Read Microsoft Word - ns0011_1.doc text version

3GPP2 N.S0011-0 Version 1.0

OTASP and OTAPA

COPYRIGHT

3GPP2 and its Organizational Partners claim copyright in this document and individual Organizational Partners may copyright and issue documents or standards publications in individual Organizational Partner's name based on this document. Requests for reproduction of this document should be directed to the 3GPP2 Secretariat at [email protected] Requests to reproduce individual Organizational Partner's documents should be directed to that Organizational Partner. See www.3gpp2.org for more information.

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

CELLULAR RADIOTELECOMMUNICATIONS INTERSYSTEM OPERATIONS Over-The-Air Service Provisioning (OTASP) & Parameter Administration (OTAPA)

CONTENTS

CONTENTS ................................................................................................................................................. iii LIST OF FIGURES ..................................................................................................................................... xi LIST OF TABLES ..................................................................................................................................... xiii FOREWORD .............................................................................................................................................. xv Editorial Conventions................................................................................................................................ xvi REVISION HISTORY ............................................................................................................................. xvii 1 INTRODUCTION .......................................................................................................................... 1 1.1 1.2 1.3 1.4 2 OBJECTIVE ...................................................................................................................... 1 SCOPE ............................................................................................................................... 1 ORGANIZATION ............................................................................................................. 1 GENERAL BACKGROUND AND ASSUMPTIONS ...................................................... 1

SUBSCRIBER FEATURE DESCRIPTION ................................................................................ 3 2.1 Over the Air Service Provisioning (OTASP) ..................................................................... 3 2.1.1 Normal Procedures With Successful Outcome .................................................... 4 2.1.2 Exception Procedures or Unsuccessful Outcome................................................. 7 2.1.3 Alternative Procedures......................................................................................... 8 2.1.4 Interactions With Other Services ......................................................................... 9 2.1.5 Flowchart Example .............................................................................................. 9 Over the Air Parameter Administration (OTAPA)........................................................... 12 2.2.1 Normal Procedures With Successful Outcome .................................................. 12 2.2.2 Exception Procedures or Unsuccessful Outcome............................................... 13 2.2.3 Alternative Procedures....................................................................................... 14 2.2.4 Interactions With Other Services ....................................................................... 14

2.2

3

FUNCTIONAL OVERVIEW...................................................................................................... 18 3.1 3.2 3.3 3.4 Normative References (TIA/EIA-41.1-D, Section 2.1).................................................... 18 Definitions (TIA/EIA-41.1-D, Section 3.1) ..................................................................... 18 Symbols and Abbreviations (TIA/EIA-41.1-D, Section 4) .............................................. 20 Network Reference Model (TIA/EIA-41.1-D, Section 5) ................................................ 21

Contents

iii

MAIN-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

3.5

Functional Entities (TIA/EIA-41.1-D, Section 5.1) ......................................................... 21 5.1.a Customer Service Center ................................................................................... 21 5.1.b Over-The-Air Service Provisioning Function .................................................... 21 Interface Reference Points (TIA/EIA-41.1-D, Section 5.2) ............................................. 22 5.2.a Reference Point D1 ............................................................................................ 22 5.2.b Reference Point N1 ............................................................................................ 22 5.2.c Reference Point Q1 ............................................................................................ 22 5.2.d Reference Point V .............................................................................................. 22 5.2.e Reference Point X .............................................................................................. 22

3.6

4C

AUTOMATIC ROAMING OPERATIONS - CDMA............................................................... 23 4.1 4.32 AuthenticationDirective (TIA/EIA-41.3-D, page 3-6) ..................................................... 24 4.1.C1 Transport Encryption Parameters to Serving MSC for OTASP......................... 25 SMSDeliveryPointToPoint (TIA/EIA-41.3-D, page 3-143) ............................................ 27 4.32.C1 Serving MSC Attachment to an OTAF............................................................ 28 4.32.C2 Exchange of OTASP Data Messages............................................................... 30 4.32.C3 OTAF Request to Initiate MSC Procedures..................................................... 31 SMSNotification (TIA/EIA-41.3-D, page 3-147) ......................................................... 33 SMSRequest (TIA/EIA-41.3-D, page 3-149)................................................................... 34 OTASPRequest ................................................................................................................ 35 4.CC.1 OTAF Request to Initiate AC Procedures.......................................................... 35 (New for TIA/EIA-41-D, Chapter 3) .................. 39

4.33 4.34 4.CC

5C 8

OVER-THE-AIR SCENARIOS -CDMA

OVER-THE-AIR SERVICE PROVISIONING SCENARIOS ................................................ 39 8.CC CDMA Over-the-Air Service Provisioning Scenarios ..................................................... 39 8.CC.1a Serving MSC Attached to the Initial and Desired CSC................................... 40 8.CC.1b Serving MSC Attached to the Initial and Desired CSC (ALT) ....................... 42 8.CC.2a OTASP Call Redirected from Initial CSC to Desired CSC - Initial OTAF not Attached to Serving MSC ............................................................................ 44 8.CC.2b Serving MSC Redirected from Initial CSC to Desired CSC .............................. 47 8.CC.2c OTASP Call Redirected from Initial CSC to Desired CSC - Initial OTAF Initially Attached to Serving MSC..................................................................... 50 8.CC.3 A-key Generation............................................................................................... 53 8.CC.4 SSD Update When SSD is Not Shared .............................................................. 56 8.CC.5 Re-Authentication for Voice Privacy, Message Encryption or Both ................. 61 8.CC.6 Exchange of OTASP Data Messages................................................................. 66 8.CC.7 AC Request to Commit A-key ........................................................................... 67 8.CC.8 AC Request to Release Resoures ....................................................................... 69 8.CC.9 Registration Following Successful OTASP ....................................................... 70 8.CC.10 Notification of Newly Assigned MIN or IMSI or Both Following Successful OTASP............................................................................................................... 72

9

OVER-THE-AIR PARAMETER ADMINISTRATION SCENARIOS .................................. 73 9.CC CDMA Over-the-Air Parameter Administration Scenarios ............................................. 73 9.CC.1 OTA Parameter Administration - Registration .................................................. 74 9.CC.2 OTA Parameter Administration - MS is Available ............................................ 75 9.CC.3 OTA Parameter Administration - Postponed at the HLR................................... 79

MAIN-OTA

iv

Contents

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

9.CC.4 OTA Parameter Administration - Delayed at the HLR...................................... 80 9.CC.5 Roaming to an OTAPA-Capable System with Pending Delivery...................... 82 Annex A (normative): Assumptions .......................................................................................................... 84 A.CC. Assumptions for CDMA OTASP and OTAPA Sessions ................................................. 84

Contents

v

MAIN-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6C

SIGNALING PROTOCOLS - CDMA........................................................................................ 85 6C.1 Operations ........................................................................................................................ 85 6C.1.1 General............................................................................................................... 85 5.1.2 Signaling Connection Control Part (TIA/EIA-41.5-D, page 5-8) ...................... 85 6.4.1.2 Operation Specifiers (TIA/EIA-41.5-D, page 5-24) .............. 87 6.4.2 Operation Definitions (TIA/EIA-41.5-D, page 5-27) ..................................... 87 6C.1.2 Modifications to Existing Operations ................................................................ 88 6.4.2.1 AuthenticationDirective (TIA/EIA-41.5-D, page 5-29) ............ 88 6.4.2.5 AuthenticationStatusReport (TIA/EIA-41.5-D, page 5-36)....... 90 6.4.2.6 BaseStationChallenge (TIA/EIA-41.5-D, page 5-38)................ 91 6.4.2.13 FeatureRequest (TIA/EIA-41.5-D, page 5-48) .......................... 92 6.4.2.37 RegistrationNotification (TIA/EIA-41.5-D, page 5-94) ............ 94 6.4.2.43 SMSDeliveryPointToPoint........................................................... 96 6.4.2.45 SMSRequest ................................................................................. 99 6C.1.3 New Operations ............................................................................................... 100 6.4.2.CC OTASPRequest........................................................................... 100 Parameters ...................................................................................................................... 103 6C.2.1 General............................................................................................................. 103 6.5.1.2 Parameter Identifiers (TIA/EIA-41.5-D, page 5-119) ............. 103 6C.2.2 Modifications to Existing Parameters .............................................................. 105 6.5.2.2 ActionCode................................................................................. 105 6.5.2.81 MobileIdentificationNumber (TIA/EIA-41.5-D, page 5-213). 107 6.5.2.122 SMS_AccessDeniedReason (TIA/EIA-41.5-D, page 5-256) .. 109 6.5.2.125 SMS_CauseCode (TIA/EIA-41.5-D, page 5-262)................... 111 6.5.2.138 SMS_TerminationRestrictions (TIA/EIA-41.5-D, page 5-285)116 6.5.2.145 SystemAccessType (TIA/EIA-41.5-D, page 5-296)................ 117 6.5.2.160 TransactionCapability................................................................. 118 6C.2.3 New Parameters ............................................................................................... 121 6.5.2.lB AKeyProtocolVersion ................................................................ 122 6.5.2.nB BaseStationPartialKey ................................................................ 123 6.5.2.oC MobileStationMIN ..................................................................... 124 6.5.2.pB MobileStationPartialKey ............................................................ 125 6.5.2.qB ModulusValue ............................................................................ 126 6.5.2.rB NewlyAssignedMIN................................................................... 127 6.5.2.sB OTASP_ResultCode................................................................... 128 6.5.2.tB PrimitiveValue............................................................................ 129 6.5.2.wB ServiceIndicator.......................................................................... 130 6.5.2.xB SignalingMessageEncryptionReport .......................................... 131 6.5.2.yC TemporaryReferenceNumber ..................................................... 132 6.5.2.zB VoicePrivacyReport ................................................................... 133 6.5.2.dnC MSC_Address............................................................................. 134 6.5.2.dpC MobileStationIMSI..................................................................... 137 6.5.2.dqB NewlyAssignedIMSI .................................................................. 138 6.5.2.adC MobileStationMSID ................................................................... 139 6.5.2.aeB NewlyAssignedMSID................................................................. 140 6.5.3 Parameter Type Definitions ............................................................................. 141 6.5.3.u1 MINType .................................................................................... 141

6C.2

MAIN-OTA

vi

Contents

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6.5.3.u2 7C

IMSIType ................................................................................... 142

SIGNALING PROCEDURES - CDMA ................................................................................... 143 3.2 Origination Call Tasks ................................................................................................... 143 3.2.1 Idle MS Origination (TIA/EIA-41.6-D, page 6-12) ...................................... 143 3.2.3 MSC Analyze MS Dialed Number (TIA/EIA-41.6-D, Page 6-15) ............... 145 Authentication Directive ................................................................................................ 146 4.1.1 AC Initiation of an Authentication Directive................................................... 146 4.1.3 VLR Receiving AuthenticationDirective INVOKE (TIA/EIA-41.6-D, page 6-47) ........................................................................................................ 150 4.1.6 MSC Receiving Authentication Parameters (TIA/EIA-41.6-D, page 6-53) . 156 Authentication Status Report ......................................................................................... 161 4.5.1 MSC Initiating an Authentication Status Report (TIA/EIA-41.6-D, Page 6-92) ........................................................................................................ 161 4.5.2 VLR Awaiting AuthenticationStatusReport INVOKE (TIA/EIA-41.6-D, Page 6-93) ........................................................................................................ 163 4.5.3 HLR Receiving AuthenticationStatusReport INVOKE (TIA/EIA-41.6-D, page 6-98) ........................................................................................................ 169 4.5.4 AC Awaiting AuthenticationStatusReport INVOKE (TIA/EIA-41.6-D, page 6-100) ...................................................................................................... 173 Base Station Challenge................................................................................................... 178 4.6.1 MSC Initiating a Base Station Challenge (TIA/EIA-41.6-D, page 6-104) ... 178 4.6.2 VLR Receiving BaseStationChallenge INVOKE (TIA/EIA-41.6-D, page 6-104) ...................................................................................................... 179 4.6.3 HLR Receiving BaseStationChallenge INVOKE (TIA/EIA-41.6-D, page 6-106) ...................................................................................................... 182 4.6.4 AC Receiving BaseStationChallenge INVOKE (TIA/EIA-41.6-D, page 6-108) ...................................................................................................... 185 Redirection Directive ..................................................................................................... 187 4.35.2 MSC Receiving RedirectionDirective INVOKE (TIA/EIA-41.6-D, page 6-221) ...................................................................................................... 187 Registration Notification ................................................................................................ 18 8 4.38.1 MSC Initiating MS Registration (TIA/EIA-41.6-D, page 6-233) ................. 188 4.38.2 VLR Receiving RegistrationNotification INVOKE (TIA/EIA-41.6-D, page 6-235) ...................................................................................................... 190 4.38.3 HLR Receiving RegistrationNotification INVOKE (TIA/EIA-41.6-D, page 6-241) ...................................................................................................... 191 SMS Delivery Point-to-Point ......................................................................................... 193 4.46.4 MSC Receiving an SMSDeliveryPointToPoint INVOKE (TIA/EIA-41.6-D, page 6-273) ...................................................................................................... 193 SMS Notification ........................................................................................................... 195 4.47.1 HLR Initiating SMSNotification INVOKE (TIA/EIA-41.6-D, page 6-285)195 4.47.C OTAF Receiving an SMSNotification INVOKE............................................. 196 SMS Request.................................................................................................................. 198 4.48.1 MC or OTAF Initiating SMS Request (TIA/EIA-41.6-D, page 6-288) ........ 198 4.48.2 HLR Receiving an SMSRequest INVOKE (TIA/EIA-41.6-D, page 6-289) 200 OTAF Attachment With Serving MSC .......................................................................... 203

4.1

4.5

4.6

4.35

4.38

4.46

4.47

4.48

5.C1

Contents

vii

MAIN-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

5.C1.1 5.C1.2 5.C1.3 5.C1.4 5.C1.5 5.C2

MSC Obtaining a TRN .................................................................................... 203 OTAF Initiating an SMDPP INVOKE to Attach with Serving MSC .............. 205 MSC Receiving an SMDPP INVOKE to Attach with OTAF.......................... 207 OTAF Initiating an SMDPP INVOKE to Release TRN .................................. 209 MSC Receiving an SMDPP INVOKE to Release TRN................................... 210

OTAF Attachment With Serving MSC (ALT)............................................................... 211 5.C2.1 OTAF Receiving a FeatureRequest INVOKE (ALT)...................................... 211 5.C2.2 OTAF Requesting TRN from an Alternate OTAF (ALT) ............................... 213 5.C2.3 OTAF Receiving RoutingRequest INVOKE (ALT)........................................ 214 5.C2.4 OTAF Initiating MSC Redirection of an OTASP Call (ALT) ......................... 216 Exchange of OTASP Data Messages .......................................................................... 218 5.C3.1 OTAF Initiating SMDPP INVOKE for OTASP Data Message Exchange ...... 218 5.C3.2 MSC Receiving SMDPP INVOKE for OTASP or OTAPA Data Message Exchange.......................................................................................................... 220 MSC Procedure Triggers for OTASP ............................................................................ 225 5.C4.1 OTAF Initiating SMDPP INVOKE for MS Registration ................................ 225 5.C4.2 MSC Receiving SMDPP INVOKE for Registration of MS............................. 227 5.C4.3 OTAF Initiating SMDPP INVOKE to Record New MIN MSID..................... 228 5.C4.4 MSC Receiving SMDPP INVOKE to Record NEW MIN MSID ................... 230 CSC Triggers to Execute OTASP Procedures................................................................ 231 5.C5.1 CSC Trigger for OTASP Data Message Exchange.......................................... 231 5.C5.2 CSC Trigger for OTASP for A-key Generation............................................... 232 5.C5.3 CSC Trigger for OTASP for Perform SSD Update ......................................... 234 5.C5.4 CSC Trigger for OTASP for Perform Reauthentication .................................. 235 OTAF Recovery ............................................................................................................. 236 5.C6.1 OTAF Recovery Procedure.............................................................................. 236 OTASPRequest .............................................................................................................. 237 5.C7.1 OTAF Initiating OTASPRequest invoke ......................................................... 237 5.C7.2 HLR Receiving an OTASPREQ INVOKE...................................................... 240 5.C7.3 AC Receiving an OTASPREQ INVOKE ........................................................ 245

5.C3

5.C4

5.C5

5.C6 5.C7

7

Operation Timer Values ............................................................................................................ 252

MAIN-OTA

viii

Contents

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4T

AUTOMATIC ROAMING OPERATIONS - TDMA ............................................................. 253 4.19 4.26 OriginationRequest (TIA/EIA-41.3-D, page 3-86) ..................................................... 254 4.19.T1 Successful Origination Activation .................................................................... 255 RegistrationNotification (TIA/EIA-41.3-D, page 3-118)............................................ 256 4.26.T1 Activation Registration - Unprogrammed MS: Case 1 .................................... 257 4.26.T2 Activation Registration - Unprogrammed MS: Case 2 .................................... 259 SMSDeliveryPointToPoint (TIA/EIA-41.3-D, page 3-143) ....................................... 260 4.32.T1 OATS or OPTS Message Sent from OTAF to Serving MSC .......................... 261 4.32.T2 OATS Message Sent from the Serving MSC to the OTAF ............................. 263 SMSNotification (TIA/EIA-41.3-D, page 3-147) ....................................................... 264 4.33.1 Successful SMSNotification: MS-Based SME Availability Report ................ 265 4.33.2 Successful SMSNotification: MS-Based SME Unavailability Report............. 266 SMSRequest (TIA/EIA-41.3-D, page 3-149).............................................................. 267 4.34.T1 Successful SMSRequest during OTASP: MS-Based SME.............................. 268 OTASPRequest .............................................................................................................. 270 4.TT.1 OTAF Request to Initiate AC Procedures........................................................ 271

4.32

4.33

4.34 4.TT

5T 8

OVER-THE-AIR SCENARIOS -TDMA (New for TIA/EIA-41-D, Chapter 3).................... 273 OVER-THE-AIR SERVICE PROVISIONING SCENARIOS .............................................. 273 8.TT TDMA Over-the-Air Service Provisioning Scenarios.................................................... 273 8.TT.1 Serving MSC Attachment to the OTAF: Origination Activation..................... 273 8.TT.2 Serving MSC Attachment to the OTAF: Origination Registration .................. 275 8.TT.3 Serving MSC Attachment to the OTAF: Power-up Registration..................... 277 8.TT.4 Serving MSC Attachment to the OTAF: Deferred Initial ................................ 279 8.TT.5 Serving MSC Attachment to the OTAF: Reprogramming............................... 281 8.TT.6 Deferred OTASP Reprogramming................................................................... 282 8.TT.7 Serving MSC Attachment to OTAF: Unknown Subscription Case 1 .............. 284 8.TT.8 Serving MSC Attachment to OTAF: Unknown Subscription Case 2 .............. 285 8.TT.9 OTAF Request to Initiate A-key Generation ................................................... 285 8.TT.10 OTAF Request to Perform SSD Update........................................................ 290 8.TT.10a SSD Update when SSD is Not Shared............................................................ 290 8.TT.10b SSD Update when SSD is Shared................................................................... 296 8.TT.11 OTAF Request to Perform Re-Authentication .............................................. 300 8.TT.12 AC Request to Commit A-key ...................................................................... 303 8.TT.13 AC Request to Release A-key Resources...................................................... 304

9

OVER-THE-AIR PARAMETER ADMINISTRATION SCENARIOS ................................ 305 9.TT TDMA Over-the-Air Programming Teleservice Scenarios............................................ 305 9.TT.1 Successful OPTS Download to an Available Mobile Station .......................... 305 9.TT.2 Successful OPTS Download to an Initially Unavailable MS........................... 307 9.TT.3 Unsuccessful OPTS ......................................................................................... 309

Contents

ix

MAIN-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6T

SIGNALING PROTOCOLS - TDMA...................................................................................... 311 6T.1 Operations ...................................................................................................................... 311 6T.1.1 General............................................................................................................. 311 6.4.1.2 Operation Specifiers (TIA/EIA-41.5-D, page 5-24) ................... 311 6.4.2 Operation Definitions (TIA/EIA-41.5-D, page 5-27) ................. 311 6T.1.2 Modifications to Existing Operations .............................................................. 312 6.4.2.1 AuthenticationDirective (TIA/EIA-41.5-D, page 5-29) .......... 312 6.4.2.5 AuthenticationStatusReport (TIA/EIA-41.5-D, page 5-36)..... 314 6.4.2.30 OriginationRequest..................................................................... 315 6.4.2.37 RegistrationNotification (TIA/EIA-41.5-D, page 5-94) .......... 317 6.4.2.44 SMSNotification......................................................................... 319 6.4.2.45 SMSRequest ............................................................................... 320 6T.1.3 New Operations ............................................................................................... 322 6.4.2.TT OTASPRequest........................................................................... 322 Parameters ...................................................................................................................... 324 6T.2.1 General............................................................................................................. 324 6.5.1.2 Parameter Identifiers (TIA/EIA-41.5-D, page 5-119) ................ 324 6T.2.2 Modifications to Existing Parameters .............................................................. 324 6.5.2.137 SMS_TeleserviceIdentifier (TIA/EIA-41.5-D, page 5-283).... 325 6T.2.3 New Parameters ............................................................................................... 328 6.5.2.mT AuthenticationResponseReauthentication .................................. 329 6.5.2.uT RandomVariableReauthentication.............................................. 330 6.5.2.vT ReauthenticationReport .............................................................. 331

6T.2

7T

SIGNALING PROCEDURES - TDMA ................................................................................... 332 3.2 4.1 Origination Call Tasks ................................................................................................... 332 3.2.3 MSC Analyze MS Dialed Number (TIA/EIA-41.6-D, page 6-15) .................. 332 Authentication Directive ................................................................................................ 337 4.1.1 AC Initiation of an Authentication Directive (TIA/EIA-41.6-D, page 6-42) ........................................................................................................ 337 4.1.6 MSC Receiving Authentication Parameters (TIA/EIA-41.6-D, page 6-53) . 340 Authentication Status Report ......................................................................................... 346 4.5.1 MSC Initiating an Authentication Status Report (TIA/EIA-41.6-D, page 6-92) ........................................................................................................ 346 4.5.4 AC Awaiting AuthenticationStatusReport INVOKE (TIA/EIA-41.6-D, page 6-100) ...................................................................................................... 348 Origination Request ....................................................................................................... 351 4.31.1 MSC Initiating an Origination Request (TIA/EIA-41.6-D, page 6-201) ...... 351 4.31.T1 OTAF Receiving an Origination Request ........................................................ 353 Registration Notification ................................................................................................ 355 4.38.1 MSC Initiating MS Registration (TIA/EIA-41.6-D, page 6-233) ................. 355 4.38.2 VLR Receiving RegistrationNotification INVOKE (TIA/EIA-41.6-D, page 6-235) ...................................................................................................... 356 4.38.T1 OTAF Receiving RegistrationNotification INVOKE ...................................... 361 SMS Delivery Point-to-Point ......................................................................................... 363 4.46.T1 OTAF Receiving SMSDeliveryPointToPoint.................................................. 363

4.5

4.31

4.38

4.46

MAIN-OTA

x

Contents

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.46.T2 OTAF Initiating SMSDeliveryPointToPoint to an MS-Based SME................ 365 4.47 SMS Notification ........................................................................................................... 367 4.47.1 HLR Initiating SMSNotification INVOKE (TIA/EIA-41.6-D, page 6-285) ...................................................................................................... 367 4.47.3 MC or OTAF Receiving an SMSNotification INVOKE (TIA/EIA-41.6-D, page 6-286) ...................................................................................................... 368 SMS Request.................................................................................................................. 369 4.48.1 MC or OTAF Initiating SMS Request (TIA/EIA-41.6-D, page 6-288) ........ 369 4.48.2 HLR Receiving an SMSRequest INVOKE (TIA/EIA-41.6-D, page 6-289) ...................................................................................................... 371 OTASPRequest .............................................................................................................. 373 4.TT.1 OTAF Initiating OTASPRequest ..................................................................... 373 4.TT.2 HLR Receiving OTASPRequest INVOKE...................................................... 375 4.TT.3 AC Receiving OTASPRequest INVOKE ........................................................ 377

