . . . . . . . . . . . . . . .  10
     4.4.  Provisioning Server Requirements . . . . . . . . . . . . 10
     4.5.  Security Requirements . . . . . . . . . . . . . . . . .  11
   5.  Architecture . . . . . . . . . . . . . . . . . . . . . . . . 11
     5.1.  ACAP over TCP/IP  . . . . . . . . . . . . . . . . . . .  11
       5.1.1.  Mobile Authentication and A-Key Generation . . . . . 12
       5.1.2.  Mobile Identification . . . . . . . . . . . . . . .  12
       5.1.3.  ACAP Server  . . . . . . . . . . . . . . . . . . . . 12
       5.1.4.  Overview of ACAP Structure  . . . . . . . . . . . .  13
       5.1.5.  Data Organization and Capabilities . . . . . . . . . 13
         5.1.5.1.  Structure . . . . . . . . . . . . . . . . . . .  14
         5.1.5.2.  Conventions  . . . . . . . . . . . . . . . . . . 15
         5.1.5.3.  Dataset . . . . . . . . . . . . . . . . . . . .  15
         5.1.5.4.  Entries and Attributes . . . . . . . . . . . . . 15
         5.1.5.5.  NAM Records . . . . . . . . . . . . . . . . . .  16
         5.1.5.6.  Server Roaming Lists . . . . . . . . . . . . . . 17
         5.1.5.7.  Requested-Data Record . . . . . . . . . . . . .  18
         5.1.5.8.  Sample Server Entry  . . . . . . . . . . . . . . 18
       5.1.6.  Administrative Client . . . . . . . . . . . . . . .  19
       5.1.7.  Mobile Client  . . . . . . . . . . . . . . . . . . . 20
     5.2.  WAP with ACAP . . . . . . . . . . . . . . . . . . . . .  22
     5.3.  Network-Resident vs. Configuration Data  . . . . . . . . 23
     5.4.  Intellectual Property Issues  . . . . . . . . . . . . .  23
   6.  Handset Protocol Suites  . . . . . . . . . . . . . . . . . . 23
     6.1.  ACAP over TCP/IP  . . . . . . . . . . . . . . . . . . .  23
   7.  IS-683A Compatibility  . . . . . . . . . . . . . . . . . . . 24
     7.1.  OTASP Operations  . . . . . . . . . . . . . . . . . . .  24
     7.2.  OTASP Call Flow  . . . . . . . . . . . . . . . . . . . . 24
     7.3.  OTAPA Operations  . . . . . . . . . . . . . . . . . . .  24
     7.4.  OTAPA Call Flow  . . . . . . . . . . . . . . . . . . . . 25
   8.  Alternative Methods . . . . . . . . . . . . . . . . . . . .  25
     8.1.  IS-683A over TCP/IP  . . . . . . . . . . . . . . . . . . 25
       8.1.1.  OTAF Server . . . . . . . . . . . . . . . . . . . .  25
       8.1.2.  Interface Application  . . . . . . . . . . . . . . . 26
       8.1.3.  Protocol Handset Suite  . . . . . . . . . . . . . .  26



Gellens                      Informational                      [Page 2]

RFC 2636                  OTASP/OTAPA via ACAP                 July 1999


     8.2.  Browser-Based Forms  . . . . . . . . . . . . . . . . . . 26
   9.  Conclusion  . . . . . . . . . . . . . . . . . . . . . . . .  27
   10.  References . . . . . . . . . . . . . . . . . . . . . . . .  28
   11.  Security Considerations . . . . . . . . . . . . . . . . .   28
   12.  Acknowledgments  . . . . . . . . . . . . . . . . . . . . .  28
   13.  Author's Address  . . . . . . . . . . . . . . . . . . . .   28
   14.  Full Copyright Statement . . . . . . . . . . . . . . . . .  29

1.  Terms

   Application Configuration Access Protocol (ACAP) -- An Internet
   protocol (RFC-2244) that provides remote storage and access of
   configuration and preference information.

   Activation -- A process in which a mobile station and network become
   programmed so that a mobile station becomes operable and can be used
   for cellular service once authorized by the service provider.

   Authentication -- A procedure used to validate a mobile station's
   identity.

   Authentication Center -- An entity that manages the authentication
   information related to the mobile station.

   Authentication Key (A-key) -- A secret 64-bit pattern stored in the
   mobile station.  It is used to generate and update the mobile
   station's shared secret data.  The A-key is used in the
   authentication process.

   Authorization -- An action by a service provider to make cellular
   service available to a subscriber.

   Call -- A temporary communication between telecommunications users
   for the purpose of exchanging information.  A call includes the
   sequence of events that allocates and assigns resources and signaling
   channels required to establish a communications connection.

   Cellular Service Provider -- A licensee of the responsible government
   agency (in the U.S. a licensee of the Federal Communications
   Commission) authorized to provide Cellular Radiotelephone Service.

   Challenge/Response Authentication Mechanism using Message Digest 5
   (CRAM-MD5) -- An authentication mechanism which is easy to implement,
   and provides reasonable security against various attacks, including
   replay.  Supported in a variety of Internet protocols.  Specified as
   baseline mechanism in ACAP.  CRAM-MD5 is published as RFC 2195.