4.48

4.TT

7

OPERATION TIMER VALUES .............................................................................................. 379

Contents

xi

MAIN-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

LIST OF FIGURES

MAIN OTA FIGURES :

Figure A1 Figure A2 Figure B OTASP: Example Flow Chart .................................................................... 10 OTASP: Example Flow Chart (concluded) ................................................ 11 Network Reference Model (with OTASP Enhancements Identified) ......... 21

CDMA

OTA FIGURES :

Figure CC OTA Related ISTIA/EIA-41 Operations for CDMA.................................. 23 Figure 4.1.C1 Transport Encryption Parameters to the Serving MSC for OTASP ....... 25 Figure 4.32.C1 Serving MSC Attachment to an OTAF ................................................ 28 Figure 4.32.C2 Exchange of OTASP Data Messages ................................................... 30 Figure 4.32.C3 OTAF Request to Initiate MSC Procedures ......................................... 31 Figure 4.CC.1 OTAF Request to Initiate AC Procedures ............................................. 35 Figure 8.CC.1a Serving MSC Attached to the Initial and Desired CSC ....................... 40 Figure 8.CC.1b Serving MSC Attached to the Initial and Desired CSC (ALT)............ 42 Figure 8.CC.2a OTASP Call Redirected from Initial CSC to Desired CSC - Initial OTAF not Attached to Serving MSC................................................ 45 Figure 8.CC.2b Serving MSC Redirected from Initial CSC to Desired CSC................ 47 Figure 8.CC.2c OTASP Call Redirected from Initial CSC to Desired CSC - Initial OTAF Initially Attached to Serving MSC .......................................... 51 Figure 8.CC.3 A-key Generation .................................................................................. 53 Figure 8.CC.4 SSD Update when SSD is not Shared................................................. 57 Figure 8.CC.5 Re-Authentication for Voice Privacy, Message Encryption, or Both .... 62 Figure 8.CC.6 Exchange of OTASP Data Messages..................................................... 66 Figure 8.CC.7 AC Request to Commit A-key............................................................ 67 Figure 8.CC.8 AC Request to Release Resources ......................................................... 69 Figure 8.CC.9 Registration Following Successful OTASP........................................... 70 Figure 8.CC.10 Notification of Newly Assigned MIN Following Successful OTASP.... 72 Figure 9.CC.1 OTA Parameter Administration - Registration ...................................... 74 Figure 9.CC.2 OTA Parameter Administration - MS is Available................................ 75 Figure 9.CC.3 OTA Parameter Administration - Postponed at the HLR ...................... 79 Figure 9.CC.4 OTA Parameter Administration - Delayed at the HLR.......................... 80 Figure 9.CC.5 Roaming to an OTAPA-Capable System with Pending Delivery ......... 82 Figure 9 ActionCode parameter .............................................................................. 105 Figure 89 MobileIdentificationNumber parameter ................................................... 107 Figure 89 MobileIdentificationNumber parameter ................................................... 108 Figure 131 SMS_AccessDeniedReason parameter ..................................................... 109 Figure 136 SMS_CauseCode parameter ..................................................................... 111 Figure 155 SMS_TerminationRestrictions parameter................................................. 116 Figure 162 SystemAccessType parameter .................................................................. 117 Figure 177 TransactionCapability parameter .............................................................. 118 Figure lB AKeyProtocolVersion parameter.............................................................. 122 Figure nB BaseStationPartialKey parameter ............................................................. 123 Figure oC MobileStationMIN parameter................................................................... 124 Figure oC MobileStationMIN parameter................................................................... 124 Figure pB MobileStationPartialKey parameter.......................................................... 125 Figure qB ModulusValue parameter.......................................................................... 126 Figure rB NewlyAssignedMIN parameter ................................................................ 127 Figure rB NewlyAssignedMIN parameter ................................................................ 127 Figure sB OTASP_ResultCode parameter ................................................................ 128 Figure tB PrimitiveValue parameter ......................................................................... 129 Figure wB ServiceIndicator parameter ....................................................................... 130 Figure xB SignalingMessageEncryptionReport parameter........................................ 131 Figure yC TemporaryReferenceNumber parameter................................................... 132

MAIN-OTA

xii

List Of Figures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Figure zB VoicePrivacyReport parameter................................................................. 133 Figure dnC-1 MSC_Address parameter for BCD digits.............................................. 134 Figure dnC-2 MSC_Address Parameter for an IP address .......................................... 135 Figure dnC-3 MSC_Address parameter for a generic SS7 Point Code Address......... 136 Figure dpC MobileStationIMSI parameter .................................................................. 137 Figure dqB NewlyAssignedIMSI parameter................................................................ 138 Figure adC MobileStationMSID parameter................................................................. 139 Figure aeB NewlyAssignedMSID parameter .............................................................. 140 Figure u1 MINType parameter type.......................................................................... 141 Figure u2 IMSIType parameter type......................................................................... 142

TDMA

OTA FIGURES :

Figure CT OTA Related TIA/EIA-41 Operations for TDMA................................. 253 Figure 4.19.T1 Successful Origination Activation...................................................... 255 Figure 4.26.T1 Activation Registration - Unprogrammed MS: Case 1....................... 257 Figure 4.26.T2 Activation Registration - Unprogrammed MS Case 2 ........................ 259 Figure 4.32.T1 OATS or OPTS Message Sent from OTAF to Serving MSC............. 261 Figure 4.32.T2 OATS Message Sent from the Serving MSC to the OTAF ................ 263 Figure 78 Successful SMSNotification: MS-Based SME Availability Report ...... 265 Figure 79 Successful SMSNotification: MS-Based SME Unavailability Report... 266 Figure 4.34.T1 Successful SMSRequest during OTASP: MS-Based SME ................ 268 Figure 4.TT.1 OTAF Request to Initiate AC Procedures............................................ 271 Figure 8.TT.1 Serving MSC Attachment to the OTAF: Origination Activation... 274 Figure 8.TT.2 Serving MSC Attachment to the OTAF: Origination Registration 275 Figure 8.TT.3 Serving MSC Attachment to the OTAF: Power-up Registration ......... 277 Figure 8.TT.4 Serving MSC Attachment to the OTAF: Deferred Initial .................. 279 Figure 8.TT.5 Serving MSC Attachment to the OTAF: Reprogramming................... 281 Figure 8.TT.6 Deferred OTASP Reprogramming....................................................... 282 Figure 8.TT.7 Serving MSC Attachment to OTAF: Unknown Subscription Case 1 284 Figure 8.TT.9 OTAF Request to Initiate A-key Generation ....................................... 286 Figure 8.TT.10a SSD Update when SSD is not Shared .............................................. 291 Figure 8.TT.10b SSD Update when SSD is Shared .................................................... 296 Figure 8.TT.11 OTAF Request to Perform Re-Authentication ................................... 300 Figure 8.TT.12 AC Request to Commit A-key ........................................................ 303 Figure 8.TT.13 AC Request to Release A-key Resources........................................... 304 Figure 9.TT.1 Successful OPTS Download to an Available Mobile Station .............. 305 Figure 9.TT.2 Successful OPTS Download to an Initially Unavailable MS ............... 307 Figure 9.TT.3 Unsuccessful OPTS.............................................................................. 309 Figure 154 SMS_TeleserviceIdentifier parameter .................................................. 325 Figure mT AuthenticationResponseReauthentication parameter................................ 329 Figure uT RandomVariableReauthentication parameter ........................................... 330 Figure vT ReauthenticationReport parameter............................................................ 331

List Of Figures

xiii

MAIN-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

MAIN-OTA

xiv

List Of Figures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

LIST OF TABLES

CDMA OTA TABLES :

Table 2 FE Combinations for AUTHDIR................................................................ 24 Table 32 FE Combinations for SMDPP..................................................................... 27 Table 33 FE Combinations for SMSNOT.................................................................. 33 Table 34 FE Combinations for SMSREQ.................................................................. 34 Table 4.CC FE Combinations for OTASPREQ ............................................................. 35 Table 8 TIA/EIA-41 MAP Operation Specifiers (concluded) .............................. 87 Table 10 Summary of MAP Operations (concluded) ................................................ 87 Table 11 AuthenticationDirective INVOKE Parameters ........................................... 88 Table 19 AuthenticationStatusReport INVOKE Parameters ..................................... 90 Table 21 BaseStationChallenge INVOKE Parameters .............................................. 91 Table 36 FeatureRequest RETURN RESULT Parameters ........................................ 92 Table 82 RegistrationNotification INVOKE Parameters........................................... 94 Table 94 SMSDeliveryPointToPoint INVOKE Parameters ...................................... 96 Table 95 SMSDeliveryPointToPoint RETURN RESULT Parameters...................... 98 Table 98 SMSRequest INVOKE Parameters............................................................. 99 Table 6.4.2.CCx OTASPRequest INVOKE Parameters ............................................. 100 Table 6.4.2.CCy OTASPRequest RETURN RESULT Parameters............................. 102 Table 112 TIA/EIA-41 MAP Parameter Identifiers (concluded)............................ 103 Table CCC A-key Generation Parameter Names - TIA/EIA-41 and CDMA ........... 104 Table 6C.2.2 Existing Parameters Common to CDMA & TDMA.............................. 105 Table 114 ActionCode value ..................................................................................... 106 Table 149 MobileIdentificationNumber value........................................................... 107 Table 170 SMS_AccessDeniedReason value ............................................................ 110 Table 171 SMS_CauseCode value............................................................................. 112 Table 176 SMS_TerminationRestrictions value ........................................................ 116 Table 181 SystemAccessType value ......................................................................... 117 Table 192 TransactionCapability parameter .............................................................. 118 Table 6C.2.3a New Parameters Common to CDMA & TDMA.................................. 121 Table 6C.2.3b New Parameters unique to CDMA ...................................................... 121 Table lB AKeyProtocolVersion values ................................................................... 122 Table sB OTASP_ResultCode value ....................................................................... 128 Table wB ServiceIndicator value .............................................................................. 130 Table xB SignalingMessageEncryptionReport value ............................................... 131 Table yC TemporaryReferenceNumber value.......................................................... 132 Table zB VoicePrivacyReport value ........................................................................ 133 Table u1 Digit value ................................................................................................ 141 Table u2 IMSI Digit values ..................................................................................... 142 Table 2 VLR AuthenticationDirective Response................................................... 154 Table 11 VLR AuthenticationStatusReport Response ............................................. 167 Table 12 HLR AuthenticationStatusReport Response ............................................. 171 Table 13 AC AuthenticationStatusReport Response ............................................... 176 Table 14 VLR BaseStationChallenge Response ...................................................... 181 Table 15 HLR BaseStationChallenge Response ...................................................... 183 Table 16 AC BaseStationChallenge Response ........................................................ 185

List Of Tables

xv

MAIN-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Table 4.47.C OTAF SMSNotification Response ........................................................ 197 Table 5.C2.1 OTAF FeatureRequest Response........................................................... 212 Table 5.C2.3 OTAF RoutingRequest Response.......................................................... 214 Table 5.C2.4 Originating MSC RedirectionDirective Response for OTASP.............. 217 Table 5.C7.2 HLR OTASPRequest Response............................................................. 243 Table 5.C7.3 AC OTASPRequest Response ............................................................... 250 Table 63 Operation Timer Values (continued) ........................................................ 252

TDMA OTA TABLES :

Table 19 FE Combinations for ORREQ .................................................................. 254 Table 26 FE Combinations for REGNOT................................................................ 256 Table 32 FE Combinations for SMDPP................................................................... 260 Table 33 FE Combinations for SMSNOT................................................................ 264 Table 34 FE Combinations for SMSREQ................................................................ 267 Table 4.TT FE Combinations for OTASPREQ ........................................................... 270 Table 8 TIA/EIA-41 MAP Operation Specifiers (concluded) ......................... 311 Table 10 Summary of MAP Operations (concluded) .............................................. 311 Table 11 AuthenticationDirective INVOKE Parameters ......................................... 312 Table 19 AuthenticationStatusReport INVOKE Parameters ................................... 314 Table 68 OriginationRequest INVOKE Parameters ................................................ 315 Table 82 RegistrationNotification INVOKE Parameters......................................... 317 Table 96 SMSNotification INVOKE Parameters .................................................... 319 Table 97 SMSNotification RETURN RESULT Parameters.................................... 319 Table 98 SMSRequest INVOKE Parameters........................................................... 320 Table 99 SMSRequest RETURN RESULT Parameters .......................................... 321 Table 6.4.2.TTx OTASPRequest INVOKE Parameters.............................................. 322 Table 6.4.2.TTy OTASPRequest RETURN RESULT Parameters ............................. 323 Table TTT A-key Generation Parameter Names - TIA/EIA-41 and TDMA ........... 324 Table 6T.2.2 Existing Parameters Common to CDMA & TDMA.............................. 324 Table 175 SMS_Teleservice Identifier values ........................................................... 326 Table 175 SMS_Teleservice Identifier values (Concluded) ...................................... 327 Table 6T.2.3a New Parameters Common to CDMA & TDMA OTASP .................... 328 Table 6T.2.3b Existing Parameters unique to TDMA.............................................. 328 Table vT ReauthenticationReport value................................................................... 331 Table 4.31.T1 OTAF OriginationRequest Response................................................... 354 Table 4.38.T1 OTAF RegistrationNotification Response ........................................... 362 Table 4.TT.2 HLR OTASPRequest Response ............................................................ 376 Table 4.TT.3 AC OTASP Request Response.............................................................. 378 Table 63 Operation Timer Values (continued) ........................................................ 379

MAIN-OTA

xvi

List Of Tables

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

FOREWORD

This document contains modifications and additions to TIA/EIA-41 Revision D that are required to support the Over-The-Air Service Provisioning (OTASP) and Parameter Administration (OTAPA) features1. The TIA/EIA-41-D recommendations upon which this IS builds are: · · · · TIA/EIA-41.1-D, Cellular Radiotelecommunications Intersystem Operations: Functional Overview TIA/EIA-41.3-D, Cellular Radiotelecommunications Intersystem Operations: Automatic Roaming Information Flows TIA/EIA-41.5-D, Cellular Radiotelecommunications Intersystem Operations: Signaling Protocols TIA/EIA-41.6-D, Cellular Radiotelecommunications Intersystem Operations: Signaling Procedures

1

(a) Sections with numeric indices (e.g. "4.35") are from TIA/EIA-41-D . Sections with alpha-numeric indices (e.g. 6.CC.1a) are newly introduced in this IS. (b) Figures with numeric indices (e.g. "Figure 9") are from TIA/EIA-41-D . Figures with alpha-numeric indices (e.g. Figure B, 4.1.C1) are newly introduced in this IS. (c) Tables with numeric indices (e.g. "Table 2") are from TIA/EIA-41-D . Tables with alpha-numeric indices (e.g. Table 4.CC) are newly introduced in this IS.

MAIN-OTA

xviii

Foreword

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

EDITORIAL CONVENTIONS

This section identifies the editorial style adopted in documenting this document. The recommendations provided for the support of OTASP and OTAPA are shown as modifications to the TIA/EIA-41-D standard and they follow the below conventions: a. TIA/EIA-41-D completely new text inserted by IS-725 (OTASP) A telephone network routing address for a subscriber number, often simply referred to as the telephone number. b. TIA/EIA-41-D original text modified by IS-725 (OTASP) A telephone network routing address for a subscriber number, often simply referred to as the telephone number. c. TIA/EIA-41-D completely new text inserted by N.S0011-0 v 1.0 (OTAPA) A telephone network routing address for a subscriber number, often simply referred to as the telephone number. d. TIA/EIA-41-D original text modified by N.S0011-0 v 1.0 (OTAPA) A telephone network routing address for a subscriber number, often simply referred to as the telephone number. e. TIA/EIA-41-D text added/modified by IS-725 and further subsequently modified by N.S0011-0 v 1.0 for the purposes other than OTAPA. (i.e., these changes include corrections/enhancements to OTASP and the support of IMSI for OTA operations). A telephone network routing address for a subscriber number, often simply referred to as the telephone number.

Editorial Conventions

xix

MAIN-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

REVISION HISTORY

Revision

0 1

Date

June 1997 January 1999

Remarks

Initial Publication (IS-725) First Revision (N.S0011-0 v 1.0)

MAIN-OTA

xx

Revision History

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

1

1.1

INTRODUCTION

OBJECTIVE

This document presents recommendations for supporting the Over-The-Air "Service Provisioning" (OTASP) and "Parameter Administration" (OTAPA) capability.

1.2

SCOPE

Specifically, this document includes Stage-1 recommendations for OTASP Subscriber Feature and OTAPA Network Feature Descriptions. It also provides intersystem operation recommendations for supporting the OTASP & OTAPA capability for the CDMA and TDMA air interfaces, with Stage-2 operations and scenarios, Stage-3 operations and parameter definitions, plus Stage-3 procedures.

1.3

ORGANIZATION

This document is organized as per TIA/EIA-664 and ISTIA/EIA-41-DC, with: · Sections 1, 2 and 3 being common to CDMA and TDMA; · Sections 4C, 5C, 6C and 7C being specific to CDMA; · Sections 4T, 5T, 6T and 7T being specific to TDMA.

1.4

GENERAL BACKGROUND AND ASSUMPTIONS

The OTASP feature is intended to meet a need of the wireless industry to enable and expedite in a secure manner the process by which potential wireless service subscribers can activate (i.e., become authorized for) new wireless service(s) or current subscribers can request changes in their existing service, without the intervention of a third party or parties. The OTAPA feature is initiated by the network service provider (and not by the mobile subscriber) to program Mobile Station's Number Assignment Module (NAM) parameters and the CDMA Preferred Roaming list or the TDMA Intelligent Roaming Database (IRDB). These parameters control the wireless network usage by the MS. Administration of such parameters without the involvement of mobile subscribers simplifies and significantly improves the customer care process by the network service providers. OTAPA does not require a voice dialogue with the service provider's customer service center and thus there is no need of involvement or interaction with the mobile subscriber during parameter administration. OTAPA can be performed at anytime while the MS is powered on and it does not interfere with normal end user operation (e.g., placing or receiving calls). If the mobile originates, receives, or ends a call while the OTAPA is in progress, the OTAPA is terminated. For CDMA, if an OTAPA override mechanism is provided, the default setting shall be "off" (meaning OTAPA is permitted by default). The Stage-2 and Stage-3 recommendations provide OTASP & OTAPA related "deltas", based on the ISTIA/EIA-41-DC, standard.

Introduction

1

MAIN-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

This recommendation assumes that MSs are compatible with the provisions in the TIA/EIA/IS-136.1-A-1 Addendum No. 1 to TIA/EIA/IS-136.1-A or TIA/EIA-136-720 for containing the Over-the-Air Activation Teleservice (OATS) and TIA/EIA-136-730 for Overthe-Air Programming Teleservice (OPTS), developed by TIA sub-committee TR45.3 (TDMA), or with the provisions in IS-683-A - Over-the-Air Service Provisioning of Mobile Stations in Spread Spectrum Systems, developed by TIA sub-committee TR45.5 (CDMA). Support for Mobile Station (MS) identification based on International Mobile Station Identity (IMSI) and Temporary Mobile Station Identity (TMSI) is not contained in this specification.

MAIN-OTA

2

Introduction

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

2

SUBSCRIBER FEATURE DESCRIPTION

This section provides the Stage 1 (based on the TIA/EIA-664 model) Subscriber Feature Description for Over-The-Air Service Provisioning and Network Feature Description for Over-The-Air Parameter Administration. It is common to CDMA and TDMA.

2.1

OVER THE AIR SERVICE PROVISIONING (OTASP)

The Over the Air Service Provisioning (OTASP) feature allows a potential wireless service subscriber to activate (i.e., become authorized for) new wireless service, and allows an existing wireless subscriber to make changes in existing services without the intervention of a third party. OTASP typically includes the following: a. b. A call to the service provider customer service center. "Over-The-Air" programming of Number Assignment Modules (NAMs), and optionally, service provider or manufacturer specific parameters (e.g., lock code, call timer). An Authentication Key Generation procedure.

c.

The OTASP feature has the following objectives: 1. 2. 3. 4. 5. 6. 7. To support OTASP on digital systems, and, optionally, analog systems. To simplify the service provisioning process for both the user and the wireless service provider. To increase efficiency of mobile station NAM programming and reduce the possibility of errors during initial service provisioning programming. To enable a potential wireless user to easily choose a desired wireless service provider. To minimize the ability to fraudulently use wireless service.

To keep the distribution of the Authentication Key (A-key) secure. To safeguard user information.

One of the primary objectives of OTASP is the ability to provide a secure authentication key to an MS to facilitate authentication. Authentication is the process by which information is exchanged between an MS and the network for the purpose of confirming and validating the identity of the MS. A successful outcome of the authentication process occurs only when it is demonstrated that the MS and the network possess identical sets of Shared Secret Data (SSD). The OTASP feature incorporates a cryptographic Authentication Key Generation procedure. This procedure allows the network to exchange Authentication Key parameters with an MS. These parameters are used to generate the A-key that is used to generate the SSD. The Authentication Key Generation procedure enhances security for the subscriber and reduces the potential for fraudulent use of wireless telecommunications service.

Subscriber Feature Description

3

MAIN-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Any Authentication Key Generation algorithm chosen shall satisfy the following subscriber, system operator, and equipment manufacturer requirements for A-key delivery to the MS: 1. 2. 3. The subscriber should not be required to make any keypad entries in addition to those required to initiate OTASP. The MS should not be required to contain secret information (e.g., Authentication Key) when it is initially delivered to the subscriber. The MS shall be capable of normal operation, including full authentication, after the end of the service provisioning procedure.

For MSs that contain more than one Number Assignment Module (NAM)1, OTASP may be used to perform service provisioning for the NAM selected by the user. MSs may be reprogrammed after they have been initially programmed. Reprogramming is performed using the same procedures as initial programming. There may be some cases in which an MS shall be prohibited from being reprogrammed. It is left to the service provider to determine and control which MSs shall not be reprogrammed.

Applicability to Telecommunications Services OTASP is applicable to all telecommunications services.

2.1.1

Normal Procedures With Successful Outcome

Authorization OTASP may be made generally available for all subscribers (current and potential) by the service provider.

De-Authorization OTASP may be withdrawn by the service provider.

Registration OTASP has no registration.

De-Registration OTASP has no de-registration.

1

Each NAM may be associated with a different service provider.

MAIN-OTA

4

Subscriber Feature Description

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Activation OTASP has no activation.

De-Activation OTASP has no de-activation.

Invocation For initiation of OTASP from the MS, the user may enter a feature code possibly followed by supplementary digits (e.g., any number of digits to be interpreted by the Serving MSC). The following are offered as examples: *FC SEND *FC + DN + SEND where: DN is a Directory Number (e.g., NDC-X1~Xn for NANP, ZZZZ for digits to be interpreted by the Serving MSC) for the service provisioning center of the selected system. *FC + XX + SEND where XX indicates a particular system, (e.g., 00 for the 800 MHz, A-Band system, 01 for the 800 MHz, B-Band system, etc). Refer to CDMA for the complete list of XXs. [Note: In this case, the MS shall be designed so that the choice of system automatically sets the NAM parameters that identify the preferred system. However, the preferred system may be reprogrammed when the rest of the NAM parameters are downloaded.]; or *FC + XX + DN + SEND where DN is a Directory Number (e.g., NDC-X1~Xn for NANP) for the Customer Service Center (CSC) of the selected service provider and XX denotes the local system, as in the previous example. Based on the DN, the current serving system may route the call to the desired service provider's CSC; or *FC + MCC + YYYY + SEND where: MCC is the Mobile Country Code, and YYYY is the System Operator Code (SOC) of the selected system (refer to TDMA); or *FC + MCC + ZZZZZ + SEND where:

Subscriber Feature Description

5

MAIN-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

MCC is the Mobile Country Code, and ZZZZZ is the System ID (SID) of the selected system; or Optionally, OTASP may be initiated by an alternative method (i.e., from a landline phone). In this case, OTASP procedures are implementation and service provider specific. Normal Operation With Successful Outcome This section describes a typical sequence of procedures for OTASP invoked from the MS, which results in a successful outcome. It is a service provider specific decision whether to complete the procedure in one or multiple steps. 1. 2. 3. A user acquires an OTASP capable MS. The user must provide a charged battery or external power source for the MS before proceeding with OTASP. The user is within the desired home system of the desired service provider service area, or obtains information on how to contact the service provider from outside the desired service provider service area. The user "powers-on" the MS. The user selects which NAM to program (if multiple NAMs are supported). A service provider is selected. The following are some of the means by which a service provider may be selected: The MS may be programmed to attempt OTASP with one or more service providers. The MS may scan for all available service providers, and present the user with a list from which to choose. The user may explicitly specify a service provider by entering the OTASP feature code and the appropriate supplementary digits. If the user is not within the desired system operator's coverage area, the user may be given instructions on how to contact the chosen service provider.