Gellens                      Informational                      [Page 3]

RFC 2636                  OTASP/OTAPA via ACAP                 July 1999


   Code Division Multiple Access -- A technique for spread-spectrum
   multiple-access digital communications that creates channels through
   the use of unique code sequences.

   Customer Service Center -- An entity of a service provider that
   provides user support and assistance to subscribers.

   Customer Service Representative -- A person that operates from a
   customer service center and provides user support and assistance to
   subscribers.

   Diffie-Hellman Algorithm -- A public-key cryptography algorithm for
   exchanging secret keys.  Uses the equation , where k is the secret
   key.  The equation is executed by each party of the session based on
   the exchange of independently generated public values.

   Digits -- Digits consist of the decimal integers 0,1,2,3,4,5,6,7,8,
   and 9.

   Dual-mode Mobile Station -- A mobile station capable of both analog
   and digital operation.

   Electronic Serial Number (ESN) -- A 32-bit number assigned by the
   mobile station manufacturer used to identify a mobile station.  The
   ESN is unique for each legitimate mobile station.

   Home Location Registry (HLR) -- The location register or database to
   which a MIN is assigned for record purposes such as subscriber
   information.

   Message Digest 5 (MD5) -- A one-way cryptographic hash function.
   Widely deployed in Internet protocols.  Published as RFC 1321.

   Mobile Identification Number (MIN) -- The 10-digit number that
   represents a mobile station's directory number.

   Mobile Station (MS) -- A station, fixed or mobile, which serves as
   the end user's wireless communications link with the base station.
   Mobile stations include portable units (e.g., hand-held personal
   units) and units installed in vehicles.

   Mobile Switching Center (MSC) -- A configuration of equipment that
   provides cellular radiotelephone service.

   Mobile Terminal Authorizing System (MTAS) -- A control system that
   provides the capability to load the CDMA network HLR with mobile
   station profile information.




Gellens                      Informational                      [Page 4]

RFC 2636                  OTASP/OTAPA via ACAP                 July 1999


   Number Assignment Module (NAM) -- The mobile station's electronic
   memory module where the MIN and other subscriber-specific parameters
   are stored.  Mobile stations that have multi-NAM features offer users
   the option of using their units in several different markets by
   registering with a local number in each location.

   Over-the-air Service Provisioning Function (OTAF) -- A configuration
   of network equipment that controls OTASP functionality and messaging
   protocol.

   Over-the-air Parameter Administration (OTAPA) -- Network initiated
   OTASP process of provisioning mobile station operational parameters
   over the air interface.

   Over-the-air Service Provisioning (OTASP) -- A process of
   provisioning mobile station operational parameters over the air
   interface.

   Quick-Net-Connect (QNC) -- An IS-707 data service capability that
   utilizes the Async Data Service Option number but bypasses the modem
   connection for a direct connection to an IP-based internet.

   Roamer -- A mobile station operating in a cellular system or network
   other than the one from which service was subscribed.

   Simple Authentication and Security Layer (SASL) -- An Internet
   protocol (RFC-2222) that provides a framework for negotiating
   authentication and encryption mechanisms.

   Service Provider -- A company, organization, business, etc. which
   sells, administers, maintains, and charges for the service.  The
   service provider may or may not be the provider of the network.

   Shared Secret Data (SSD) -- A 128-bit pattern stored in the mobile
   station (in semi-permanent memory) and known by the network.  The A-
   key is used to generate the SSD at the network and in the mobile
   station for comparison.

   Wireless Application Protocol (WAP) -- A set of network and
   application protocols including a datagram protocol (WDP), Transport
   Layer Security (WTLS), Transaction Protocol (WTP), Session Protocol
   (WSP), and Application Environment (WAE), which use carrier-based
   gateways to enable wireless devices to access Web resources.  See
   <http://www.wapforum.org> for specifications and details.







Gellens                      Informational                      [Page 5]

RFC 2636                  OTASP/OTAPA via ACAP                 July 1999


2.  Feature Descriptions

2.1.  OTASP Feature Description

    The Over the Air Service Provisioning (OTASP) feature allows a
    potential wireless service subscriber to activate new wireless
    services, and allows an existing wireless subscriber to make
    services changes without the intervention of a third party.  OTASP
    includes the following:

    * A way to establish a user profile.

    * "Over-The-Air" programming of a Number Assignment Module (NAM),
    IMSI and Roaming Lists, including Data option parameters, and
    optionally, service provider or manufacturer specific parameters

    (e.g., lock code, call timer).

    * An Authentication Key (A-key) Generation procedure.

    * A-key storage

2.2.  OTAPA Feature Description

    The Over-the-Air Parameter Administration (OTAPA) feature allows
    wireless service providers to update a NAM, IMSI, and Roaming List
    information in the mobile station remotely without the intervention
    of a third party.  This capability increases flexibility and reduces
    costs for carriers involved with mass changes that affect every
    handset, such as area-code splits.

    OTAPA includes the following:

    * Update a user's Number Assignment Module (NAM)

    * Update Data option parameters

    * Update service provider or manufacturer specific parameters (e.g.,
    Server address(es), lock code, call timer).