4. 5. 6.

The service provider selection is indicated to the network via a feature code. This feature code shall result in the establishment of a voice call between the user and the selected service provider's customer service center. NOTE 1: The MS first attempts OTASP on a digital system, if possible and if available. If the MS cannot acquire a digital system or cannot initiate OTASP on a digital system, the MS may then attempt to initiate OTASP on an analog system. NOTE 2: A service provider shall not be required to support OTASP for subscribers selecting a different service provider. If a subscriber selects a service provider for OTASP which is not the provider of the current serving system, then the current service provider may route the call to its own customer service representative, an announcement, or to the desired service provider. This is a service provider specific decision. 7. While the call to the customer service center is being established, the ESN is supplied to the network.

MAIN-OTA

6

Subscriber Feature Description

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

After the customer service representative has established a dialog with the user, the network may upload some NAM parameters from the MS. These actions may be deferred until after enabling message encryption, voice privacy or both. 8. The customer service representative answers the call and establishes a dialog with the user. NOTE 4: The customer service center shall have a mechanism to associate the incoming call with the uploaded NAM information. 9. If required, the network and the MS shall exchange Authentication Key Generation parameters and generate the A-key. NOTE 5: The A-key shall not be displayed to the subscriber or customer service representative at any time. 10. The network may then perform the SSD Update procedure and invoke digital voice privacy and message encryption mode. NOTE 6: There are three alternatives for the order in which Steps 8, 9 and 10 may be executed. ­ ­ ­ Step-8, Step-9 , Step-10 Step-9, Step-8, Step-10 Step-9, Step-10, Step-8

The only requirement is for Step-9 if required, to be executed before Step-10. 11. The customer service center obtains all user information appropriate for validating and verifying the user for wireless service. 12. If the user is successfully verified by the customer service center, the service representative performs the following tasks: ­ ­ ­ ­ Assigns a Mobile Identification Number (MIN) to the user. Determines subscriber service needs. Creates a subscriber profile record in the network provisioning system data base. Assigns other NAM parameters needed by the MS.

NOTE 7: If the user fails verification, the user may be denied service by the service provider, and the service provisioning process is terminated. 13. The network transmits the required NAM parameters to the MS over the air interface. 14. If service provisioning is successful, the MS or a signal received from the network may provide validity feedback to the new subscriber indicating that service provisioning was completed successfully. A flowchart (Figures A1 and A2) in 2.1.5 illustrates the above sequence of procedures.

2.1.2

Exception Procedures or Unsuccessful Outcome

This section lists some of the more probable abnormal situations not described in Normal Procedures With Successful Outcome.

Subscriber Feature Description

7

MAIN-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Registration None identified.

De-Registration None identified.

Activation None identified.

De-Activation None identified.

Invocation Typical problems during OTASP invocation may include the following: a. b. c. The user attempts to activate the new MS in a poor radio frequency (RF) coverage area. The user receives unsuccessful feedback after the NAM programming parameters are transmitted into the MS. The OTASP invocation procedure does not complete successfully (i.e., a failure occurs at any time during the process). This can happen, for instance, if the user does not input the correct programming mode for OTASP or the user enters an incorrect feature code. The user attempts to invoke OTASP:

d.

· in an area where OTASP is not provided; or · for a service provider that does not provide OTASP; or · for a service provider that does not support OTASP for the requested service

provider. e. The user is not successfully validated by the service provider.

The resolution of exception procedures for these problems shall be feature implementation dependent.

Exceptions While Roaming None identified.

MAIN-OTA

8

Subscriber Feature Description

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Exceptions During Intersystem Handoff During OTASP procedure, intersystem handoffs may be blocked by the service provider depending upon specific implementation.

2.1.3

Alternative Procedures

If the process of programming an MS terminates before OTASP programming information is committed to permanent memory, the MS shall return to the programmed information in effect before the service provisioning procedure began. It is likely that the service provider's customer service representative may provide necessary instructions to the user for alternate methods of service provisioning. The OTASP feature shall not preclude other forms of service provisioning, such as programming the mobile station manually.

2.1.4

Interactions With Other Services

When OTASP is active, it takes precedence over all other calls and features. terminate OTASP at any time in order to originate an emergency call. The user may

2.1.5

Flowchart Example

The following flowchart illustrates a typical sequence of procedures for a successful OTASP session. One alternative for the order in which steps 8, 9, and 10 can be executed is shown. The number associated with the text refers to the corresponding Step number in "Normal Operation With Successful Outcome" in Section 2.1.1.

Subscriber Feature Description

9

MAIN-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

(1) user obtains an OTASP capable MS

A1

A2

(2) user provides charged battery or external power source for MS

(6a) mobile station accesses network with OTASP feature code

(10) MS & network perform SSD update procedure

(3) user is within an area of OTASP coverage

(7) network completes call to customer service center

(10a) voice privacy and message encryption mode may be activated

(4) user turns on MS power

(7a) service center answers call and establishes dialog with the user

B

(5) user selects NAM to program

(8) network may upload current NAM parameters

(6) user chooses service provider

(9) MS & network perform A-Key Generation procedure

A1

A2

Figure A1 OTASP: Example Flow Chart

MAIN-OTA

10

Subscriber Feature Description

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

B

C

(11) CSC rep. obtains customer information needed for verification

(14) CSC rep. disconnects call

(11a) verification successful ? yes (12a) user may choose subscriber features and directory number

no

(14a) MS may inform user of successful service provisioning

(12c) service denied to user

(14b) service provider authorizes user for wireless service

(12b) CSC rep. creates subscriber profile in system and assigns other NAM parameters needed by the MS

(14c) user can now operate MS

(13) network transmits required parameters into subscriber unit NAM

C

Figure A2 OTASP: Example Flow Chart (concluded)

Subscriber Feature Description

11

MAIN-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

2.2

OVER THE AIR PARAMETER ADMINISTRATION (OTAPA)

Over-The-Air Parameter Administration is a network capability that can be used by a service provider to update the NAM or other operational parameters in a subscriber's activated OTAPA capable Mobile Station (MS) over-the-air. OTAPA sessions are initiated autonomously by the network, and proceed without any subscriber involvement or knowledge and with no limitation on the subscriber's ability to receive telecommunications services. Applicability to Telecommunications Services OTAPA is applicable to all telecommunications services.

2.2.1

Normal Procedures With Successful Outcome

Authorization A service provider may make OTAPA generally available to all its own subscribers who have an OTAPA capable MS, or a service provider may choose to limit OTAPA availability to a service provider determined subset of its own subscribers. De-Authorization OTAPA may be withdrawn by the service provider or optionally upon receipt from the MS of an indication that the subscriber has disabled OTAPA. Registration The information needed to unlock the MS or gain access to a NAM within the MS shall be registered upon authorization at the MS and the network. De-Registration OTAPA shall be de-registered upon de-authorization. Activation OTAPA is activated upon authorization. De-Activation OTAPA is de-activated upon de-authorization. Invocation OTAPA is invoked by the service provider at any time. Normal Operation With Successful Outcome

MAIN-OTA

12

Subscriber Feature Description

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

This section describes a typical sequence of procedures for an OTAPA session which results in a successful outcome. a. b. c. d. The service provider invokes OTAPA for an MS. The service provider determines that the MS is registered in a cooperating, OTAPA capable Serving System. The service provider may unlock the MS, and the network. MS may authenticate the

The service provider may transmit parameter values to the MS and/or request the value of parameters previously stored in the MS. Depending on the MS's air interface and the configuration and capabilities of the Serving System, these parameter exchanges may be protected by Signaling Message Encryption. The parameters that may be downloaded or requested by the service provider also depend on the air interface supported by the MS. For some air interfaces, these parameters may be limited to parameters associated to the active NAM; for others they may include certain global MS parameters.

e. f.

Upon command from the service provider, the MS commits downloaded parameters to permanent memory. After the OTAPA session is complete, the MS resumes normal operation using the resultant parameter values for its operation.

2.2.2

Exception Procedures or Unsuccessful Outcome

This section lists some of the more probable abnormal situations not described in Normal Procedures With Successful Outcome. If the MS originates, receives, or ends a call while OTAPA is in progress, the OTAPA session is terminated. If the process of reprogramming an MS via OTAPA terminates before certain parameters have been committed to permanent memory, the MS resumes normal operation using the previously stored values of those parameters. Some MSs may allow a subscriber to prevent the MS from being reprogrammed via OTAPA. If a subscriber exercises this capability, attempts to reprogram the MS via OTAPA will fail, and the MS operates normally using the parameter values that had been in effect before the OTAPA session was attempted. Registration None identified. De-Registration None identified. Activation None identified.

Subscriber Feature Description

13

MAIN-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

De-Activation None identified. Invocation The subscriber is not notified if an attempt to invoke OTAPA fails. There should be no effect on a subscriber's ability to operate the MS if the service provider is unable to successfully invoke OTAPA. Exceptions While Roaming Based on bilateral agreements, a service provider may choose to abort OTAPA sessions for MSs roaming outside of a selected subset of cooperating Serving Systems. Exceptions During Intersystem Hand-off OTAPA procedures may be blocked during intersystem hand-off by the service provider, depending on the specific implementation.

2.2.3

Alternative Procedures

None identified.

2.2.4

Interactions With Other Services

Asynchronous Data Service (ADS) None identified. Call Delivery (CD) None identified. Call Forwarding--Busy (CFB) None identified. Call Forwarding--Default (CFD) None identified. Call Forwarding--No Answer (CFNA) None identified. Call Forwarding--Unconditional (CFU) None identified.

MAIN-OTA

14

Subscriber Feature Description

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Call Transfer (CT) None identified. Call Waiting (CW) None identified. Calling Name Presentation (CNAP) None identified. Calling Name Presentation Restriction (CNAR) None identified. Calling Number Identification Presentation (CNIP) None identified. Calling Number Identification Restriction (CNIR) None identified. Conference Calling (CC) None identified. Data Privacy (DP) None identified. Do Not Disturb (DND) None identified. Emergency Services (9-1-1) None identified. Flexible Alerting (FA) None identified. Group 3 Facsimile (G3 Fax) None identified. Incoming Call Screening (ICS) None identified.

Subscriber Feature Description

15

MAIN-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Message Waiting Notification (MWN) None identified. Mobile Access Hunting (MAH) None identified. Network Directed System Selection (NDSS) None identified. Non-Public Mode Service (NP) None identified. Over-the-Air Parameter Administration (OTAPA) Only a single OTAPA session may be performed with a mobile concurrently. Over-the-Air Service Provisioning (OTASP) OTASP takes precedence over OTAPA. progress. Password Call Acceptance (PCA) None identified. Preferred Language (PL) None identified. Priority Access and Channel Assignment (PACA) None identified. Remote Feature Control (RFC) None identified. Selective Call Acceptance (SCA) None identified. Service Negotiation (SN) None identified. Subscriber PIN Access (SPINA) OTAPA cannot be performed while OTASP is in

MAIN-OTA

16

Subscriber Feature Description

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

None identified. Subscriber Confidentiality (SC) None identified. Subscriber PIN Intercept (SPINI) None identified. Three-Way Calling (3WC) None identified. User Group ID (UGID) None identified. Voice Message Retrieval (VMR) None identified. Voice Privacy (VP) None identified.

Subscriber Feature Description

17

MAIN-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

3

FUNCTIONAL OVERVIEW

This section is common to CDMA and TDMA OTASP/OTAPA (unless otherwise stated). It provides modifications to ISTIA/EIA-41-DC, "Functional Overview", for Over-The-Air Service Provisioning and Parameter Administration.

3.1

NORMATIVE REFERENCES (TIA/EIA-41.1-D, Section 2.1)

CDMA: [IS-683] [IS-683-A] [IS-95-B] TDMA: [IS-136.1-A] [136-720] [136-730] AUTH: [IS-778] IMSI: [IS-751] TIA/EIA/IS-683, Over-the-Air Service Provisioning of Mobile Stations in Wideband Spread Spectrum Systems, Published February, 1997. TIA/EIA/IS-683-A , Over-the-Air Service Provisioning of Mobile Stations in Wideband Spread Spectrum Systems, Published June, 1998. TIA/EIA-95-B - Mobile Station-Base Station Compatibility Standard for Dual-Mode Spread Spectrum Systems, Published October, 1998. TIA/EIA/IS-136.1-A-1 Addendum No. 1 to TIA/EIA/IS-136.1-A, Published November, 1996. TIA/EIA-136-720, Over-the-Air Activation Teleservice Telecommunications Industry Association; 1998. (OATS);

TIA/EIA-136-730, Over-the-Air Programming Teleservice (OPTS); Telecommunications Industry Association; 1998. TIA/EIA-778, Wireless Authentication Enhancements Descriptions to TIA/EIA-41-D, Published January, 1999. TIA/EIA-751, TIA/EIA-41-D Published January, 1998. Modifications to support IMSI,

3.2

DEFINITIONS (TIA/EIA-41.1-D, Section 3.1)

Activation_MIN (in CDMA OTASP) In CDMA OTASP, an Activation_MIN is allocated by the Over-The-Air Service Provisioning Function (OTAF) or obtained by the OTAF from the Customer Service Center (CSC), for the duration of an OTASP session. It is only used as a reference number for an OTASP call instance. The Activation_MIN does not have to conform to numbering plan guidelines or regulations. It shall, however, be unique for all concurrently active OTASP sessions within a Serving System's TIA/EIA-41 network. When the Activation_MIN is present in a message used for OTASP, it is carried in the MIN parameter of that message.

MAIN-OTA

1-18

Functional Overview

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Activation_MIN (in TDMA OTASP) In TDMA OTASP, an Activation_MIN is supplied by an unactivated mobile station for the duration of an OTASP session. It takes the form NPA-NXX-xxxx, where NPA = 000, and the NXX-xxxx is assigned from the lower digits of a decimal representation of the ESN, as specified in TDMA.

OTASPCallEntry The OTASPCallEntry is a name created to represent an implementation dependent temporary call record used during an OTASP or OTAPA session. Depending on the implementation, the OTASPCallEntry may exist at one or more of the following network entities: HLR, AC, MSC or VLR. Conceptually, the OTASPCallEntry may be identified by either the ESN, or, alternately the Activation MIN, for OTASP, or, for OTAPA, the MS's MIN at the start of the OTAPA session. Activation_MIN or the ESN, and The OTASPCallEntry may be used to store temporary OTASP or OTAPA session call related information (e.g., A-key, SSD, another network entity's SS7 address, etc).

OTASP Data Message The OTASP Data Message is an OTASP related air-interface message. OTAPA (Over-The-Air Parameter Administration) Over-The-Air Parameter Administration is a network capability that can be used by a service provider to update the NAM or other operational parameters in a subscriber's activated OTAPA capable Mobile Station (MS) over-the-air. OTAPA sessions are initiated autonomously by the network, and proceed without any subscriber involvement or knowledge and with no limitation on the subscriber's ability to receive telecommunications services. XOREDSSD The value that represents the Shared Secret Data (SSD-A) XORed with the MS' A-key.

Functional Overview

1-19

MAIN-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

3.3

SYMBOLS AND ABBREVIATIONS (TIA/EIA-41.1-D, Section 4)

AKEYPV AUTHRA BSKEY CSC MSMIN MSKEY MODVAL MSCADDR MINTYP NAM NANP NEWMIN OTA OATS OTAF OTARTcx OTARTt OTASP OTASPRC OTASPREQ otaspreq PRIMVAL RANDRA RARPT SMERPT SMS_CC SMS_TID SMTcx SRVIND TRN VPRPT VRU AKeyProtocolVersion parameter AuthenticationResponseReauthentication parameter BaseStationPartialKey parameter Customer Service Center MobileStationMIN parameter MobileStationPartialKey parameter ModulusValue parameter MSC Address parameter MIN Type parameter Number Assignment Module North American Numbering Plan NewlyAssignedMIN parameter Over-The-Air Over-the-Air Activation Teleservice (TDMA) Over-The-Air Service Provisioning Function OTASP Request Response Timer (CDMA; where x = s, l) OTASP Request Response Timer (TDMA) OTA Service Provisioning OTASP_ResultCode parameter OTASPRequest INVOKE OTASPRequest RETURN RESULT PrimitiveValue parameter RandomVariableReauthentication parameter ReauthenticationReport parameter SignalingMessageEncryptionReport parameter SMS_CauseCode parameter SMS_TeleserviceIdentifier parameter Short Message Delivery Timer (CDMA, where x = s, m, l) ServiceIndicator parameter TemporaryReferenceNumber parameter VoicePrivacyReport parameter Voice Response Unit

MAIN-OTA

1-20

Functional Overview

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 SME M MC M MC OTAF V OTAF MC X CSC M Q N N1 Q1 D1 SME AC H HLR D VLR G VLR C B MS Um BS A MSC Ai PSTN E F Di MSC EIR ISDN

3.4

NETWORK REFERENCE MODEL (TIA/EIA-41.1-D, Section 5)

Proposed OTASP Enhancements

Figure B Note:

Network Reference Model (with OTASP Enhancements Identified)

CSC OTAF

Customer Service Center Over-The-Air Service Provisioning Function

3.5

5.1.a

FUNCTIONAL ENTITIES (TIA/EIA-41.1-D, Section 5.1)

Customer Service Center (CSC)

The CSC is an entity where the service provider representatives receive telephone calls from customers wishing to subscribe to initial wireless service or request changes in their existing service. The CSC interfaces proprietarily with the OTAF to perform network and MS related changes necessary to complete the service provisioning request.

5.1.b

Over-The-Air Service Provisioning Function (OTAF)

The OTAF is an entity that interfaces proprietarily with CSCs to support service provisioning activities. The OTAF interfaces with the MSC to send MS orders necessary to complete service provisioning requests. The OTAF may, or may not be located within, and be indistinguishable from an HLR, or an MC.

Functional Overview

1-21

MAIN-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

3.6

5.2.a

INTERFACE REFERENCE POINTS (TIA/EIA-41.1-D, Section 5.2)

Reference Point D1

Reference Point D1 is the VLR to OTAF interface.

5.2.b

Reference Point N1

Reference Point N1 is the HLR to OTAF interface.

5.2.c

Reference Point Q1

Reference Point Q1 is the MSC to OTAF interface.

5.2.d

Reference Point V

Reference Point V is the OTAF to OTAF interface.

5.2.e

Reference Point X

Reference Point X is the CSC to OTAF (proprietary) interface.

MAIN-OTA

1-22

Functional Overview

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4C AUTOMATIC ROAMING OPERATIONS - CDMA

This section applies only to the CDMA OTASP portion of the OTA enhancements for OTASP and OTAPA. It provides modifications to Section 4 of ISTIA/EIA-41.3-CD "Automatic Roaming Operations", for CDMA Over-The-Air Service Provisioning. Figure CC shows all the operations (new and existing) that are recommended for the CDMA portion of the OTA enhancements OTASP.

ROUTREQ REDDIR FEATREQ SMDPP MSC OTAF SMSNOT SMSREQ OTASPREQ BSCHALL AUTHDIR ASREPORT OTASPREQ HLR AC

OTASP Data

BS

VLR ASREPORT AUTHDIR BSCHALL MSINACT REGNOT ASREPORT AUTHDIR BSCHALL MSINACT REGNOT

Figure CC

OTA Related ISTIA/EIA-41 Operations for CDMA

New operation scenarios for the following operations are included : 1. SMSDeliveryPointToPoint (SMDPP) - existing operation 2. OTASPRequest (OTASPREQ) - new operation 3. AuthenticationDirective (AUTHDIR) - existing operation There are no new CDMA OTASP OTA related operation scenarios for the existing operations: ASREPORT, BSCHALL, REDDIR, FEATREQ, ROUTREQ, REGNOT and MSINACT, since the changes needed in these operations are minimal.

Automatic Roaming Operations

3-1

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.1

AuthenticationDirective (TIA/EIA-41.3-D, page 3-6)

The AuthenticationDirective (AUTHDIR) operation is used to request modification of an MS's authentication parameters. This operation is also used to transport Encryption Parameters (SMEKEY and CDMAPLCM) to the Serving MSC during CDMA OTASP and CDMA OTAPA. The following table lists the valid combinations of invoking and responding FEs. Table 2 FE Combinations for AUTHDIR INVOKING FE Case 1 Case 2 Case 3 AC HLR Serving VLR RESPONDING FE HLR Serving VLR Serving MSC

In addition to its use for transporting encryption parameters to the Serving MSC, The the AuthenticationDirective operation allows one or more of several possible authentication processes to be initiated: 1. 2. 3. 4. 5. 6. An update of SharedSecretData (SSD) when SSD is shared. An update of SSD when SSD is not shared. An update of the CallHistoryCount (COUNT) parameter value. A Unique Challenge when SSD is shared (i.e., VLR-initiated). A Unique Challenge when SSD is not shared (i.e., AC-initiated). Revocation of SSD sharing.

These operation scenarios are illustrated in Sections 4.1.1 through 4.1.6C1, respectively.

CDMA-OTA

3-2

Automatic Roaming Operations

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.1.C1

Transport Encryption Parameters to Serving MSC for OTASP

This operation scenario describes the use of the AuthenticationDirective operation to transport Encryption Parameters (SMEKEY and CDMAPLCM) to the Serving MSC.

Serving System AC HLR VLR MSC

AUTHDIR [MSID, ESN, SRVIND, MSCID, EncryptionParameters]

a

AUTHDIR [MSID, ESN, SRVIND, MSCID, EncryptionParameters] b

AUTHDIR [MSID, ESN, SRVIND, EncryptionParameters] c

ADT

ADT

ADT

authdir [ ] d

authdir [ ]

e

authdir [ ] f

Figure 4.1.C1 Transport Encryption Parameters to the Serving MSC for OTASP

Automatic Roaming Operations

3-3

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

a.

The AC has computed the Encryption Parameters (SMEKEY and CDMAPLCM) and needs to send them to the Serving MSC. It sends an AUTHDIR to the HLR.

Parameters MIN MSID Usage Activation_MIN used temporarily during OTASP, or, for OTAPA, the MS's MSID at the start of the OTAPA session. When the MS has both the MIN & the IMSI at the start of the OTAPA session then the MIN form of the MSID is used. Type R

ESN SRVIND

MS's ESN. Indicates CDMA OTASP service or OTAPA service, as appropriate. For OTASP, the Serving MSC's System ID is included. (Note - This information is not needed and may not even be available for OTAPA.) Encryption Parameters for signaling message encryption and voice privacy over the airinterface. CDMA Private LongCode Mask for voice privacy over the air-interface Signaling Message Encryption Key for Signaling Message Encryption over the airinterface

R R

MSCID

OR

EncryptionParameters:

R

[CDMAPLCM] [SMEKEY]

R R

b.

The HLR forwards the AUTHDIR to the VLR currently serving the identified MS. For OTASP, tThe HLR is able to obtain the VLR's address from the MSCID parameter it receives from the AC. Parameters are as in Step-a. The Serving VLR sends an AUTHDIR to the Serving MSC. For OTASP, tThe VLR is able to obtain the Serving MSC's address from the MSCID parameter it receives from the HLR. The parameters are the same as in Step-a with the exception of the MSCID parameter which is not needed. The Serving MSC returns an empty authdir to the Serving VLR to indicate that the EncryptionParameters were successfully received. The Serving VLR forwards the authdir to the HLR. The HLR forwards the authdir to the AC.

c.

d. e. f.

CDMA-OTA

3-4

Automatic Roaming Operations

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.32

SMSDeliveryPointToPoint (TIA/EIA-41.3-D, page 3-143)

The SMSDeliveryPointToPoint (SMDPP) operation is a general purpose operation that is used to transfer a short message or, in general, any other information or encapsulated data from one point to another point and report on the success or failure of that transfer. The following table lists the valid combinations of invoking and responding FEs. Table 32 INVOKING FE Case 1 Case 2 SME MC FE Combinations for SMDPP RESPONDING FE MC MC When MSMS message origination MSMS message transition from originating MC control to destination control MSMS message delivery MSMS message origination to delivery CDMA OTASP or CDMA OTAPA message delivery

Case 3 Case 4 Case 5

MC SME OTAF

SME SME MSC

The SMSDeliveryPointToPoint operation has two variations: 1. 2. Successful transfer of a short message to another point. Unsuccessful transfer of a short message to another point.

Automatic Roaming Operations

3-5

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.32.C1 Serving MSC Attachment to an OTAF

This operation scenario describes the use of SMSDeliveryPointToPoint to provide an attachment between the Serving MSC and an OTAF for CDMA OTASP.

Serving System OTAF SMDPP [MIN, TRN, ACTCODE, SRVIND, SMS_BearerData, SMS_TID] MSC

a

SMT cs

smdpp [ESN, MS_MSID, SYSCAP, MSCID] b

SMDPP [MIN, TRN ESN, ACTCODE, SRVIND, SMS_BearerData, SMS_TID] c

SMT cs

smdpp [ ] d

Figure 4.32.C1 Serving MSC Attachment to an OTAF a. An Activation_MIN to be used temporarily for the duration of this OTASP attempt is assigned. The OTAF sends an SMDPP to the Serving MSC.

CDMA-OTA

3-6

Automatic Roaming Operations

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Parameters MIN TRN ACTCODE SRVIND SMS_BearerData

Usage Activation_MIN used temporarily during OTASP. Used to associate the SMDPP (and the OTAF) with the OTASP call. Instructs the Serving MSC to attach to the OTAF for this call. Indicates CDMA OTASP service. This parameter is empty. It is included to comply with TIA/EIA-41 backward compatibility rules. This parameter is empty. It is included to comply with TIA/EIA-41 backward compatibility rules.

Type R R R R MBC

SMS_TID

MBC

b.

The Serving MSC associates the call in question with the OTAF. It returns an smdpp to the OTAF containing the following parameters

Parameters ESN MSMIN MS_MSID SYSCAP MSCID Usage MS's ESN. MIN or IMSI received from the MS. Serving System's authentication capabilities. Serving MSC's System ID. Type R R R R

If the AC had previously denied access to this MS, DENACC may be included. If the HLR had previously denied authorization to this MS, AUTHDEN may be included. Steps c and d are executed to release the TRN if the OTAF is the desired OTAF and no redirection to another CSC - OTAF will take place. c. The OTAF sends a second SMDPP to the MSC with the ACTCODE directing the MSC to release the TRN, permitting the TRN to be reused.

Automatic Roaming Operations

3-7

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Parameters MIN ESN TRN ACTCODE SRVIND SMS_BearerData

Usage Activation_MIN used temporarily during OTASP. MS's ESN Used to associate the SMDPP (and the OTAF) with the OTASP call. Instructs the Serving MSC to release the TRN. Indicates CDMA OTASP service. This parameter is empty. It is included to comply with TIA/EIA-41 backward compatibility rules. This parameter is empty. It is included to comply with TIA/EIA-41 backward compatibility rules.

Type R R R R R MBC

SMS_TID

MBC

d.

The MSC sends an empty smdpp to the OTAF to acknowledge the receipt of the SMDPP in Step-c.

CDMA-OTA

3-8

Automatic Roaming Operations

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.32.C2 Exchange of OTASP Data Messages

This operation scenario describes the use of the SMSDeliveryPointToPoint operation to exchange OTASP Data Messages between the OTAF and the Serving MSC.

Serving System OTAF SMDPP [MSID, ESN, SRVIND, SMS_TID, ACTCODE, SMS_BearerData (OTASP Data Message)] a MSC

SMT

cx

smdpp [SMS_BearerData (OTASP Data Message)] b

Figure 4.32.C2 Exchange of OTASP Data Messages Note: In the above figure, SMTcx = (x=m, l: depending on the mode of MS operation (if known at the OTAF), the lengths of the OTASP Data Messages being exchanged and the corresponding response time at the MS). See Section 7 for operation timer values in Table 63. a. The OTAF sends an SMDPP to the Serving MSC.

Parameters MIN MSID Usage Activation_MIN used temporarily during OTASP, or, for OTAPA, the MS's MSID at the start of the OTAPA session. When the MS has both the MIN & the IMSI at the start of the OTAPA session then the MIN form of the MSID is used. Type R

ESN SRVIND

MS's ESN. Indicates CDMA OTASP service or OTAPA service, as appropriate. Contains an OTASP Data Message. This parameter is empty. It is included to comply with TIA/EIA-41 backward compatibility rules. Included for OTAPA when an OTAPA Request message is encapsulated in the SMS_BearerData

R R

SMS_BearerData SMS_TID

R MBC

ACTCODE

O

b.

The Serving MSC returns an smdpp to the OTAF with the SMS_BearerData containing the OTASP Data Message received from the MS, as a response to the OTASP Data Message contained in the SMS_BearerData in Step-a.

Automatic Roaming Operations

3-9

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.32.C3 OTAF Request to Initiate MSC Procedures

This operation scenario describes the use of SMSDeliveryPointToPoint to initiate MSC procedures.

Desired OTAF Serving System MSC

SMDPP [MSID, ESN, ACTCODE, NEWMIN, NEWIMSI SRVIND, SMS_BearerData, SMS_TID]

a

SMT cx

smdpp [ ] b

Figure 4.32.C3 OTAF Request to Initiate MSC Procedures Note: In the above figure, SMTcx = (x=s, m: depending on the ACTCODE value). See Section 7 for operation timer values in Table 63.

CDMA-OTA

3-10

Automatic Roaming Operations

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

a.

The OTAF sends an SMDPP to the Serving MSC with the MS's Activation_MIN, ESN, ACTCODE, and the newly assigned MIN.

Parameters MIN MSID Usage Activation_MIN used temporarily during OTASP, or, for OTAPA, the MS's MSID at the start of the OTAPA session. When the MS has both the MIN & the IMSI at the start of the OTAPA session then the MIN form of the MSID is used. Type R

ESN ACTCODE NEWMIN

MS's ESN. Instructs the Serving MSC as to which procedures it should initiate. The new MIN assigned to the MS during this OTASP attempt or OTAPA session (e.g. provided to permit the MS to be registered with the responsible HLR). The new IMSI assigned to the MS during this OTASP attempt or OTAPA session (e.g. provided to permit the MS to be registered with the responsible HLR). Indicates CDMA OTASP service or OTAPA service, as appropriate. This parameter is empty. It is included to comply with TIA/EIA-41 backward compatibility rules. This parameter is empty. It is included to comply with TIA/EIA-41 backward compatibility rules.

R R O

NEWIMSI

O

SRVIND

R

SMS_BearerData

MBC

SMS_TID

MBC

b.

The Serving MSC initiates the desired procedures (e.g. RegistrationNotification to the HLR pointed to by the NEWMIN or NEWIMSI) and sends an empty smdpp to the OTAF. For unsuccessful cases the Serving MSC may return the AUTHDEN parameter or the SMS_CauseCode parameter, or both parameters.

Automatic Roaming Operations

3-11

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.33

SMSNotification

(TIA/EIA-41.3-D, page 3-147)

The SMSNotification (SMSNOT) operation is used to report a change in an MS's ability to receive SMS messages based on the location or status of the MS. This message, at a minimum, is used to report the accessibility of an MS following a postponed SMSRequest or SMSDeliveryPointToPoint. This message may also be used to revoke delivery permission previously granted with either an SMSRequest or an SMSNotification. The following table lists the valid combinations of invoking and responding FEs. Table 33 INVOKING FE Case 1 Case 2 Case 3 HLR MSC HLR FE Combinations for SMSNOT RESPONDING FE MC MC OTAF When To report a change in an MS's ability to receive SMS messages. To report a change in an MS's ability to receive SMS messages. To report a change in an MS's ability to participate in an OTAPA session.

The SMSNotification operation has two variations: 1. 2. Used to report MS-based SME (or OTAPA function) availability. Used to report MS-based SME (or OTAPA function) unavailability.

CDMA-OTA

3-12

Automatic Roaming Operations

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.34

SMSRequest (TIA/EIA-41.3-D, page 3-149)

The SMSRequest (SMSREQ) operation is used to request a roaming MS's temporary SMS routing address. The following table lists the valid combinations of invoking and responding FEs. Table 34 INVOKING FE Case 1 Case 2 Case 3 Case 4 MC HLR Serving VLR OTAF FE Combinations for SMSREQ RESPONDING FE HLR Serving VLR Serving MSC HLR When MS's SMS routing address is required. HLR does not have current address. SMSREQ received by Serving VLR. OTAF needs current address of MS.

The SMSRequest operation has two variations: 1. 2. Successful address request, with address returned. Unsuccessful address request, with reason returned.

Automatic Roaming Operations

3-13

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.CC

OTASPRequest

The OTASPRequest (OTASPREQ) operation is used by the OTAF to request the AC to initiate certain procedures and to optionally return appropriate resulting parameters. The following table lists the valid combinations of invoking and responding FEs. Table 4.CC FE Combinations for OTASPREQ RESPONDING FE HLR AC

INVOKING FE Case 1 Case 2 OTAF HLR

4.CC.1

OTAF Request to Initiate AC Procedures

This operation scenario describes the use of the OTASPRequest operation to initiate AC procedures.

OTAF

HLR

AC

OTASPREQ [MSID, ESN, ACTCODE, SRVIND, ACProcedureInputs] a

OTASPREQ [MSID, ESN, ACTCODE, SRVIND, ACProcedureInputs] b

OTART cx

OTART cx

otaspreq [AKEYPV, AUTHBS, PublicEncryptionValues, Reports, OTASPRC] c

otaspreq [AKEYPV, AUTHBS, PublicEncryptionValues, Reports, OTASPRC] d

Figure 4.CC.1 OTAF Request to Initiate AC Procedures Note: In the above figure, OTARTcx = (x=s, l: depending on the ACTCODE value). See Section 7 for operation timer values in Table 63.

CDMA-OTA

3-14

Automatic Roaming Operations

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

a.

The OTAF sends an OTASPREQ to the HLR with the ActionCode (ACTCODE) parameter requesting the AC to initiate certain procedures (e.g. the AC may be requested to initiate the SSD update procedures and possibly return SSDURPT and UCHALRPT).

Parameters MIN MSID Usage Activation_MIN used temporarily during OTASP, or, for OTAPA, the MS's MSID at the start of the OTAPA session. When the MS has both the MIN & the IMSI at the start of the OTAPA session then the MIN form of the MSID is used. Type R

ESN ACTCODE SRVIND

MS's ESN. Request the AC to initiate a particular procedure. Indicates CDMA OTASP service or OTAPA service, as appropriate. Parameters needed for AC procedures. Supported A-key protocol version(s). Include if public encryption values generation is requested. Mobile Station Partial Key. Include if A-key generation is requested. Serving MSC's System ID. Include for OTASP if SSD update or Reauthentication is requested. (Note - This information is not needed and may not even be available for OTAPA.) Authentication capabilities of Serving System. Include for CDMA OTASP for backward compatability with IS-725, if SSD update or reauthentication is requested. MIN received from the MS at OTASP call origination. Include for CDMA OTASP but not for CDMA OTAPA. Only use the MSIMSI form of the MS_MSID if the IMSI_T was received from the MS at OTASP call origination and a MIN is not programmed in the MS.1

R R R

ACProcedureInputs: [AKEYPV]

O

[MSKEY] [MSCID]

O O

[SYSCAP]

O

[MSMIN MS_MSID]

RO

1

It may be necessary to upload a NAM parameter block to determine this for an unknown MS. (For CDMA OTASP, if the OTAF initiates an SSD update, the AC uses the received MS_MSID to calculate AUTHU whereas the MS uses its MIN, if one is programmed. If a MIN is programmed in the MS, the SSD update cannot succeed unless the MS_MSID provides that MIN to the AC.)

Automatic Roaming Operations

3-15

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Parameters [AUTHDATA]

Usage The authentication data used by the MS to compute AUTHR. Include if reauthentication is requested. Authentication result provided by the MS. Include if reauthentication is requested. Value of CallHistoryCount provided by the MS. Include if reauthentication is requested. Random number derived from the MS provided RANDC by the OTAF. Include if reauthentication is requested. The MIN to be used if OTASP completes successfully. Include if known. This may be a newly assigned MIN, or a MIN that has been reserved for assignment to the MS but that has not yet been downloaded to the MS. Include for CDMA OTASP or CDMA OTAPA if the ActionCode indicates Commit A-Key and if a new MIN has been assigned to the MS or, for an MS that has no MIN programmed (or whose MIN is being erased),2 if a new IMSI has been assigned to the MS.3 Otherwise this parameter is not included. The NEWMIN form of this parameter should be used if both a new MIN and a new IMSI are assigned to the MS. A Random variable set to a value as received from the MS. Included if the MS challenges the network. The MS's TerminalType. Include if needed by the AC when the ACTCODE is Commit AKey. For OTAPA, the TERMTYPE should, presumably, be available from subscriber records; for OTASP, the CSC representative would, in general, have to obtain the TERMTYP from the subscriber.

Type O

[AUTHR] [COUNT] [RAND]

O O O

[NEWMIN NEWMSID]

O

[RANDBS]

O

[TERMTYP]

O

b. c.

The HLR forwards the OTASPREQ to the AC. Parameters are the same as in Step-a. The AC starts executing the specified procedures. The AC returns an otaspreq to the HLR.

2

It may be necessary to upload a NAM parameter block to determine this for an unknown MS that has initiated a CDMA OTASP session. 3 A new MIN must be assigned to replace the existing MIN or the existing MIN must be erased from memory for an unknown MS that has a previously programmed MIN. (Otherwise, the MS would use that old MIN for its authentication calculations, but the AC would not have that old MIN available for its authentication calculations.)

CDMA-OTA

3-16

Automatic Roaming Operations

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Parameters AKEYPV

Usage A-key computation protocol version used by the AC. Include if public encryption values are being returned. Authentication Signature. Parameters comprising Public Encryption Values. Modulus value. Primitive value. Base Station Partial Key. Reports for various AC procedures SSD Update report. Include if received from the Serving MSC. Unique Challenge report. Include if received from the Serving MSC. Deny Access parameter. Include if the MS has not been reauthenticated correctly, or if a count mismatch was detected. Voice privacy report. Include if received from the Serving MSC. Signaling message encryption report. Include if received from the Serving MSC. Include to describe an OTASP or OTAPA related error condition at the AC, other than the ones that can be described by the DENACC, SSDURPT, UCHALRPT, VPRPT and SMERPT parameters.

Type O

AUTHBS PublicEncryptionValues: [MODVAL] [PRIMVAL] [BSKEY] Reports: [SSDURPT] [UCHALRPT] [DENACC]

O

O O O O O O

[VPRPT] [SMERPT] OTASPRC

O O O

d.

The HLR forwards the otaspreq to OTAF. The parameters are the same as in Stepc.

Automatic Roaming Operations

3-17

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

5C OVER-THE-AIR SCENARIOS -CDMA

Chapter 3)

(New for TIA/EIA-41-D,

This section applies only to the CDMA portion of the OTA enhancements for OTASP and OTAPA. It provides modifications addition of new sections to Section 6 of ISTIA/EIA-41.3DC "Voice Feature Scenarios", one for CDMA Over-The-Air Service Provisioning (OTASP) and the other for CDMA Over-The-Air Parameter Administration (OTAPA).

8

8.CC

OVER-THE-AIR SERVICE PROVISIONING SCENARIOS

CDMA OVER-THE-AIR SERVICE PROVISIONING SCENARIOS

This section depicts interaction scenarios between OTASP. network entities relating to CDMA

CDMA-OTA

3-18

Voice Feature Scenarios

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

8.CC.1a Serving MSC Attached to the Initial and Desired CSC

This operation scenario describes the use of SMSDeliveryPointToPoint to provide an attachment between the Serving MSC and the Desired OTAF, as used in CDMA systems. In this scenario, the desired OTAF is attached to (or served by) the initial CSC. Note, see 8.CC.1b for an alternative recommendation.

Serving System MS MSC Initial and Desired OTAF CSC

OTASP Call Origination (*FC+ supplementary digits) a Call delivery to the CSC b

Dialog between MS user and CSC Operator or VRU c

Information transfer [proprietary]

d

SMDPP [MIN, TRN, ACTCODE, SRVIND] e

SMT cs

smdpp [MS_MSID, ESN, MSCID, SYSCAP] f

Information transfer [proprietary]

g

Information transfer [proprietary]

h

SMDPP [ACTCODE, MIN, ESN, SRVIND] i

SMT cs

smdpp [ ] j

Figure 8.CC.1a Serving MSC Attached to the Initial and Desired CSC

Voice Feature Scenarios

3-19

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

a.

The Serving MSC recognizes the call origination to be an OTASP request from the OTASP Feature Code (*FC) received. It allocates a unique Temporary Reference Number (TRN) for this OTASP attempt. The Serving MSC may perform normal subscriber validation and authentication prior to proceeding. Irrespective of which, the MSC connects the voice call to a CSC, based on the Feature Code and any supplementary digits (e.g., *FC, *FC + XX, *FC + XX + DN) specified by the user during OTASP activation. The TRN is transferred to the CSC during call set-up. Note: The TRN may be sent as a Calling Number or a Called Number based on the signaling scheme used. A call taker or a voice response unit at the CSC begins a dialog with the user. The CSC determines that the desired OTAF is attached to this CSC. The CSC informs (in a proprietary manner) the OTAF of the initial contact. The OTAF assigns a MIN to be used during this OTASP attempt. It sends an SMDPP to the Serving MSC. The OTAF is able to determine the routing address of the MSC from the TRN previously provided.

Parameters MIN TRN ACTCODE Usage Activation_MIN used temporarily during OTASP. Used to associate the SMDPP (and the OTAF) with the OTASP call. Instructs the Serving MSC to attach to the OTAF for this call. Indicates CDMA OTASP service. Type R R R

b.

c. d. e.

SRVIND

R

f.

The Serving MSC associates the call in question with the OTAF. It returns an smdpp to the OTAF containing the following parameters.

Parameters MSMIN MS_MSID ESN MSCID SYSCAP Usage MIN or IMSI received from the MS. MS's ESN. Serving MSC's System ID. Serving System's authentication capabilities. Type R R R R

If the AC had previously denied access to this MS, DENACC may be included. the HLR had denied authorization to this MS, AUTHDEN may be included. g. h. i.

If

The OTAF informs (in a proprietary manner) the CSC that the attachment with the Serving MSC was accomplished. The CSC informs (in a proprietary manner) the OTAF that it should direct the Serving MSC to release the TRN. The OTAF sends a second SMDPP to the MSC with the ACTCODE directing the MSC to release the TRN, permitting the TRN to be reused. Parameters are the same as in 4.32.C1, Step-c. The MSC sends an empty smdpp to the OTAF acknowledging the receipt of the SMDPP in Step-i.

j

CDMA-OTA

3-20

Voice Feature Scenarios

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

8.CC.1b Serving MSC Attached to the Initial and Desired CSC (ALT)

This operation scenario describes the use of the FeatureRequest operation to facilitate attachment following the receipt of an OTASP origination from an MS. Note, see 8.CC.1a for an alternative recommendation.

Serving System MS MSC Intitial and Desired OTAF CSC

OTASP Call Origination (*FC+supplementary digits) a FEATREQ [MSID, ESN, MSCID, BILLID] b c call extended to CSC d dialog between MS user and CSC operator or VRU e proprietary information transfer SMDPP [MIN, TRN, ACTCODE, SRVIND] f g h SMDPP [ACTCODE] i smdpp [ ]

FRRT

featreq [DGTSDEST]

SMT smdpp [MS_MSID, ESN, MSCID, SYSCAP] cs

SMT cs

j

Figure 8.CC.1b Serving MSC Attached to the Initial and Desired CSC (ALT) a. b. The MSC receives an OTASP call origination. The Serving MSC may perform normal subscriber validation and authentication prior to proceeding. Irrespective of the outcome of the validation and authentication, the Serving MSC recognizes the call as an OTASP request from the OTASP Feature Code (*FC) received. As a result, it assigns a BillingID to the call and sends a FEATREQ to the OTAF to obtain a Temporary Reference Number (TRN) to use in routing the call to the CSC. The MIN MSID and ESN parameters are set to the values received from the MS in the origination message, and the MSC's MSCID is used to populate that parameter. If SS7 is used, the MSC's point code and subsystem number are used to populate the PC_SSN parameter. The address to be used by the OTAF to send the SMDPP messages to the MSC for OTASP may be derived from the MSCID using a local translation function, or it may be obtained from lower layer addressing information (or from the PC_SSN parameter, if present).

Voice Feature Scenarios

3-21

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

c.

The CSC is assumed to have a pool of numbers, similar to a pool of TLDNs, that can be used to route calls to the CSC. (If one CSC serves multiple OTAFs, then, based on implementation, this pool may be partitioned into separate pools for each OTAF or it may be one combined pool.) Based on implementation, the OTAF selects one of these numbers that is not currently in use or it uses proprietary signaling (not shown in the figure) to obtain such a number from the CSC, and returns this number for use as the TRN to the MSC using the Digits (destination) parameter in the featreq. The voice call to the CSC is established using the TRN as called party number. It is assumed that the CSC is connected to the PSTN using an interface, e.g., direct inward dialing PBX trunks or an ISDN interface, that always provides the called number as part of the signaling used to offer the call. The potential new subscriber and the responding customer service agent (or VRU port) begin a dialog. In parallel with Step-e, proprietary signaling between the CSC and the OTAF is used to notify the OTAF of the initial contact (and of the TRN used for that contact). The OTAF assigns an Activation_MIN to be used temporarily for the duration of this OTASP attempt. It sends an SMDPP to the Serving MSC.

Parameters MIN TRN ACTCODE SRVIND Usage Activation_MIN used temporarily during OTASP. Used to associate the SMDPP (and the OTAF) with the OTASP call. Instructs the Serving MSC to attach to the OTAF for this call. Indicates CDMA OTASP service. Type R R R R

d.

e. f. g

h.

The Serving MSC associates the call in question with the OTAF. It returns an smdpp to the OTAF containing the following parameters.

Parameters MSMIN MS_MSID ESN MSCID SYSCAP Usage MIN or IMSI received from the MS. MS's ESN Serving MSC's System ID Serving System's authentication capabilities Type R R R R

i. j.

The OTAF sends a second SMDPP to the MSC with the ACTCODE directing the MSC to release the TRN, permitting the TRN to be re-used. The MSC sends an empty smdpp to the OTAF acknowledging the receipt of the SMDPP in Step-i.

CDMA-OTA

3-22

Voice Feature Scenarios

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

8.CC.2a OTASP Call Redirected from Initial CSC to Desired CSC - Initial OTAF not Attached to Serving MSC

This scenario describes the use of SMSDeliveryPointToPoint operation, to attach the Serving MSC to the desired OTAF. In this scenario the desired OTAF is not attached to (nor, served by) the initial CSC that engages in a voice conversation with the MS user. Instead, the desired OTAF is attached to (or, served by) a CSC to which the MS's voice call gets redirected from the initial CSC. Also, in this scenario, the initial OTAF is not attached to the Serving MSC. Note, see 8.CC.2b for an alternative recommendation.

Voice Feature Scenarios

3-23

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Serving System MS MSC OTAF

Initial CSC OTAF

Desired CSC

OTASP Call Origination (*FC+supplementary digits) a

Call Delivery to the Initial CSC b

Dialog between MS user and initial CSC Operator or VRU c Call extended to desired CSC

d

Dialog between MS user and desired CSC Operator or VRU

e

Information transfer [proprietary] f SMDPP [MIN, TRN, ACTCODE, SRVIND] g smdpp [MS_MSID, ESN, MSCID, SYSCAP]

SMT cs

h

Information transfer [proprietary] Information transfer [proprietary] j SMDPP [MIN, ESN, ACTCODE, SRVIND]

i

k smdpp [ ]

SMT cs

l

Figure 8.CC.2a OTASP Call Redirected from Initial CSC to Desired CSC - Initial OTAF not Attached to Serving MSC a. b. The Serving MSC recognizes the call to be an OTASP request from the OTASP Feature Code (*FC) received. It allocates a unique TRN for this OTASP attempt. The Serving MSC may perform normal subscriber validation and authentication prior to proceeding. Irrespective of the outcome of the validation and authentication, the MSC connects the voice call to a CSC, based on the Feature Code and any

CDMA-OTA

3-24

Voice Feature Scenarios

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

supplementary digits (e.g., *FC, *FC + XX, *FC + XX + DN) specified by the user during OTASP activation. The TRN is transferred to the CSC during call set-up. Note: The TRN may be sent as a Calling Number or a Called Number based on the signaling schemes used. c. A call taker or a voice response unit at the CSC begins a dialog with the user and determines that the desired OTAF is not attached to this CSC. The CSC call taker or voice response unit . . . . . . extends the voice call to another CSC that is associated with the desired OTAF. The TRN is also forwarded to the new CSC. A CSC call taker or a voice response unit at the new CSC begins a dialog with the user. The CSC contacts (in a proprietary manner) the desired OTAF.

d. e. f.

g-l. Same as 8.CC.1a, Steps e-j.

Voice Feature Scenarios

3-25

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

8.CC.2b Serving MSC Redirected from Initial CSC to Desired CSC

This operation scenario describes the transfer of attachment from the OTAF/CSC pair associated to the Serving MSC to a different OTAF/CSC pair. When used, this scenario would follow Step-d in the scenario shown in 8.CC.1b. Note, see 8.CC.2a for an alternative recommendation.

Serving System MS MSC OTAF Initial CSC OTAF Desired CSC

dialog between MS user and Operator or VRU at Initial CSC a proprietary information transfer ROUTREQ [MSID, ESN, MSCID, BILLID] b c d e f g h dialog between MS user and Operator or VRU at Initial CSC i proprietary information transfer SMDPP [MIN, TRN, ACTCODE, SRVIND] k smdpp [MS_MSID, ESN, MSCID, SYSCAP] SMTcs l SMDPP [ACTCODE] m smdpp [ ] SMTcs n j

RRT

routreq [DGTSDEST]

REDDIR [MSID, ESN, DGTSDEST, BILLID] reddir

RDDT

release call leg to Initial CSC call extended to desired CSC

Figure 8.CC.2b Serving MSC Redirected from Initial CSC to Desired CSC a. Based on the ongoing dialog with the initial CSC, the CSC operator determines that the initial OTAF/CSC pair is not the desired OTAF/CSC pair. The CSC is informed of the identify of the desired OTAF/CSC pair. The initial CSC agrees to transfer attachment to the desired OTAF/CSC pair. Proprietary signaling is used to identify the desired OTAF/CSC pair to the initial OTAF, which uses local tables to determine the network address of the desired OTAF.

b.

CDMA-OTA

3-26

Voice Feature Scenarios

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

c.

The initial OTAF sends a ROUTREQ to the desired OTAF to obtain a number that can be used for redirection of the OTASP call from the initial CSC to the desired CSC. The BillingID, MSCID, MIN MSID, and ESN in this message are populated with the values received at Step-b in the scenario shown in 8.CC.1b (as is the PC_SSN parameter if one was received and if SS7 is used). The OTAF uses local information to determine the Serving MSC's SystemMyTypeCode (i.e., based on Serving MSC's MSCID). The address to be used by the desired OTAF in sending OTASP related SMDPP messages to the MSC may be derived from the MSCID using a local translation function, or it may be obtained from the PC_SSN parameter, if present, but it should not be obtained from lower layer addressing information (e.g., SCCP Calling Party Address).

d.

The desired OTAF sends the initial OTAF the number to use in redirecting the OTAF call using the Digits (destination) parameter in the routreq. This number will serve as the TRN once the call is redirected. The initial OTAF sends a REDDIR to the Serving MSC, using as Digits (destination) the value received at Step-d. The MIN MSID, ESN, and BillingID are populated with the values received at Step-b in the Scenario shown in 8.CC.1b. The Serving MSC returns a reddir to the initial OTAF. The MSC releases the call leg to the initial CSC. route that call leg. It also releases the TRN used to

e.

f. g. h.

The MSC extends the OTASP call to the desired CSC, using the number received in the Digits (destination) parameter at Step-e as the called party number, and associates this number to the call as the TRN. The subscriber and the responding CSC operator (or VRU port) begin a dialog. In parallel with Step-i, proprietary signaling between the CSC and the OTAF is used by the CSC to inform the OTAF of the contact and of the number on which the call arrived. The OTAF assigns an Activation_MIN to be used temporarily for the duration of this OTASP attempt. It sends an SMDPP to the Serving MSC.

Parameters MIN TRN ACTCODE SRVIND Usage Activation_MIN used temporarily during OTASP. Used to associate the SMDPP (and the OTAF) with the OTASP call. Instructs the Serving MSC to attach to the OTAF for this call. Indicates CDMA OTASP service. Type R R R R

i. j.

k.

l.

The Serving MSC associates the call in question with the OTAF. It returns an smdpp to the OTAF containing the following parameters.

Voice Feature Scenarios

3-27

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Parameters MSMIN MS_MSID ESN MSCID SYSCAP

Usage MIN or IMSI received from the MS. MS's ESN Serving MSC's System ID Serving System's authentication capabilities.

Type R R R R

m. n.

The OTAF sends a second SMDPP to the MSC with the ACTCODE directing the MSC to release the TRN, permitting the TRN to be re-used. The MSC sends an empty smdpp to the OTAF acknowledging the receipt of the SMDPP in Step-m.

CDMA-OTA

3-28

Voice Feature Scenarios

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

8.CC.2c OTASP Call Redirected from Initial CSC to Desired CSC - Initial OTAF Initially Attached to Serving MSC

This scenario describes the use of SMSDeliveryPointToPoint operation, to attach the Serving MSC to the desired OTAF. In this scenario the desired OTAF is not attached to (or, served by) the initial CSC that engages in a voice conversation with the MS user. Instead, the desired OTAF is attached to (or, served by) a CSC to which the MS's voice call gets redirected from the initial CSC. Also, in this scenario, the initial OTAF is initially attached to the Serving MSC.

Voice Feature Scenarios

3-29

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Serving System MS MSC OTAF

Initial CSC OTAF

Desired CSC

OTASP Call Origination (*FC+supplementary digits) a Call delivery to the Initial CSC b Information transfer [proprietary] SMDPP [MIN, TRN, ACTCODE, SRVIND] c d e

SMT cs smdpp [MS_MSID, ESN, MSCID, SYSCAP]

Dialog between MS user and initial CSC Operator or VRU f Call extended to desired CSC

g

Dialog between MS user and desired CSC Operator or VRU h Information transfer [proprietary] i SMDPP [MIN, TRN, ACTCODE, SRVIND] j

SMT cs smdpp [MS_MSID, ESN, MSCID, SYSCAP]

k Information transfer [proprietary] l Information transfer [proprietary] m SMDPP [MIN, ESN, ACTCODE, SRVIND] n

SMT cs smdpp [ ]

o

Figure 8.CC.2c OTASP Call Redirected from Initial CSC to Desired CSC - Initial OTAF Initially Attached to Serving MSC a. The Serving MSC recognizes the call to be an OTASP request from the OTASP Feature Code (*FC) received. It allocates a unique TRN for this OTASP attempt.

CDMA-OTA

3-30

Voice Feature Scenarios

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

b.

The Serving MSC may perform normal subscriber validation and authentication prior to proceeding. Irrespective of the outcome of the validation and authentication, the MSC connects the voice call to a CSC, based on the Feature Code and any supplementary digits (e.g., *FC, *FC + XX, *FC + XX + DN) specified by the user during OTASP activation.. The TRN is transferred to the CSC during call set-up. Note: The TRN may be sent as a Calling Number or a Called Number based on the signaling schemes used.

c.

The CSC contacts an initial OTAF attached to it.

d-e. Same as in 8.CC.1a, Steps e-f. f. A call taker or a voice response unit at the CSC begins a dialog with the user and determines that the desired OTAF is not attached to (or, served by) this CSC. The CSC call taker or voice response unit . . . . . . extends the voice call to another CSC that is associated with the desired OTAF. The TRN is also forwarded to the new CSC. A CSC call taker or a voice response unit at the new CSC begins a dialog with the user. The CSC contacts the desired OTAF. Same as in 8.CC.1a, Steps e-j.

g. h. i. j-o.

Voice Feature Scenarios

3-31

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

8.CC.3

A-key Generation

This operation scenario describes the use of the SMSDeliveryPointToPoint and OTASPRequest operations to perform A-key generation procedures, the end-result of which is an identical A-key at the MS and the AC.

Serving System MS MSC OTAF

Home System HLR AC

OTASPREQ [ACTCODE, AKEYPV] a OTASPREQ [ACTCODE, AKEYPV] OTARTcs OTARTcs otaspreq [AKEYPV, MODVAL, PRIMVAL, BSKEY] b c otaspreq [AKEYPV, MODVAL, PRIMVAL, BSKEY] SMDPP [SMS_BearerData (MS Key Request Message), SRVIND] e d

MS Key Request Message SMT MS Key Response Message cl

f g

smdpp [SMS_BearerData (MS Key Response Message)] SMDPP [SMS_BearerData (Key Generation Request Message), SRVIND]

h i

Key Generation Request Message SMT Key Generation Response Message

j

cl

k l

smdpp [SMS_BearerData(Key Generation Response Message)]

OTASPREQ [MSKEY, ACTCODE] m OTASPREQ [MSKEY, ACTCODE] n

OTARTcs

OTARTcs otaspreq [ ]

o p

otaspreq [ ]

CDMA-OTA

3-32

Voice Feature Scenarios

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Figure 8.CC.3 A-key Generation a. The OTAF determines that the A-key generation procedure is to be performed, perhaps from a trigger from the CSC. It sends the HLR an OTASPREQ, which includes AKEYPV, corresponding to the MS's capabilities, and ACTCODE, set to Generate Public Encryption Values procedure.

Parameters MSID Usage Activation_MIN used temporarily during OTASP, or, for OTAPA, the MS's MSID at the start of the OTAPA session. When the MS has both the MIN & the IMSI at the start of the OTAPA session then the MIN form of the MSID is used. Type R

ESN ACTCODE MS_MSID

MS's ESN. Request AC to Generate Public Encryption values. Include for CDMA OTASP but not for CDMA OTAPA. Only use the MSIMSI form of the MS_MSID if the IMSI_T was received from the MS at OTASP call origination and a MIN is not programmed in the MS.1 Indicates CDMA OTASP service or OTAPA service, as appropriate. Indicates MS's A-key generation capabilities.

R R O

SRVIND AKEYPV

R R

b. c. d. e.

The HLR forwards the OTASPREQ to the AC. Parameters are the same as in Step-a. The AC sends the AKEYPV, corresponding to the protocol version it will use, MODVAL, PRIMVAL, and BSKEY to the HLR in an otaspreq. The HLR forwards the otaspreq to the OTAF. Parameters are the same as in Stepc. The OTAF encapsulates an air-interface OTASP Data Message (MS Key Request Message) containing AKEYPV, MODVAL, and PRIMVAL, in SMS_BearerData and forwards it in an SMDPP to the Serving MSC. The Serving MSC removes the MS Key Request Message from SMS_BearerData and sends it to the MS over the air-interface. The MS successfully computes MSKEY and indicates this fact to the Serving MSC in RESULT_CODE sent in an air-interface OTASP Data Message (MS Key Response Message).

f. g.

1

It may be necessary to upload a NAM parameter block to determine this for an unknown MS. (For CDMA OTASP, if the OTAF initiates an SSD update, the AC uses the received MS_MSID to calculate AUTHU whereas the MS uses its MIN, if one is programmed. If a MIN is programmed in the MS, the SSD update cannot succeed unless the MS_MSID provides that MIN to the AC.)

Voice Feature Scenarios

3-33

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

h.

The Serving MSC encapsulates the air-interface OTASP Data Message (MS Key Response Message) containing the RESULT_CODE, in SMS_BearerData and forwards it in an smdpp to the OTAF. The OTAF encapsulates an air-interface OTASP Data Message (Key Generation Request Message) containing the BSKEY parameter in SMS_BearerData and forwards it in an SMDPP to the Serving MSC. The Serving MSC removes the Key Generation Request Message from SMS_BearerData and sends it to the MS over the air-interface. The MS successfully computes the A-key using BSKEY, MODVAL, and the random exponent it had used for computing MSKEY, and indicates this fact to the Serving MSC in RESULT_CODE using a reverse-direction air-interface OTASP Data Message (Key Generation Response Message). It also includes the MSKEY parameter in this reverse direction air-interface OTASP Data Message. The Serving MSC encapsulates the air-interface OTASP Data Message (Key Generation Response Message) in SMS_BearerData and forwards it in an smdpp to the OTAF. The OTAF thus receives the MSKEY parameter along with a confirmation, in RESULT_CODE, that the MS has successfully computed the A-key. The OTAF sends an OTASPREQ, containing MSKEY, and ACTCODE set to Generate A-key procedure, to the HLR.

Parameters MSID Usage Activation_MIN used temporarily during OTASP, or, for OTAPA, the MS's MSID at the start of the OTAPA session. When the MS has both the MIN & the IMSI at the start of the OTAPA session then the MIN form of the MSID is used. Type R

i.

j. k.

l.

m.

ESN ACTCODE MS_MSID

MS's ESN. Request AC to Generate A-key. Include for CDMA OTASP but not for CDMA OTAPA. Only use the MSIMSI form of the MS_MSID if the IMSI_T was received from the MS at OTASP call origination and a MIN is not programmed in the MS. Indicates CDMA OTASP service or OTAPA service, as appropriate. Encryption key value from MS.

R R O

SRVIND MSKEY

R R

n. o.

The HLR forwards the OTASPREQ to the AC. The parameters are the same as in Stepm. The AC successfully computes the A-key using MSKEY, MODVAL, and the random exponent it had used for computing BSKEY, and indicates this fact to the HLR by sending it an empty otaspreq. The HLR forwards the empty otaspreq to the OTAF.

p.

CDMA-OTA

3-34

Voice Feature Scenarios

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

8.CC.4

SSD Update When SSD is Not Shared

This scenario describes the use of OTASPRequest, AuthenticationDirective, BaseStationChallenge, and the AuthenticationStatusReport operations to perform SSD Update for the MS for the case where SSD is not shared between the AC and the VLR.

NOTE The Shared SSD scenario is not supported during a CDMA OTASP session or a CDMA OTAPA session.

# # # #

Voice Feature Scenarios

3-35

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Serving System MS MSC VLR OTAF

Home System HLR AC

OTASPREQ [MS_MSID, ACTCODE, SYSCAP, MSCID, SRVIND] OTASPREQ [MS_MSID, ACTCODE, SYSCAP, MSCID, SRVIND]

a b

AUTHDIR [RANDSSD, RANDU, AUTHU, SRVIND, MS_MSID, MSCID] c AUTHDIR [RANDSSD, RANDU, AUTHU, SRVIND, MS_MSID, MSCID] d AUTHDIR [RANDSSD, RANDU, AUTHU, SRVIND] e authdir [ ] ADT authdir [ ] authdir [ ]

ADT

ADT

f g h i j

update SSD [RANDSSD] base station challenge (RANDBS)

BSCHALL [RANDBS, SRVIND] BSCHALL [RANDBS, SRVIND]

k l BSCHALL [RANDBS, SRVIND]

BSCT

ASRRT

BSCT

bschall [AUTHBS] BSCT bschall [AUTHBS]

m n o

bschall [AUTHBS]

ASRRT

p q

challenge response [AUTHBS] SSD update (success) unique challenge (RANDU) OTART cl OTART cl

r s

challenge response (AUTHU)

ASREPORT [SSDURPT, UCHALRPT, SRVIND] ASREPORT [SSDURPT, UCHALRPT, SRVIND] ASREPORT [SSDURPT, UCHALRPT, SRVIND] t u v asreport [ ] ASRT asreport [ ] asreport [ ] otaspreq [SSDURPT, UCHALRPT] otaspreq [SSDURPT, UCHALRPT] w x y z aa bb

ASRT

ASRT

Figure 8.CC.4 SSD Update

when SSD is not Shared

CDMA-OTA

3-36

Voice Feature Scenarios

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

a.

The OTAF determines that SSD for the MS is to be updated, perhaps from a CSC request. It sends an OTASPREQ to the HLR indicating in the ActionCode (ACTCODE) parameter that the SSD update procedure be performed for the MS.

Parameters MSID Usage Activation_MIN used temporarily during OTASP, or, for OTAPA, the MS's MSID at the start of the OTAPA session. When the MS has both the MIN & the IMSI at the start of the OTAPA session then the MIN form of the MSID is used. Type R

ESN MSMIN MS_MSID

MS's ESN. MIN received from the MS at OTASP call origination. Include for CDMA OTASP but not for CDMA OTAPA. Only use the MSIMSI form of the MS_MSID if the IMSI_T was received from the MS at OTASP call origination and a MIN is not programmed in the MS.1 Request the AC to initiate SSD Update. Serving System's authentication capabilities. Serving MSC's System ID. Included for OTASP but not included for OTAPA. Indicates CDMA OTASP or OTAPA service, as appropriately. Include if a new MIN is commited in the MS.

R RO

ACTCODE SYSCAP MSCID

R R OR

SRVIND

R

NEWMIN

O

b. c.

The HLR forwards the OTASPREQ to the AC. SSD Generation Procedure is executed at the AC to produce a new value of the SSD using the A-Key of the MS (or using the temporary A-key if one has been generated during this programming session), ESN and a Random Number (RANDSSD) generated by the AC. The AC chooses a Unique Random Variable (RANDU) and executes Authentication Signature Generation procedure using the new SSD-A, ESN, MIN1, and MIN2 (Note: MIN1 and MIN2 are derived from the MSMIN MS_MSID parameter for OTASP, from the MSID parameter for OTAPA) associated with the MS to produce the expected Authentication Response for Unique Challenge (AUTHU). An AUTHDIR is sent from the AC to the HLR associated with the MS.

1

It may be necessary to upload a NAM parameter block to determine this for an unknown MS. (For CDMA OTASP, if the OTAF initiates an SSD update, the AC uses the received MS_MSID to calculate AUTHU whereas the MS uses its MIN, if one is programmed. If a MIN is programmed in the MS, the SSD update cannot succeed unless the MS_MSID provides that MIN to the AC.)

Voice Feature Scenarios

3-37

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

d. e.

The HLR determines the VLR address from the MSCID, for OTASP, or from the MS's registration pointer, for OTAPA, and forwards the AUTHDIR to the VLR. The VLR determines the MSC address from the MSCID, for OTASP, or from the MS's registration pointer, for OTAPA, and forwards the AUTHDIR to the Serving MSC. The MSCID parameter is not included in either case. The Serving MSC returns an empty authdir to the Serving VLR to indicate that the directive has been accepted. The Serving VLR forwards the authdir to the HLR. The HLR forwards the authdir to the AC. The Serving MSC sends an SSD Update order to the MS using the value of RANDSSD provided by the AC. The message is sent over a voice or traffic channel. The MS executes the SSD Generation Procedure to produce a new value of SSD using the value of RANDSSD provided in the SSD Update order, ESN and A-Key (or temporary A-key if one has been generated during this programming session). The MS selects a Random Number (RANDBS) and sends a Base Station Challenge order to the Serving MSC including the value of RANDBS. The MS then executes the Authentication Signature Generation procedure to produce the expected Authentication Result (AUTHBS) using the new value of SSD-A, ESN, MIN1 and the Random Number (RANDBS).

f. g. h. i.

j.

k. l. m. n.

The Serving MSC sends a Base Station Challenge (BSCHALL) to the Serving VLR to request a response to the Base Station Challenge Order received from the MS. The Serving VLR forwards the BSCHALL to the HLR. The HLR forwards the BSCHALL to the AC. The AC executes the Authentication Signature Generation procedure to produce an Authentication Result (AUTHBS) using the new value of SSD-A, ESN, MIN1 (Note: MIN1 is derived from the MSMIN MS_MSID parameter for OTASP, from the MSID parameter for OTAPA) for the MS and the Random Number (RANDBS) provided in the BSCHALL. The AUTHBS value is returned to the HLR in the bschall. The HLR forwards the bschall to the Serving VLR. The Serving VLR forwards the bschall to the Serving MSC. The Serving MSC passes the AC's computed value of AUTHBS to the MS in a Base Station Challenge response message. If the AUTHBS result provided by the AC matches the value computed by the MS, the MS stores the new SSD value for use in future executions of the Authentication Signature Generation procedure and sends an SSD Update Confirmation message to the Serving MSC. The Serving MSC sends a Unique Challenge order to the MS using the RANDU provided in the AUTHDIR in Step-e. The MS executes the Authentication Signature Generation procedure using RANDU and the SSD-A currently stored, ESN, MIN1, and MIN2 to produce an Authentication Response for Unique Challenge (AUTHU) which is then sent to the Serving MSC.

o. p. q. r.

s. t.

CDMA-OTA

3-38

Voice Feature Scenarios

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

The Serving MSC compares the value of AUTHU provided by the AC in the AUTHDIR with that received from the MS. u. v. w. x. The Serving MSC sends an ASREPORT to the Serving VLR indicating the success or failure of the SSD Update and the Unique Challenge. The Serving VLR forwards the ASREPORT to the HLR. The HLR forwards the ASREPORT to the AC. The AC stores the new SSD value for use in future executions of the Authentication Signature Generation procedure for the MS. The AC sends an empty asreport to the HLR. The HLR forwards the asreport to the Serving VLR. The Serving VLR forwards the asreport to the Serving MSC. The AC forwards the SSDURPT and the UCHALRPT parameters, if received, in an otaspreq to the HLR.

y. z. aa.

bb. The HLR forwards the otaspreq to the OTAF.

Voice Feature Scenarios

3-39

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

8.CC.5

Re-Authentication for Voice Privacy, Message Encryption or Both

This scenario describes the use of SMSDeliveryPointToPoint, AuthenticationDirective, and AuthenticationStatusReport operations to perform MS re-authentication for the purpose of computing and sending encryption parameters to the Serving MSC. The SMEKEY and CDMAPLCM are used to invoke message encryption and voice privacy, respectively, on the air-interface.

CDMA-OTA

3-40

Voice Feature Scenarios

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Serving System MS MSC VLR OTAF

Home System HLR AC

SMDPP [SMS_BearerData (Re-Authenticate Request Message), SRVIND] a

Re-Authenticate Request Message

b

Re-Authenticate Response Message

SMT

cm

c

smdpp [SMS_BearerData (Re-Authenticate Response Message)] d OTASPREQ [AUTHDATA, RAND, AUTHR, COUNT, MSCID, MS_MSID] e OTASPREQ [AUTHDATA, RAND, AUTHR, COUNT, MSCID, MS_MSID] f AUTHDIR [SRVIND, MSCID, EncryptionParameters] g AUTHDIR [SRVIND, MSCID, EncryptionParameters] AUTHDIR [SRVIND, EncryptionParameters] h i

ADT

authdir [ ] authdir [ ]

ADT

ADT

j k authdir [ ] l

ASRRT

Turn on Voice Privacy or Signaling Message Encryption or both ASREPORT [VPRPT, SMERPT, SRVIND] ASREPORT [VPRPT, SMERPT, SRVIND]

OTART cl

OTART cl ASRRT

m n o p q r s

ASREPORT [VPRPT, SMERPT, SRVIND]

ASRT ASRT

asreport [ ] asreport [ ]

ASRT asreport [ ]

otaspreq [VPRPT, SMERPT] t otaspreq [VPRPT, SMERPT] u

Figure 8.CC.5 Re-Authentication for Voice Privacy, Message Encryption, or Both

Voice Feature Scenarios

3-41

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

a.

The OTAF determines that message encryption or voice privacy or both need(s) to be invoked over the air-interface, perhaps from a CSC request. The OTAF encapsulates an air-interface OTASP Data Message (Re-Authenticate Request Message) containing the Random Challenge value, RAND (generated at the OTAF), in SMS_BearerData and forwards it in an SMDPP to the Serving MSC. The Serving MSC sends the Re-Authenticate Request Message to the MS over the airinterface. The MS executes Authentication-Signature Generation Procedure using RAND, ESN and AUTHDATA. The MS transmits an air-interface OTASP Data Message (ReAuthenticate Response Message) to the Serving MSC. (Note: AUTHR, RANDC, COUNT and AUTHDATA are included). The Serving MSC encapsulates the air-interface OTASP Data Message in SMS_BearerData and forwards it in an smdpp to the OTAF. The OTAF sends an OTASPREQ including RAND, AUTHR, COUNT, and AUTHDATA to the HLR., the Serving MSC's value of SYSCAP and the Serving System's MSCID to the HLR. The MSMIN may be included to facilitate accessing the permanent subscriber record.

b. c.

d. e.

CDMA-OTA

3-42

Voice Feature Scenarios

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Parameters MSID

Usage Activation_MIN used temporarily during OTASP, or, for OTAPA, the MS's MSID at the start of the OTAPA session. When the MS has both the MIN & the IMSI at the start of the OTAPA session then the MIN form of the MSID is used.

Type R

ESN MS_MSID

MS's ESN. Include for CDMA OTASP but not for CDMA OTAPA. Only use the MSIMSI form of the MS_MSID if the IMSI_T was received from the MS at OTASP call origination and a MIN is not programmed in the MS.1 Request AC to initiate Re-Authentication. Serving System's authentication capabilities (for CDMA OTASP only). Serving MSC's System ID. Included for OTASP, but not included for OTAPA. Indicates CDMA OTASP service or OTAPA service, as appropriate. The authentication data returned from MS. Random number generated by OTAF and sent to MS. Authentication result returned from MS. CallHistoryCount value returned from MS.

R O

ACTCODE SYSCAP MSCID SRVIND AUTHDATA RAND AUTHR COUNT

R O O R R R R R

f.

The HLR forwards the OTASPREQ to the AC. For CDMA OTASP Tthe MSMIN MS_MSID may be is included to facilitate accessing the permanent subscriber record, if one exists. The AC determines that the MS has been re-authenticated correctly. It computes the EncryptionParameters and sends them to the HLR in an AUTHDIR.

g.

1

It may be necessary to upload a NAM parameter block to determine this for an unknown MS. (For CDMA OTASP, if the OTAF initiates an SSD update, the AC uses the received MS_MSID to calculate AUTHU whereas the MS uses its MIN, if one is programmed. If a MIN is programmed in the MS, the SSD update cannot succeed unless the MS_MSID provides that MIN to the AC.)

Voice Feature Scenarios

3-43

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Parameters SRVIND

Usage Indicates CDMA OTASP service or OTAPA service. Serving MSC's System ID. Included for OTASP, but not for OTAPA. Encryption Parameters for message encryption and voice privacy on the air-interface. SMEKEY for message encryption over the airinterface. CDMAPLCM for voice privacy over the airinterface.

Type R

MSCID

OR

EncryptionParameters: [SMEKEY] [CDMAPLCM]

R R

h.

The HLR determines the VLR address from the MSCID, for OTASP, or from the MS's registration pointer, for OTAPA, and forwards the AUTHDIR to the VLR. Parameters are the same as in Step-g. The VLR determines the MSC address from the MSCID, for OTASP, or from the MS's registration pointer, for OTAPA, and forwards the AUTHDIR to the Serving MSC. Parameters are the same as in Step-g except the MSCID parameter, if received, which is not forwarded. The Serving MSC returns an empty authdir to the VLR, to indicate that the directive has been accepted. The VLR forwards the authdir to the HLR. The HLR forwards the authdir to the AC. Voice privacy or signaling message encryption or both gets turned on over the airinterface. The Serving MSC sends an ASREPORT to the VLR indicating in VPRPT and SMERPT the current status of voice privacy and signaling message encryption, respectively, on the air-interface. The VLR forwards the ASREPORT to the HLR. The HLR forwards the ASREPORT to the AC. The AC sends an empty asreport to the HLR. The HLR forwards the asreport to the VLR. The VLR forwards the asreport to the Serving MSC. The AC sends an otaspreq to the HLR, including the VPRPT and SMERPT parameters. The HLR forwards the otaspreq to the OTAF.

i.

j.

k. l. m.

n.

o. p. q. r. s. t.

u.

CDMA-OTA

3-44

Voice Feature Scenarios

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

8.CC.6

Exchange of OTASP Data Messages

This scenario describes the use of the SMDPP message to exchange OTASP Data Messages between the OTAF and the MS via the Serving MSC.

Serving System MS MSC OTAF

SMDPP [SMS_BearerData (OTASP Data Message), SRVIND] a

OTASP Data Message

b

OTASP Data Message

SMT cx

c

smdpp [SMS_BearerData (OTASP Data Message)] d

Figure 8.CC.6 Exchange of OTASP Data Messages Note: In the above figure, SMTcx = (x=m, l: depending on the mode of MS operation (if known), the lengths of the OTASP Data Messages being exchanged and the corresponding response time at the MS). See Section 7 for operation timer values in Table 63. a. The OTAF determines that an OTASP Data Message needs to be sent to the MS (perhaps from a trigger from the CSC). The OTAF encapsulates the OTASP Data Message in SMS_BearerData and forwards it in an SMDPP to the Serving MSC. The Serving MSC extracts and sends the OTASP Data Message to the MS over the air-interface. The MS responds by sending an OTASP Data Message to the Serving MSC. The Serving MSC encapsulates the received OTASP Data Message within SMS_BearerData and sends it to the OTAF in an smdpp.

b. c. d.

Voice Feature Scenarios

3-45

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

8.CC.7

AC Request to Commit A-key

This scenario describes the use of the OTASPREQ operation to request the AC to commit the previously allocated temporary authentication key and, if generated, the associated SSD.

OTAF

HLR

AC

OTASPREQ [ACTCODE, NEWMSID, MS_MSID] a

OTASPREQ [ACTCODE, NEWMSID, MS_MSID] b

OTART cl

otaspreq [ ]

OTART cl

c

otaspreq [ ] d

Figure 8.CC.7 AC Request to Commit a. The OTAF sends an OTASPREQ to the HLR.

A-key

CDMA-OTA

3-46

Voice Feature Scenarios

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Parameters MSID

Usage Activation_MIN used temporarily during OTASP, or, for OTAPA, the MS's MSID at the start of the OTAPA session. When the MS has both the MIN & the IMSI at the start of the OTAPA session then the MIN form of the MSID is used.

Type R

ESN SRVIND NEWMIN NEWMSID

MS's ESN. Indicates CDMA OTASP service or OTAPA service, as appropriate. Newly assigned MIN MSID. Include if MIN was changed during the OTASP session. Include for CDMA OTASP or CDMA OTAPA if the ActionCode indicates Commit A-Key and if a new MIN has been assigned to the MS or, for an MS that has no MIN programmed (or whose MIN is being erased), if a new IMSI has been assigned to the MS. Otherwise this parameter is not included. The NEWMIN form of this parameter should be used if both a new MIN and a new IMSI are assigned to the MS.

R R O

MSMIN MS_MSID

MIN received from the MS at OTASP call origination. Include for CDMA OTASP but not for CDMA OTAPA. Only use the MSIMSI form of the MS_MSID if the IMSI_T was received from the MS at OTASP call origination and a MIN is not programmed in the MS. Requests the AC to commit the A-key. The MS's TerminalType. by the AC. Include if needed

RO

ACTCODE TERMTYPE

R O

b. c. d.

The HLR forwards the OTASPREQ to the AC. The AC acknowledges the action to the HLR via an empty otaspreq. The HLR forwards the otaspreq to the OTAF.

Voice Feature Scenarios

3-47

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

8.CC.8

AC Request to Release Resoures

This scenario describes the use of the OTASPREQ operation to request the AC and HLR to release previously allocated resources such as the OTASPCallEntry (possibly containing the temporary authentication key and the associated SSD).

OTAF

HLR

AC

OTASPREQ [ACTCODE] a OTASPREQ [ACTCODE] b

OTART cs

OTART cs

otaspreq [ ]

c d

otaspreq [ ]

Figure 8.CC.8 AC Request to Release Resources a. The OTAF sends an OTASPREQ to the HLR with the ActionCode (ACTCODE) parameter set to Release Resources.

Parameters MSID Usage Activation_MIN used temporarily during OTASP, or, for OTAPA, the MS's MSID at the start of the OTAPA session. When the MS has both the MIN & the IMSI at the start of the OTAPA session then the MIN form of the MSID is used. Type R

ESN MS_MSID

MS's ESN. Include for CDMA OTASP but not for CDMA OTAPA. Only use the MSIMSI form of the MS_MSID if the IMSI_T was received from the MS at OTASP call origination and a MIN is not programmed in the MS. Request AC to release resources. Indicates CDMA OTASP service or OTAPA service, as appropriate.

R O

ACTCODE SRVIND

R R

b. c. d.

The HLR releases resources and forwards the OTASPREQ to the AC. The AC releases resources and acknowledges the action to the HLR via an empty otaspreq. The HLR forwards the otaspreq to the OTAF.

CDMA-OTA

3-48

Voice Feature Scenarios

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

8.CC.9

Registration Following Successful OTASP

This scenario describes registration following a successful OTASP or OTAPA session when a new MIN MSID is assigned.1 The new MIN MSID is transferred to the Serving MSC in an SMDPP operation with the ACTCODE instructing the Serving MSC to register the MS. In addition, the Serving MSC is instructed to delete the old MIN from its database and to perform the MSINACT operation with the old MIN MSID2 and to delete old MSID from its database.

Serving System MSC VLR Home System OTAF HLR Old System HLR

SMDPP [ACTCODE, NEWMIN, SRVIND, NEWIMSI] a MSINACT [DEREG] b

MSIT

msinact [ ] MSINACT [DEREG] c d e f REGNOT g regnot [ ] h regnot [ ]

MSIT

msinact [ ]

REGNOT

RNT

RNT

SMT cm

i

smdpp [ ]

j

Figure 8.CC.9 Registration Following Successful OTASP

1

However, this is not invoked when the subscription is not changed i.e., an IMSI is programmed into an MS which originally had MIN only. 2 If a successful registration had occurred with the old MIN MSID.

Voice Feature Scenarios

3-49

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

a.

After a successful OTASP or OTAPA session in which a new MIN MSID was assigned to the MS, the OTAF may determine that the Serving System should register the MS with new MIN MSID and that the Serving System should delete information corresponding to the old MIN MSID and perform the MSINACT operation1. The OTAF sends to the Serving MSC an SMDPP containing NEWMIN or NEWIMSI or both and ACTCODE, instructing the Serving MSC to initiate registration. Steps b-e will be initiated only if a successful registration had occurred with the old MIN or IMSI or both.

b.

The Serving MSC sends to the VLR containing the old MIN MSID an MSINACT, including a DeregistrationIndicator parameter. The MSC removes all record of the old MIN or IMSI or both. The VLR, upon receipt of the MSINACT containing the DeregistrationIndicatorType parameter, sends an empty msinact to the Serving MSC and removes all record of the old MIN MSID. The VLR then sends an MSINACT, including a DeregistrationIndicatorType parameter to the old HLR. The old HLR deregisters the MS (i.e. clears the pointer to the VLR) and sends an empty msinact to the VLR. The Serving MSC sends a REGNOT using the NEWMIN NEWMSID value to the VLR. The VLR forwards the REGNOT to the appropriate HLR. The HLR registers the MS and returns a regnot to the VLR. The VLR forwards the regnot to the Serving MSC. The Serving MSC sends an smdpp to the OTAF indicating that the actions specified in ACTCODE were successfully initiated.

c.

d. e. f. g. h. i. j.

1If

successful registration had occurred with the old MIN MSID.

CDMA-OTA

3-50

Voice Feature Scenarios

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

8.CC.10

Notification of Newly Assigned MIN or IMSI or Both Following Successful OTASP

This scenario describes notification of a newly assigned MIN or IMSI or both to the MSC following a successful OTASP or OTAPA session when a new MIN or IMSI or both are assigned. The new MIN and/or IMSI is transferred to the Serving MSC in an SMDPP operation with the ActionCode instructing the Serving MSC to record the MIN MSID. The MSC, then may perform necessary action associated with the MS and its new MIN and/or IMSI. The exact procedure as to what an MSC should do is vendor definable.

Serving System MSC OTAF

SMDPP [ACTCODE, NEWMIN, SRVIND, NEWIMSI] a

SMT cs

smdpp [ ]

b

Figure 8.CC.10 Notification of Newly Assigned MIN Following Successful OTASP a. After a successful OTASP or OTAPA session in which a new MIN or IMSI or both was assigned to the MS, the OTAF/CSC may determine that the Serving System should be notified of the newly assigned MIN MSIDs. The OTAF sends to the Serving MSC an SMDPP containing the NEWMIN and/or NEWIMSI and the ACTCODE set to Record New MIN MSID. b. The Serving MSC sends an smdpp to the OTAF indicating that the action specified in ACTCODE was initiated.

Voice Feature Scenarios

3-51

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

9

OVER-THE-AIR PARAMETER ADMINISTRATION SCENARIOS

CDMA OVER-THE-AIR PARAMETER ADMINISTRATION SCENARIOS

This section depicts interaction scenarios between OTAPA. network entities relating to CDMA

9.CC

OTAPA is over-the-air administration of a Mobile Station's Number Assignment Module (NAM) parameters and the Preferred Roaming list. This administration is initiated by the network service provider and not by the mobile subscriber. These parameters control the wireless network usage by the MS. Administration of such parameters without the involvement of mobile subscribers simplifies and significantly improves the customer care process by the network service providers. OTAPA does not require a voice dialogue with the service provider's customer service center and thus there is no need for involvement or interaction with the mobile subscriber during parameter administration. OTAPA can be performed at anytime while the MS is powered on as long as the MS is not already engaged in an OTASP session, and it does not interfere with normal end user operation (e.g., placing or receiving calls). If the mobile originates, receives, or ends a call while the OTAPA is in progress, the OTAPA session is terminated1 . OTAPA relies on a security mechanism to prevent unauthorized over-the-air programming of the NAM parameters. This mechanism prevents unauthorized network initiated over the air programming/administration from taking place.

1

As exceptions, OTAPA session is not terminated in the following cases: user origination or release of a second leg of a 3-way call or receiving a second call (i.e. call waiting).

CDMA-OTA

3-52

Voice Feature Scenarios

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

9.CC.1

OTA Parameter Administration - Registration

This scenario describes the registration of an MS in an OTAPA capable system.

Serving System

MS

MSC

VLR

HLR

a REGNOT [TRANSCAP = otapa, ADDRINFO] REGNOT [TRANSCAP = otapa, ADDRINFO] b c d

RNT

RNT

regnot regnot e

Figure 9.CC.1 OTA Parameter Administration - Registration a. b. The MS becomes known to the serving MSC through registration or other system access The serving MSC is OTAPA capable. This is conveyed by including the TRANSCAP parameter with OTAPA Capability bit set to yes. This parameter is included in the REGNOT operation sent from the MSC to VLR.

Parameters TRANSCAP ADDRINFO [SMSADDR] Included if the MSC is also SMS capable. When present, it provides a temporary routing address that can be used to deliver OTAPA messages to the MS. Included to provide a temporary routing address that can be used to deliver OTAPA messages to the MS if the MSC is not also SMS capable. Usage To identify the OTAPA capability of the new serving MSC, OTAPA capability bit is set Type R R O

[MSCADDR]

O

c. d. e.

The REGNOT operation is forwarded to the HLR. The HLR returns a regnot message to the VLR after updating its internal data strucures with the OTAPA capability of the current serving MSC. The VLR relays the regnot operation to the MSC.

Voice Feature Scenarios

3-53

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

9.CC.2

OTA Parameter Administration - MS is Available

This scenario describes OTA parameter administration on an MS that is idle or while in a stable call.

Serving System

Home System OTAF HLR AC

MS

MSC

VLR

SMSREQ [MSID, ESN, SRVIND]

SRT

a smsreq [SMSADDR] b c d

SMDPP [MSID, ESN, SMS_BearerData (OTAPA Request[START]), SRVIND, ACTCODE]

move MS to a traffic channel and request OTAPA

SMT

smdpp [SMS_BearerData (OTAPA Response [RAND_OTAPA, NAM_LOCK_IND]) ] OTASPREQ [MSID, ESN, ACTCODE, RANDBS, SRVIND] OTASPREQ [MSID, ESN, ACTCODE, RANDBS, SRVIND]

e f

g OTART otaspreq [AUTHBS] h otaspreq [AUTHBS] i SMDPP [MSID, ESN, SMS_BearerData (Validation Request [AUTH_OTAPA]), SRVIND] j satisfy MS OTAPA challenge SMT k smdpp [SMS_BearerData (Validation Response [RESULT_CODE] )] l SMDPP [MSID, ESN, SMS_BearerData (Download Request), SRVIND] m data download SMT n smdpp [SMS_BearerData (Download Response) ] o

OTART

SMDPP [MSID, ESN, SMS_BearerData (commit request), SRVIND]

data commit

p q

SMT

r s t u v

smdpp [SMS_BearerData (commit response) ] SMDPP [MSID, ESN, SMS_BearerData (OTAPA Request [STOP]), SRVIND, ACTCODE]

release traffic channel

SMT

smdpp [SMS_BearerData (OTAPA response)]

Figure 9.CC.2 OTA Parameter Administration - MS is Available a. The OTAF has determined that there is a need to perform the NAM administration (i.e. OTAPA) on an MS via proprietary messaging from the CSC. The OTAF then in an effort to determine both the MS' availability for OTAPA and the current network address of the serving MSC, sends an SMSREQ toward the HLR.

CDMA-OTA

3-54

Voice Feature Scenarios

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Parameters MSID ESN SRVIND

Usage The MS's MSID. The MS's ESN. Indicates CDMA OTAPA

Type R O R

b.

The HLR recognizes that SMSREQ is for OTAPA from the SRVIND parameter. It then determines that the MS is in an OTAPA capable and OTAPA authorized serving MSC. The HLR returns the smsreq with the current serving MSC's ADDRINFO carried in the SMS_Address parameter and with the ESN if the ESN was not received in the SMSREQ.

c.

The OTAF encapsulates an air-interface OTASP data message (OTAPA Request) in the SMS_BearerData parameter, and sends it, along with the MS's MSID and ESN, the SRVIND, and the ACTCODE in an SMDPP to the serving MSC. The OTAF is able to determine the destination address using the SMSADDR received in the previous step. The SRVIND is set to CDMA OTAPA which enables the serving MSC to set the service option over the air interface to the MS.

Parameters MSID Usage The MS's MSID. When the MS has both the MIN & the IMSI at the start of the OTAPA session then the MIN form of the MSID is used. MS's ESN. It encapsulates an air interface OTAPA Request message with START indicator. This will request the MS to initiate an OTAPA session. This parameter is empty. It is included to comply with TIA/EIA-41 backward compatibility rules. Indicates CDMA OTAPA. Allocate Resources (for multiple message traffic channel delivery). Type R

ESN SMS_BearerData

R R

SMS-TID

MBC

SRVIND ACTCODE

R R

d.

The Serving MSC moves the MS from the access channel to a traffic channel, if it is not already on a traffic channel. The Serving MSC removes the OTAPA Request Message from SMS_BearerData and sends it to the MS over the traffic channel. If the NAM is protected, the MS challenges the network.

e.

The Serving MSC encapsulates the air interface OTASP Data message (OTAPA Response) received from the MS in an SMS_BearerData parameter and forwards it in an smdpp to the OTAF. The OTAF examines the contents of the SMS_BearerData. In the illustrated case, the OTAF determines that the NAM is protected. Since it is, the OTAF initiates the authentication signature generation procedure by sending an OTASPREQ to the MS's HLR.

f.

Voice Feature Scenarios

3-55

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Parameters MSID

Usage The MS's MSID. When the MS has both the MIN & the IMSI at the start of the OTAPA session then the MIN form of the MSID is used. MS's ESN. Generate Authentication Signature. A Random variable set to the value of the RAND_OTAPA received from MS as a challenge to the network. Indicates CDMA OTAPA.

Type R

ESN ACTCODE RANDBS

R R R

SRVIND

R

If the NAM were not protected, then the OTAF would skip the authentication signature generation procedure and start downloading the OTAPA data to an MS beginning in "step-m". g. h. The HLR forwards the OTASPREQ to the AC. The AC will execute the Authentication Signature Generation procedure to produce the 18-bit AUTHBS. It is computed by CAVE using the exclusive OR of the MS's Akey and SSD-A, the ESN, the MSID, and the 32-bit RANDBS as provided in the OTASPREQ operation. The AUTHBS value is returned back to the HLR in the otaspreq.

Parameters AUTHBS Usage Authentication Signature. Type R

i. j.

The HLR forwards the AUTHBS to the OTAF in otaspreq. The OTAF encapsulates an air-interface OTASP data message (the Validation Request message with AUTH_OTAPA set to the value of AUTHBS) in an SMS_BearerData parameter and sends it, along with the MS's MSID, ESN and SRVIND in an SMDPP to the serving MSC. The Serving MSC removes the Validation Request message SMS_BearerData parameter and sends it to the MS over the air-interface. from the

k.

If the AUTH_OTAPA result provided by the network matches the value computed by the MS, the MS indicates success within the RESULT_CODE. l. m. The Serving MSC encapsulates the Validation Response message with RESULT_CODE into a SMS_BearerData and forwards it in an smdpp to the OTAF. After successful validation, the OTAF begins the process of updating the MS parameters by encapsulating an air-interface data message (e.g. Download Request) and forwarding it in an SMDPP message to the serving MSC. The serving MSC extracts the received air-interface message and sends it to the MS. The MS responds with its consent. The serving MSC encapsulates the received consent of the MS in the SMS_bearer data and sends it back to the OTAF in the smdpp. The actual downloading of administered parameters. If appropriate, the OTAF requests the commitment of the downloaded parameters to the MS memory via Commit Request message encapsulated in SMS_BearerData.

n. o. p. q.

CDMA-OTA

3-56

Voice Feature Scenarios

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

r. s. t.

The downloaded data is committed to the MS's memory and its success is conveyed to the serving MSC. After successful commit to the MS memory, the Serving MSC sends an smdpp result with Commit Response message to the OTAF. The OTAF completes the OTAPA transaction by sending an OTASP Data message (OTAPA Request with STOP indicator) encapsulated in SMS_BearerData via an SMDPP operation.

Parameters MSID Usage The MS's MSID at the start of the OTAPA session. When the MS has both the MIN & the IMSI at the start of the OTAPA session then the MIN form of the MSID is used. MS's ESN. Indicates CDMA OTAPA. Release Resources. This parameter is empty. It is included to comply with TIA/EIA-41 backward compatability rules. Encapsulates an air interface OTAPA Request message with STOP indicator. This will request the MS to end the OTAPA session. Type R

ESN SRVIND ACTCODE SMS_TID

R R R MBC

SMS_BearerData

R

u. v.

After receiving the response from the MS, the serving MSC releases the MS from the traffic channel to which it was assigned, if the MS is not already on a call. The serving MSC responds with an smdpp to the OTAF containing the OTAPA Response message from the MS.

Voice Feature Scenarios

3-57

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

9.CC.3

OTA Parameter Administration - Postponed at the HLR

This scenario describes the postponement by the HLR of an attempt by an OTAF to perform OTA parameter administration on an MS. This is due to: 1) MS is currently unavailable for OTAPA (e.g. MS is powered down or otherwise inactive); 2) MS is in an unsecured location for OTAPA; or 3) MS is registered in an MSC which is not OTAPA capable. The OTAF requests notification in the event that the MS becomes available. The HLR sets a Delivery Pending Flag.

Serving System Home System

MS

MSC

VLR

HLR

OTAF

CSC

Information Transfer [Proprietary]

a SMSREQ [MSID, ESN, SRVIND ] b smsreq [SMSACCDEN=Postponed]

SRT

c

OTA Delivery Pending Flag clear

OTA Delivery Pending Flag set

Figure 9.CC.3 OTA Parameter Administration - Postponed at the HLR a. b. In a proprietary manner, the CSC communicates with an OTAF to initiate a CDMA OTAPA session with an MS. The OTAF, in an effort to determine both the MS' availability for OTAPA and the current network address of the serving MSC, sends an SMSREQ toward the HLR.

Parameters MSID ESN SRVIND SMSNOTIND Usage The MS's MSID MS's ESN. Indicates CDMA OTAPA. When present, indicates whether postponed notification is required. Type R O R O

c.

The supplied MSID parameter is determined to be that of an MS within this HLR. But the MS is either: 1) currently unavailable for performing OTAPA; 2) active within an unsecured location for OTAPA; or 3) registered in an MSC which is not OTAPA capable. Since notification is requested, the HLR sets its Delivery Pending Flag and responds with an smsreq containing a postponed indication. If notification were not requested, the HLR would respond with an smsreq containing an unavailable indication.

Parameters SMSACCDEN Usage SMS_AccessDeniedReason is set to postponed informing requesting OTAF that a notification will be sent once the MS becomes available. Type R

CDMA-OTA

3-58

Voice Feature Scenarios

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

9.CC.4

OTA Parameter Administration - Delayed at the HLR

This scenario describes delayed performance of OTAPA on an MS after it becomes available to the knowledge of the HLR wherein a Delivery Pending Flag has been set for that MS.

Serving System

Home System OTAF HLR AC

MS

MSC

VLR

SMSNOT [MSID, ESN, SMSADDR] smsnot [ ]

SNT

a b c

SMDPP [MSID, ESN, SMS_BearerData (OTAPA Request[START]), SRVIND, ACTCODE]

move MS to a traffic channel and request OTAPA

SMT

d e f

smdpp [SMS_BearerData (OTAPA Response [RAND_OTAPA, NAM_LOCK_IND]) ] OTASPREQ [MSID, ESN, ACTCODE, RANDBS, SRVIND] OTASPREQ [MSID, ESN, ACTCODE, RANDBS, SRVIND]

g OTART otaspreq [AUTHBS] h otaspreq [AUTHBS] i SMDPP [MSID, ESN, SMS_BearerData (Validation Request [AUTH_OTAPA]), SRVIND] j satisfy MS OTAPA challenge SMT k smdpp [SMS_BearerData (Validation Response [RESULT_CODE] )] l SMDPP [MSID, ESN, SMS_BearerData (Download Request), SRVIND] m data download SMT n smdpp [SMS_BearerData (Download Response) ] o

OTART

SMDPP [MSID, ESN, SMS_BearerData (commit request), SRVIND]

data commit

p q

SMT

r s t u v OTA Delivery Pending Flag set

smdpp [SMS_BearerData (commit response) ] SMDPP [MSID, ESN, SMS_BearerData (OTAPA Request [STOP]), SRVIND, ACTCODE]

release traffic channel

SMT

smdpp [SMS_BearerData (OTAPA response)]

OTA Delivery Pending Flag clear

Figure 9.CC.4 OTA Parameter Administration - Delayed at the HLR a. Some time after the Delivery Pending Flag that has been set at the HLR, the MS becomes available for access. The HLR sends a notification to the OTAF, via the

Voice Feature Scenarios

3-59

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

SMSNOT operation, regarding the availability of the MS and the address where it can be reached.

Parameters MSID ESN SMSADDR Usage The MS's MSID. MS's ESN. Temporary routing address that can be used to deliver OTAPA messages to the MS. Type R R R

b.

The OTAF returns an empty smsnot to the HLR.

c-v. Same as Section 9.CC.2, Steps c-v.

CDMA-OTA

3-60

Voice Feature Scenarios

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

9.CC.5

Roaming to an OTAPA-Capable System with Pending Delivery

This scenario describes roaming between OTAPA incapable serving MSC-1 to OTAPA capable serving MSC-2 when the Delivery Pending Flag is set at the HLR.

Old serving System 1 New serving System 2

Home System

MS

MSC-1

VLR-1

MSC-2

VLR-2

HLR

OTAF

System Access

a b c d e REGCANC REGCANC regcanc

REGNOT [MSID, ADDRINFO, TRANSCAP=otapa] REGNOT [MSID, ADDRINFO, TRANSCAP=otapa]

RCT

regcanc

RNT

RNT

RCT

f g regnot h

regnot SMSNOT [SMSADDR] i j k SMDPP l

SNT smsnot [ ]

OTA Delivery Pending Flag clear

OTA Delivery Pending Flag set

Figure 9.CC.5 Roaming to an OTAPA-Capable System with Pending Delivery a. b. The MS becomes known to the new serving MSC-2 through registration or other system access. The new serving MSC-2 is OTAPA capable. This is conveyed by including the TRANSCAP parameter with OTAPA capability bit set to yes. The ADDRINFO of the serving MSC-2 and TRANSCAP parameters are included in the REGNOT operation sent to the VLR-2.

Voice Feature Scenarios

3-61

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Parameters MSID TRANSCAP ADDRINFO: [SMSADDR]

Usage The MS's MSID. To identify the OTAPA capability of the new serving MSC, OTAPA capability bit is set.

Type R R R

Included if the MSC is also SMS capable. When present, it provides a temporary routing address that can be used to deliver OTAPA messages to the MS. Included to provide a temporary routing address that can be used to deliver OTAPA messages to the MS if the MSC is not also SMS capable.

O

[MSCADDR]

O

c. d. e. f. g. h. i. j.

The REGNOT operation is forwarded to the HLR. The HLR sends a REGCANC message to the old serving VLR-1. The VLR-1 relays the REGCANC message to the old serving MSC-1. The old serving MSC-1 responds by sending a regcanc message. The VLR-1 relays the above regcanc message towards the HLR. The HLR sends a regnot message to the VLR-2. The VLR-2 relays the above regnot operation to the new serving MSC-2. Triggered by previously stored Delivery Pending Flag that was set to yes and the new serving MSC-2 being OTAPA capable, the HLR informs the OTAF of the MS's new address SMSADDR via an SMSNOT operation. The OTAF responds with an empty smsnot message. The HLR upon receipt of smsnot then clears the Deliver Pending Flag for this MS. The OTAF initiates the OTAPA process on the MS with the SMDPP operation. The download process is similar to the one described in Section 9.CC.2 Steps c-v.

k. l.

CDMA-OTA

3-62

Voice Feature Scenarios

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Annex A (normative): Assumptions

This section applies only to CDMA portion of the OTA enhancements for OTASP and OTAPA. It provides addition of a new assumptions section under Annex A of TIA/EIA41.3-D.

A.CC. ASSUMPTIONS FOR CDMA OTASP AND OTAPA SESSIONS

1. The MIN or IMSI or both stored in an HLR's record for an MS that is being reprogrammed by OTASP or OTAPA will not be changed until after all OTAF/AC interactions are completed. The OTAF will not issue an order that would result in a newly assigned MSID being committed in either the MS or the AC until after all OTAF triggered SSD updates if any, and MS Reauthentication procedures if any, for the OTASP or OTAPA session have been completed.

2.

Voice Feature Scenarios

3-63

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6C SIGNALING PROTOCOLS - CDMA

This section applies only to the CDMA OTASP portion of the OTA enhancements for OTASP and OTAPA. It provides modifications to Section 5 of ISTIA/EIA-41.5-CD "Signaling Protocols", for CDMA Over-The-Air Service Provisioning. Note, however, that in the interest of brevity and maintainability, Section 6C.2 "Parameters" lists the Parameter Identifier codes for both (CDMA & TDMA) OTASP parameters, and parameters that are common to both (CDMA and TDMA) OTASP, as well as those that are unique to CDMA OTASP. In the corresponding sections on Parameters in the TDMA OTASP portion of this document, are listed those parameters that are unique to TDMA. The TDMA portion points to this CDMA portion regarding Parameter Identifier codes and parameters common to CDMA and TDMA portions of the OTA enhancements for OTASP and OTAPA.

6C.1

6C.1.1 5.1.2

OPERATIONS

General Signaling Connection Control Part (TIA/EIA-41.5-D, page 5-8)

For TIA/EIA-41 applications, the SCCP is defined in ANSI T1.112, with the following exceptions and limitations: · · SCCP Class 0 connectionless service is used. The message types are Unitdata (UDT) and Unitdata Service (UDTS). The SCCP shall return a UDTS message when a received UDT message cannot be delivered to the specified destination and has the return message on error option set. Whether to set the return message on error or discard message on error option in the Protocol Class parameter of the UDT message is at the discretion of the implementation. The TIA/EIA-41 Mobile Application Part has assigned the following Subsystem Numbers (SSN). Use of the following SSN values are recommended: 5: 6: 7: 8: 9: Mobile Application Part (MAP) Home Location Register (HLR) Visitor Location Register (VLR) Mobile Switching Center (MSC) Equipment Identification Register (EIR) (reserved)1

·

·

10: Authentication Center (AC) 11: Short Message Service (SMS) 12: Over-The-Air Service Provisioning Function (OTAF)

1Detailed transactions relative to SSN value 9 are for further study.

Signaling Protocols

5-1

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

·

In accordance with ANSI T1.112 an SSN shall be included in all messages even if message routing is based on Global Title Translation (GTT). The null SSN (i.e., value 0) should be used when the subsystem is not known (e.g., before a global title translation takes place) per ANSI T1.112. Global Title Translation on Mobile Identification Number can be used for communication with the HLR. Global Title Indicator type 2 (0010) is used. A translation type value of 3 is used for "MIN to HLR" translation. The global title address information field contains the 10-digit MIN1. The encoding scheme is BCD. Each address signal is coded as described in Section 3.4.2.3.1 of the ANSI T1.112 specification. [See IS-751 for IMSI based GTT translation]. Global Title Translation on Mobile Identification Number can be used for communication with a Message Center. Global Title Indicator type 2 (0010) is used. A translation type value of 12 is used for Short Message Service for "MIN to MC" translation. The encoding scheme is BCD. Each address signal is coded as described in Section 3.4.2.3.1 of the ANSI T1.112 specification. Use of signaling point codes, global titles, and subsystem numbers must meet ANSI T1.112 requirements; such that, any allowable combination of these addressing elements is supported. For example, as stated in T1.112.3, Section 3.4.1:

"The address consists of any one or any combination of the following elements: 1) 2) 3) signaling point code, global title (MIN-to-HLR for TIA/EIA-41), subsystem number,

·

·

·

where, the referenced address is either the called party address or the calling party address fields in SCCP messages."

·

When an originating functional entity sends an SS7 message with a global title in the SCCP called party address field, the SCCP calling party address field should include the point code and subsystem number of the originating functional entity. Note that a Signaling Transfer Point (STP) is considered to be an intermediate functional entity, not an originating functional entity. Replies to messages shall use the received Calling Party Address as the Called Party Address, in accordance with ANSI T1.112.

·

1Dialed digits must be converted to a 10-digit MIN for the Location Request Task and Call Data

Request Task when Global Title Translation communication with the HLR is used.

CDMA-OTA

5-2

Signaling Protocols

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6.4.1.2

Operation Specifiers

(TIA/EIA-41.5-D, page 5-24)

The following table lists the TIA/EIA-41 MAP Operation Specifiers. Table 8

TIA/EIA-41 MAP Operation Specifiers (concluded)

Operation Specifier H G · 0 0 X 1 F · 1 1 X 1 E · 1 1 X 0 D · 0 1 X 0 C · 1 0 X 0 B · 1 0 X 0 A · 1 0 X 0 Decimal ··· 55 56 ··· 224 ··· 1 1 1 255

Operation Name

··· SMSRequest OTASPRequest Other Values Reserved Reserved for Protocol Extension

· 0 0 X 1

through 1 1 1 1 1

6.4.2

Operation Definitions

(TIA/EIA-41.5-D, page 5-27)

The following table summarizes the operations defined for the TIA/EIA-41 MAP: Table 10 Summary of MAP Operations (concluded)

Reference 6.4.2.32 ··· 6.4.2.51 6.4.2.CC

Operation QualificationDirective ··· UnsolicitedResponse OTASPRequest

(6.4.2.TT)

Signaling Protocols

5-3

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6C.1.2

6.4.2.1

Modifications to Existing Operations

AuthenticationDirective

(TIA/EIA-41.5-D, page 5-29)

The AuthenticationDirective operation is used to request modification of an MS's authentication parameters. It is also used to transport encryption parameters to the Serving MSC for CDMA OTASP and CDMA OTAPA. The AuthenticationDirective operation is initiated with a TCAP INVOKE (LAST). This is carried by a TCAP QUERY WITH PERMISSION package. The Parameter Set is encoded as follows: Table 11 AuthenticationDirective INVOKE Parameters

Timer: ADT Type M M Reference 6.3.2.1 6.3.2.1 Notes

AuthenticationDirective INVOKE Parameters Field Identifier Length Contents ElectronicSerialNumber MobileIdentificationNumber MSID AuthenticationAlgorithmVersion AuthenticationResponseUniqueChallenge CallHistoryCount CDMAPrivateLongCodeMask DenyAccess LocationAreaID MobileStationMIN MSCID RandomVariableSSD RandomVariableUniqueChallenge SenderIdentificationNumber ServiceIndicator SharedSecretData SignalingMessageEncryptionKey SSDNotShared UpdateCount M M O O O O O O O O O O O O O O O O Value SET [NATIONAL 18] variable octets

6.5.2.63 6.5.2.81 6.5.2.7 6.5.2.12 6.5.2.18 6.5.2.36 6.5.2.54 6.5.2.77 6.5.2.oC 6.5.2.82 6.5.2.103 6.5.2.104 6.5.2.116 6.5.2.wB 6.5.2.119 6.5.2.120 6.5.2.141 6.5.2.163 l a b c m d e j n f b g k c m h i

CDMA-OTA

5-4

Signaling Protocols

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Notes: a. b. c. d. e. f. g. h. i. j. May be included if SharedSecretData parameter is included. Include if the MSC-V shall initiate a Unique Challenge to the MS. Include if the SystemCapabilities include CAVE Execution and AC administration policies allow distribution of the SSD. Include if release of system resources allocated for this access may be initiated by the MSC. This may include disconnection of any call in progress. May be included from VLR to MSC-V. Usage from the HLR or AC is not defined. Include if the MSC-V shall initiate an SSD update to the MS. Include to identify the functional entity sending this message. Include if the SSD at the VLR shall be discarded. Include if the MSC-V shall initiate a COUNT Update to the MS. Include for CDMA OTASP to indicate the MIN value currently in the MS's permanent memory, for backward compatability with IS-725. (not included for CDMA OTAPA). Include for CDMA OTASP and CDMA OTAPA. For CDMA OTASP, contains the Activation_MIN. For CDMA OTAPA, contains the MS's MSID at the start of the OTAPA session. (See IS-751 for additional information).

k. l.

m. Include to transport encryption parameters to the Serving MSC. n. Include for CDMA OTASP (but not for CDMA OTAPA) to identify Serving System. This parameter is not included when AuthenticationDirective INVOKE is sent from the VLR to the Serving MSC.

Signaling Protocols

5-5

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6.4.2.5

AuthenticationStatusReport

(TIA/EIA-41.5-D, page 5-36)

The AuthenticationStatusReport (ASREPORT) operation is used to report on the outcome of an authentication operation initiated by the AC or VLR if SSD is shared. The AuthenticationStatusReport operation is initiated with a TCAP INVOKE (LAST). This is carried by a TCAP QUERY WITH PERMISSION package. The Parameter Set is encoded as follows: Table 19 AuthenticationStatusReport INVOKE Parameters

Timer: ASRT Type M M Reference 6.3.2.1 6.3.2.1 Notes

AuthenticationStatusReport INVOKE Parameters Field Identifier Length Contents ElectronicSerialNumber MobileIdentificationNumber MSID SystemCapabilities (Serving) CountUpdateReport SenderIdentificationNumber ServiceIndicator SignalingMessageEncryptionReport SSDUpdateReport UniqueChallengeReport VoicePrivacyReport M M M O O O O O O O Value SET [NATIONAL 18] variable octets

6.5.2.63 6.5.2.81 6.5.2.146 6.5.2.52 6.5.2.116 6.5.2.wB 6.5.2.xB 6.5.2.142 6.5.2.162 6.5.2.zB a b e h c d g f

Notes: a. b. c. d. e. f. Include if report related to COUNT Update. Include to identify the functional entity sending the message. Include if report related to SSD Update. Include if report related to Unique Challenge. Include for CDMA OTASP or CDMA OTAPA. For CDMA OTASP, contains the Activation_MIN. For CDMA OTAPA, contains the MS's MSID at the start of the OTAPA session. (See IS-751 for additional information). Include to indicate the result of attempting to activate voice privacy on the airinterface following MS Reauthentication during a CDMA OTASP session or a CDMA OTAPA session. Include to indicate the result of attempting to activate signaling message encryption on the air-interface following MS Reauthentication during a CDMA OTASP session or a CDMA OTAPA session.

g.

h.

CDMA-OTA

5-6

Signaling Protocols

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6.4.2.6

BaseStationChallenge

(TIA/EIA-41.5-D, page 5-38)

The BaseStationChallenge operation is used to request a response to a Base Station Challenge Order received from an MS. The BaseStationChallenge operation is initiated with a TCAP INVOKE (LAST). This is carried by a TCAP QUERY WITH PERMISSION package. The Parameter Set is encoded as follows: Table 21 BaseStationChallenge INVOKE Parameters

Timer: BSCT Type M M Reference 6.3.2.1 6.3.2.1 Notes

BaseStationChallenge INVOKE Parameters Field Identifier Length Contents ElectronicSerialNumber MobileIdentificationNumber MSID RandomVariableBaseStation SenderIdentificationNumber ServiceIndicator M M M O O Value SET [NATIONAL 18] variable octets

6.5.2.63 6.5.2.81 6.5.2.102 6.5.2.116 6.5.2.wB a b c

Notes: a. b. c. Include to identify the functional entity sending the message. Include for CDMA OTASP or CDMA OTAPA. For CDMA OTASP, contains the Activation_MIN. For CDMA OTAPA, contains the MS's MSID at the start of the OTAPA session. (See IS-751 for additional information).

Signaling Protocols

5-7

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6.4.2.13

FeatureRequest

(TIA/EIA-41.5-D, page 5-48)

This operation was named RemoteFeatureControlRequest in an earlier version of this standard. The FeatureRequest operation success is reported with a TCAP RETURN RESULT (LAST). This is carried by a TCAP RESPONSE package. The Parameter Set is encoded as follows: Table 36 FeatureRequest RETURN RESULT Parameters

FeatureRequest RETURN RESULT Parameters Field Identifier Length Contents FeatureResult AccessDeniedReason ActionCode AnnouncementList CallingPartyNumberString1 CallingPartyNumberString2 CallingPartySubaddress CarrierDigits ConferenceCallingIndicator Digits (Dialed) Digits (Destination) DMH_AccountCodeDigits DMH_AlternateBillingDigits DMH_BillingDigits DMH_RedirectionIndicator GroupInformation MobileDirectoryNumber NoAnswerTime OneTimeFeatureIndicator PACAIndicator PilotNumber RedirectingNumberDigits RedirectingNumberString RedirectingSubaddress RoutingDigits TerminationList TerminationTriggers M O O O O O O O O O O O O O O O O O O O O O O O O O O 6.5.2.67 6.5.2.1 6.5.2.2 6.5.2.6 6.5.2.23 6.5.2.24 6.5.2.25 6.5.2.28 6.5.2.49 6.5.2.58 6.5.2.58 6.5.2.59 6.5.2.60 6.5.2.61 6.5.2.62 6.5.2.69 6.5.2.80 6.5.2.87 6.5.2.88 6.5.2.91 6.5.2.95 6.5.2.107 6.5.2.108 6.5.2.109 6.5.2.114 6.5.2.156 6.5.2.159 a b c d d d d e f l g g g d h g d i j h d d d d k d Value SET [NATIONAL 18] variable octets Type M M Reference 6.3.2.2 6.3.2.2 Notes

CDMA-OTA

5-8

Signaling Protocols

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Notes: a. b. c. d. e. f. g. h. i. j. k. l. Include if access is denied. If included, no other optional parameters shall be included (with the exception of the AnnouncementList parameter). Include if action to be performed is not implied through presence of other parameters. Include if provision of one or more tones or announcements is required. Include if applicable. Include to direct that ongoing call be transformed into a Conference Call. Include if digits remain to be analyzed by the MSC. Include if applicable and for recording purposes (see DMH), Include for multileg calls. Include if modification to normal feature processing is required for call in progress. Include to indicate PACA priority level. Include if call routing is required. Include to return a TRN from an OTAF.

Signaling Protocols

5-9

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6.4.2.37

RegistrationNotification

(TIA/EIA-41.5-D, page 5-94)

The RegistrationNotification operation is used to report the location of an MS and, optionally, to (a) validate the MS or (b) validate the MS and obtain its profile information. The RegistrationNotification operation is initiated with a TCAP INVOKE (LAST). This is carried by a TCAP QUERY WITH PERMISSION package. The Parameter Set is encoded as follows: Table 82 RegistrationNotification INVOKE Parameters

Timer: RNT Type M M Reference 6.3.2.1 6.3.2.1 Notes

RegistrationNotification INVOKE Parameters Field Identifier Length Contents ElectronicSerialNumber MobileIdentificationNumber MSID MSCID (Serving MSC) QualificationInformationCode SystemMyTypeCode (Serving MSC or VLR) AvailabilityType BorderCellAccess ControlChannelData ExtendedMSCID (VLR) LocationAreaID MSC_Address PC_SSN (Serving MSC or VLR) ReceivedSignalQuality ReportType SenderIdentificationNumber SMS_Address SMS_MessageWaitingIndicator SystemAccessData SystemAccessType SystemCapabilities TerminalType TransactionCapability M M M M M O O O O O O O O O O O O O O O O O Value SET [NATIONAL 18] variable octets

6.5.2.63 6.5.2.81 6.5.2.82 6.5.2.99 6.5.2.147 6.5.2.15 6.5.2.17 6.5.2.51 6.5.2.64 6.5.2.77 6.5.2.dnC 6.5.2.93 6.5.2.106 6.5.2.112 6.5.2.116 6.5.2.123 6.5.2.129 6.5.2.144 6.5.2.145 6.5.2.146 6.5.2.154 6.5.2.160 a b b c d l e b f g h i b j k j j

Notes: a. b. c. Include when MS is predictably unavailable for Call Delivery (e.g., slotted mode or sleep mode). Include if access occurred in a border cell (based on internal algorithms). Included by VLR if its MSCID is different than the MSC's MSCID.

CDMA-OTA

5-10

Signaling Protocols

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

d. e. f.

May be included from MSC to VLR. Include to override lower layer addressing. Include if authentication parameters were requested by the Serving MSC (AUTH=1 in the Overhead Message Train) but were not received from the MS for the system access. Include to identify message sender. Include to indicate that the Serving MSC supports Short Message Service. Include if the MS was previously registered with this VLR, the MS is registering to a new serving MSC that does not support SMS, and an SMS message is pending delivery in the previous serving system. This is only used between a VLR and an HLR. Include on IS-41-C and later. Include if the system is authentication capable (including voice channel authentication only systems where all flags are zero). Include if the Serving MSC does not support SMS but does support any other service (e.g., CDMA OTAPA) which needs to convey the current routing address of the Serving MSC.

g. h. i.

j. k. l.

Signaling Protocols

5-11

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6.4.2.43

SMSDeliveryPointToPoint(TIA/EIA-41.5-D, page 5-106) The SMSDeliveryPointToPoint operation is a general purpose operation that is used to convey a short message or in general any other information or encapsulated data from one point to another point and report on the success or failure of that transfer (for example, as used in SMS and CDMA OTASP). The SMSDeliveryPointToPoint operation is initiated with a TCAP INVOKE (LAST). This is carried by a TCAP QUERY WITH PERMISSION package. The Parameter Set is encoded as follows: Table 94 SMSDeliveryPointToPoint INVOKE Parameters

Timer: SMT Type M M Reference 6.3.2.1 6.3.2.1 Notes

SMSDeliveryPointToPoint INVOKE Parameters Field Identifier Length Contents SMS_BearerData SMS_TeleserviceIdentifier ActionCode ElectronicSerialNumber MobileIdentificationNumber MSID NewlyAssignedMIN NewlyAssignedIMSI ServiceIndicator SMS_ChargeIndicator SMS_DestinationAddress SMS_MessageCount SMS_NotificationIndicator SMS_OriginalDestinationAddress SMS_OriginalDestinationSubaddress SMS_OriginalOriginatingAddress SMS_OriginalOriginatingSubaddress SMS_OriginatingAddress TemporaryReferenceNumber M M O O O O O O O O O O O O O O O O Value SET [NATIONAL 18] variable octets

6.5.2.124 6.5.2.137 6.5.2.2 6.5.2.63 6.5.2.81 6.5.2.rB 6.5.2.dqB 6.5.2.wB 6.5.2.126 6.5.2.127 6.5.2.128 6.5.2.130 6.5.2.131 6.5.2.132 6.5.2.133 6.5.2.134 6.5.2.135 6.5.2.yC i a a, m j j k b c d e f g h g c l

CDMA-OTA

5-12

Signaling Protocols

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Notes: a. b. c. d. e. f. g. h. i. j Include if known and either the destination is an MS-based SME or the operation is used for CDMA OTASP or CDMA OTAPA. Include if applicable. If not received, charge the message originator. May be included if not carried by the underlying data transport. May require an interconnection agreement to facilitate interworking between network types. Include if applicable. If not received, assume value 0. Include if no notification is necessary. If not received, assume notification is requested. Include if different than the destination address (SMS_DestinationAddress, MobileIdentificationNumber, or the underlying data transport destination). Include if applicable. Include if not the same as the originating address (SMS_OriginatingAddress or the underlying data transport originating address). Include for CDMA OTASP or CDMA OTAPA if action to be performed is not implied through presence of other parameters. Include for CDMA OTASP or CDMA OTAPA in requests to initiate MSC procedures1 if a value has been assigned for the MS during the current OTASP or OTAPA session. Include for CDMA OTASP or CDMA OTAPA. Include for CDMA OTASP when requesting MSC attachment to the OTAF to provide a correlation between the OTASP voice and data connections.

k. l.

m. For CDMA OTASP, contains the Activation_MIN. For CDMA OTAPA, contains the MS's MSID at the start of the OTAPA session. When the MS has both the MIN & the IMSI at the start of the OTAPA session then the MIN form of the MSID is used. (See IS-751 for additional information).

1The MSC procedures are "Registration Following Successful OTASP or OTAPA" and "Notification

of Newly Assigned MIN MSID Following Successful OTASP or OTAPA" in Section 7C.

Signaling Protocols

5-13

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

The SMSDeliveryPointToPoint operation success is reported with a TCAP RETURN RESULT (LAST). This is carried by a TCAP RESPONSE package. The Parameter Set is encoded as follows: Table 95 SMSDeliveryPointToPoint RETURN RESULT Parameters

SMSDeliveryPointToPoint RETURN RESULT Parameters Field Identifier Length Contents AuthorizationDenied DenyAccess ElectronicSerialNumber MobileStationMIN MobileStationMSID MSCID SMS_BearerData SMS_CauseCode SystemCapabilities O O O O O O O O 6.5.2.13 6.5.2.54 6.5.2.63 6.5.2.oC 6.5.2.82 6.5.2.124 6.5.2.125 6.5.2.146 h c d e f a b g Value SET [NATIONAL 18] variable octets Type M M Reference 6.3.2.2 6.3.2.2 Notes

Notes: a. b. c. d. e. f. g. h. Include for positive acknowledgments, when applicable. Include for all negative acknowledgments. Include for CDMA OTASP to indicate why in the response to an attachment request if the AC has denied service to this MS. Include in response to an attachment request, for CDMA OTASP. Include for CDMA OTASP in the response to an attachment request to indicate the MIN or IMSI value currently in the MS's permanent memory. Include for CDMA OTASP in the response to an attachment request to identify the Serving System. Include for CDMA OTASP in the response to an attachment request to identify the serving system's authentication capabilities. Include for CDMA OTASP in the response to an attachment request if the HLR had previously denied authorization to this MS or the registration attempt was unsuccessful.

CDMA-OTA

5-14

Signaling Protocols

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6.4.2.45

SMSRequest(TIA/EIA-41.5-D, page 5-109) The SMSRequest operation is used to request an MS's current SMS routing address with a default to request notification when the MS becomes available if the MS is not currently available. The SMSRequest operation is initiated with a TCAP INVOKE (LAST). This is carried by a TCAP QUERY WITH PERMISSION package. The Parameter Set is encoded as follows: Table 98 SMSRequest INVOKE Parameters

Timer: SRT Value SET [NATIONAL 18] variable octets Type M M Reference 6.3.2.1 6.3.2.1 Notes

SMSRequest INVOKE Parameters Field Identifier Length Contents MobileIdentificationNumber MSID ElectronicSerialNumber ServiceIndicator SMS_NotificationIndicator SMS_TeleserviceIdentifier M O O O O 6.5.2.81

6.5.2.63 6.5.2.wB 6.5.2.130 6.5.2.137

a d b c

Notes: a. b. c. d. Include if known. Include to specify notification requirements. If not included, implies notification shall be sent when MS becomes available (default). Include if applicable. Include to identify CDMA OTAPA service.

Signaling Protocols

5-15

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6C.1.3

New Operations

6.4.2.CC OTASPRequest The OTASPRequest (OTASPREQ) operation is used by the OTAF to initiate certain AC procedures. The OTASPRequest operation is initiated with a TCAP INVOKE (LAST). This is carried by a TCAP QUERY WITH PERMISSION package. The Parameter Set is encoded as follows: Table 6.4.2.CCx OTASPRequest INVOKE Parameters

Timer: OTART Type M M Reference 6.4.1.2 6.4.1.1 Notes

OTASPRequest INVOKE Parameters Field Identifier Length Contents ActionCode AKeyProtocolVersion AuthenticationData AuthenticationResponse CallHistoryCount ElectronicSerialNumber MobileIdentificationNumber MSID MobileStationMIN MobileStationMSID MobileStationPartialKey MSCID NewlyAssignedMIN NewlyAssignedMSID RandomVariable RandomVariableBaseStation ServiceIndicator SystemCapabilities TerminalType O O O O O O O O O O O O O O O O Value SET [NATIONAL 18] variable octets

6.5.2.2 6.5.2.lB 6.5.2.9 6.5.2.10 6.5.2.18 6.5.2.63 6.5.2.81 6.5.2.oC 6.5.2.pB 6.5.2.64 6.5.2.rB 6.5.2.101 6.5.2.102 6.5.2.wB 6.5.2.146 6.5.2.154

a b c c c d e, d f g h i c m j k l

Notes: a. b. c. Include to identify action to be performed. Include to identify available version(s) of A-key Generation procedure(s) at the MS if the generation of public encryption values is being requested. Received from the MS during CDMA OTASP (or CDMA OTAPA) in the ReAuthenticate Response OTASP Data Message. Include for CDMA OTASP or CDMA OTAPA when for the purpose of re-authenticating the MS. Include.

d.

CDMA-OTA

5-16

Signaling Protocols

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

e.

For CDMA OTASP, contains the Activation_MIN. For CDMA OTAPA, contains the MS's MSID at the start of the OTAPA session. When the MS has both the MIN & the IMSI at the start of the OTAPA session then the MIN form of the MSID is used. Include to identify the MS's MIN value at OTASP call setup. Include for CDMA OTASP but not for CDMA OTAPA. Only use the MSIMSI form of the MS_MSID if the IMSI_T was received from the MS at OTASP call origination and a MIN is not programmed in the MS.1 Include for CDMA OTASP or CDMA OTAPA if A-key is to be generated. Include for CDMA OTASP to identify the Serving System if either SSD Update or Reauthentication is being requested. (Not available for OTAPA) Include for CDMA OTASP if a new MIN has been assigned to the MS (or has been reserved for assignment) to the MS during the current OTASP session. Include for CDMA OTASP or CDMA OTAPA if the ActionCode indicates Commit A-Key and if a new MIN has been assigned to the MS or, for an MS that has no MIN programmed (or whose MIN is being erased),2 if a new IMSI has been assigned to the MS.3 Otherwise this parameter is not included. The NEWMIN form of this parameter should be used if both a new MIN and a new IMSI are assigned to the MS. Include for CDMA OTASP and CDMA OTAPA. Include for CDMA OTASP for backward compatability with IS-725, to identify the serving system's authentication capabilities. The MS's Terminal Type. Include for CDMA OTASP or CDMA OTAPA, if needed by the AC, when the ActionCode indicates Commit A-key. [Refer to CDMA and AUTH]

f. f.

g. h. i. i.

j. k. l.

m. Include for CDMA OTAPA, when the ActionCode indicates Generate Authentication Signature, to transport the RAND_OTAPA to the AC.

1 It may be necessary to upload a NAM parameter block to determine this for an unknown MS. (For

CDMA OTASP, if the OTAF initiates an SSD update, the AC uses the received MS_MSID to calculate AUTHU whereas the MS uses its MIN, if one is programmed. If a MIN is programmed in the MS, the SSD update cannot succeed unless the MS_MSID provides that MIN to the AC.)

2 It may be necessary to upload a NAM parameter block to determine this for an unknown MS that

has initiated a CDMA OTASP session.

3 A new MIN must be assigned to replace the existing MIN or the existing MIN must be erased from

memory for an unknown MS that has a previously programmed MIN. (Otherwise, the MS would use that old MIN for its authentication calculations, but the AC would not have that old MIN available for its authentication calculations.)

Signaling Protocols

5-17

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

The OTASPRequest operation success is reported with a TCAP RETURN RESULT (LAST). This is carried by a TCAP RESPONSE package. The Parameter Set is encoded as follows: Table 6.4.2.CCy OTASPRequest RETURN RESULT Parameters

OTASPRequest RETURN RESULT Parameters Field Identifier Length Contents AKeyProtocolVersion AuthenticationResponseBaseStation BaseStationPartialKey DenyAccess ModulusValue OTASP_ResultCode PrimitiveValue SignalingMessageEncryptionReport SSDUpdateReport UniqueChallengeReport VoicePrivacyReport O O O O O O O O O O O 6.5.2.lB 6.5.2.11 6.5.2.nB 6.5.2.54 6.5.2.qB 6.5.2.sB 6.5.2.tB 6.5.2.xB 6.5.2.142 6.5.2.162 6.5.2.zB a g b c b d b e f f e Value SET [NATIONAL 18] variable octets Type M M Reference 6.4.1.2 6.4.1.1 Notes

Notes: a. b. c. d. Included to indicate the selected A-key generation protocol procedure. Include to return Public Encryption Values to the OTAF. Include to convey authentication failure or count mismatch during the ReAuthentication procedure. Include to convey information other than what can be conveyed in the DenyAccess, UniqueChallengeReport, SSDUpdateReport, SignalingMessageEncryptionReport, and the VoicePrivacyReport parameters. Include to convey the values received by the AC in the AuthenticationStatusReport INVOKE during the Re-Authentication procedure. Include to convey the values received by the AC in the AuthenticationStatusReport INVOKE during the SSD update procedure. Include for CDMA OTAPA to transport the AUTH_OTAPA, the authentication signature value generated by the AC, to the OTAF.

e. f. g.

CDMA-OTA

5-18

Signaling Protocols

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6C.2

6C.2.1

6.5.1.2

PARAMETERS

General

Parameter Identifiers

(TIA/EIA-41.5-D, page 5-119)

The following table lists the TIA/EIA-41 MAP Parameter Identifiers. Table 112 TIA/EIA-41 MAP Parameter Identifiers (concluded)

Parameter Identifier Name H ··· TDMAVoiceCoder (last TSB76 assigned identifier) AKeyProtocolVersion 1 1 0 1 1 0 1 1 0 1 1 0 1 1 0 1 1 0 1 1 0 1 1 0 1 1 0 1 1 0 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 1 0 0 1 0 0 1 0 0 1 0 0 1 0 0 1 0 0 1 0 0 1 0 0 1 0 0 1 1 0 1 1 0 1 1 0 1 1 0 1 1 0 1 1 0 1 1 0 1 1 0 1 1 0 1 1 0 1 1 0 1 Parameter Identifier Code G F E D C B A ··· 1 0 0 1 0 0 1 0 0 1 0 0 1 0 1 1 0 1 1 0 1 1 0 1 1 0 1 1 0 1 1 0 1 1 0 1 1 0 1 1 0 1 1 0 1 1 0 0 1 0 0 1 0 0 1 0 0 1 0 1 1 0 1 1 0 1 1 0 0 1 0 0 1 0 1 1 0 1 1 0 0 1 0 0 1 0 1 1 0 1 1 0 0 1 0 1 1 0 1 1 1 0 1 1 1 1 1 0 1 1 1 1 1 0 1 1 1 1 1 0 1 1 1 1 1 1 1 1 0 1 1 1 Reference ··· 6.5.2.k

6.5.2.lB

AuthenticationResponseReauthentication BaseStationPartialKey

6.5.2.mT

6.5.2.nB

MobileStationMIN

6.5.2.oC

MobileStationPartialKey

6.5.2.pB

ModulusValue

6.5.2.qB

NewlyAssignedMIN

6.5.2.rB

OTASP_ResultCode

6.5.2.sB

PrimitiveValue

6.5.2.tB

RandomVariableReauthentication

6.5.2.uT

Signaling Protocols

5-19

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

ReauthenticationReport

1 1 0 1 1 0 1 1 0 1 1 0

0 0 1 0 0 1 0 0 1 0 0 1 0 0 1

0 0 0 0 0 0 0 0 0 0 0 0 0 0 0

1 0 0 1 0 0 1 0 0 1 0 0 1 0 0

1 0 0 1 0 0 1 0 0 1 0 0 1 0 0 ···

1 0 0 1 0 0 1 0 0 1 0 0 1 0 1

1 0 0 1 0 0 1 0 1 1 0 1 1 0 0

1 1 0 1 1 1 1 1 0 1 1 1 1 1 0

6.5.2.vT

ServiceIndicator

6.5.2.wB

SignalingMessageEncryptionReport

6.5.2.xB

6.5.2.yC

VoicePrivacyReport

1 1 0

6.5.2.zB

··· MSC_Address 1 1 0 0 0 0 0 0 0 1 0 1

··· 1 0 1 1 1 0 1 0 0 6.5.2.dnC

1 0 1 ···

··· MobileStationIMSI 1 1 0 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 1 1 0 1

··· 1 0 1 1 0 1 1 1 1 1 1 1 1 0 0 1 0 1 6.5.2.dpC

1 0 1 1 0 1 ···

NewlyAssignedIMSI

6.5.2.dqB

···

···

Notes: a. b. c. Parameters with references ending with a "B" in them, such as "6.5.2.qB" are common to BOTH CDMA and TDMA OTASP. Parameters with references ending with a "C" in them, such as "6.5.2.oC" are unique to CDMA OTASP. Parameters with references ending with a "T" in them, such as "6.5.2.uT" are unique to TDMA OTASP.

Table CCC A-key Generation Parameter Names - TIA/EIA-41

and CDMA

TIA/EIA-41

ModulusValue (MODVAL) PrimitiveValue (PRIMVAL) MobileStationPartialKey (MSKEY) BaseStationPartialKey (BSKEY) AKeyProtocolVersion (AKEYPV)

CDMA

PARAM_P PARAM_G MS_RESULT BS_RESULT A_KEY_P_REV

CDMA-OTA

5-20

Signaling Protocols

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6C.2.2

Modifications to Existing Parameters

Existing parameters that are common to CDMA and TDMA portions of the OTASP enhancements for OTASP and OTAPA are shown in the following table. Table 6C.2.2

Parameter Name ActionCode MobileIdentificationNumber SMS_AccessDeniedReason SMS_CauseCode SMS_TerminationRestrictions SystemAccessType TransactionCapability

Existing Parameters Common to CDMA & TDMA

Reference § 6.5.2.2 (TIA/EIA-41.5-D, p 5129) § 6.5.2.81 (TIA/EIA-41.5-D, p 5213) § 6.5.2.122 (TIA/EIA-41.5-D, p 5-256) § 6.5.2.125 (TIA/EIA-41.5-D, p 5-262) § 6.5.2.138 (TIA/EIA-41.5-D, p 5-285) § 6.5.2.145 (TIA/EIA-41.5-D, p 5-296) § 6.5.2.160 (TIA/EIA-41.5-D, p 5-315)

Existing parameters that are common to TDMA and CDMA, and those that have been modified uniquely for CDMA are defined below.

NOTE None Identified in this category.

# #

6.5.2.2

ActionCode(TIA/EIA-41.5-D, page 5-129) The ActionCode (ACTCODE) parameter specifies the nature of the action (e.g., disconnect the call) to be performed by the designated functional entity.

Field Identifier Length Contents H G F E Action ··· D C B A octet Notes Value ActionCode IMPLICIT OCTET STRING variable octets Type M M Reference 6.5.1.2 6.5.1.1 Notes

n

a

Figure 9

ActionCode parameter

Signaling Protocols

5-21

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Notes: a. Ignore extra octets, if received. Send only defined (or significant) octets. Table 114 ActionCode value Action (octet 1)

Bits H G F E D C B A 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 1 1 1 1 1 1 1 1 0 0 0 0 0 1 1 1 1 0 0 0 0 1 1 1 1 0 0 0 1 1 0 0 1 1 0 0 1 1 0 0 0 1 0 0 1 0 1 0 1 0 1 0 1 0 1 0 1 1 1 0 Value 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 through 95 96 through 127 128 through 223 224 through 255 Meaning Not used. Continue processing. Disconnect call. Disconnect call leg. Conference Calling Drop Last Party. Bridge call leg(s) to conference call. Drop call leg on busy or routing failure. Disconnect all call legs. Attach MSC to OTAF. Initiate RegistrationNotification. Generate Public Encryption values. Generate A-key. Perform SSD Update procedure. Perform Re-authentication procedure. Release TRN. Commit A-key. Release Resources (e.g., A-key, Traffic Channel). Record NEWMIN NEWMSID. Allocate Resources (e.g., Multiple message traffic channel delivery). Generate Authentication Signature. Reserved. Treat the same as value 1, Continue processing. Reserved for TIA/EIA-41 protocol extension. If unknown, treat the same as value 1, Continue processing. Reserved. Treat the same as value 2, Disconnect call. Reserved for TIA/EIA-41 protocol extension. If unknown, treat the same as value 2, Disconnect call.

0 0 0 0 0 0 0 0 0 0 1 1 1 1

0 1 0 1 0 1

0 0 0 0 0 0

0 1 1 0 1 1 0 0 1 1 0 0 1 1 0 0 1 1 0 0 1 1

0 0 1 0 1 ··· 1 0 1 1 1 1 1 0 0 0 ··· 1 1 1 1 1 0 0 0 0 0 ··· 1 0 1 1 1 1 1 0 0 0 ··· 1 1 1 1 1

CDMA-OTA

5-22

Signaling Protocols

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6.5.2.81

MobileIdentificationNumber

(TIA/EIA-41.5-D, page 5-213)

The MobileIdentificationNumber (MIN) is a 10-digit representation of the MS's MIN, coded in BCD form.

Field Identifier Value MobileIdentificationNumber IMPLICIT OCTET STRING IMPLICIT MINType Length Contents H G F Digit 2 Digit 4 Digit 6 Digit 8 Digit 10 E D C B Digit 1 Digit 3 Digit 5 Digit 7 Digit 9 A octet 1 2 3 4 5 Notes a a a a a 5 octets M 6.5.1.1 Type M Reference 6.5.1.2 Notes b

Figure 89 MobileIdentificationNumber parameter Notes: a. b. Digit 1 is the most significant digit and Digit 10 is the least significant digit. Refer to the MINType parameter type (see 6.5.3.u1) for notes and field encoding. Table 149 MobileIdentificationNumber value Digit n, where n={0,1, 2, ..., 9} (octets 1-5)

Bits H G F E or D C B A 0 0 0 0 0 0 0 0 1 1 X 0 0 0 0 1 1 1 1 0 0 X 0 0 1 1 0 0 1 1 0 0 X 0 1 0 1 0 1 0 1 0 1 X Value 0 1 2 3 4 5 6 7 8 9 Meaning Digit = 0 or filler. Digit = 1. Digit = 2. Digit = 3. Digit = 4. Digit = 5. Digit = 6. Digit = 7. Digit = 8. Digit = 9. Other values reserved.

Signaling Protocols

5-23

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Field Identifier Length Contents H G F E

Value MobileIdentificationNumber IMPLICIT OCTET STRING 5 octets

Type M M

Reference 6.5.1.2 6.5.1.1

Notes

D MINType

C

B

A

octet 1-5

Notes a

Figure 89 MobileIdentificationNumber parameter

Notes: a. Refer to the MINType parameter type (see 6.5.3.u1) for a definition of this parameter.

CDMA-OTA

5-24

Signaling Protocols

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6.5.2.122 SMS_AccessDeniedReason

(TIA/EIA-41.5-D, page 5-256)

The SMS_AccessDeniedReason (SMSACCDEN) parameter indicates why short message delivery is not currently allowed to an MS-based SME or why a temporary routing address to be used for CDMA OTAPA cannot currently be provided.

Field Identifier Length Contents H G F E D C B A octet 1 Notes Value SMS_AccessDeniedReason IMPLICIT OCTET STRING variable octets Type M M Reference 6.5.1.2 6.5.1.1 Notes

SMS Access Denied Reason ···

n

a

Figure 131 SMS_AccessDeniedReason parameter Notes: a. Ignore extra octets, if received. Send only defined (or significant) octets.

Signaling Protocols

5-25

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Table 170 SMS_AccessDeniedReason value SMS Access Denied Reason (octet 1)

Bits H G F E D C B A 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 Value 0 1 Meaning Not used. Denied. The request cannot be honored, or the MS is unknown, or the addressed MS is known, but the addressed MS user has either not subscribed to SMS or the user's subscription has been suspended (e.g., subscriber vacation disconnect, non-payment disconnect, HLR doesn't support postponed notification, HLR doesn't support specified SRVIND value). No notification shall be sent. Postponed. The addressed MS is known, but is currently unreachable (e.g., an MS-based SME is unreachable, the SME is not currently available, MS receiver is off, MS is busy, Serving MSC doesn't support CDMA OTAPA, SME not located in an MSC that is secure for CDMA OTAPA programming, etc.) and SMSNotificationIndicator indicates Notify when available. Notification shall be sent. Unavailable. The addressed MS is known, but is currently unavailable (e.g., an MS-based SME is unreachable, the SME is not currently available, MS receiver is off, MS-based SME is busy, Serving MSC doesn't support OTAPA, SME not located in an MSC that is secure for OTAPA programming, etc.) and SMSNotificationIndicator indicates Do not notify when available. No notification shall be sent. Invalid. The SMS_TeleserviceID is invalid. No notification shall be sent.

0 0

0 0

0 0

1 0

2

0 0

0 0

0 0

1 1

3

0 0 0 0 0 0

0 0

0 1

0 0 0 1 1 1 0 0 1 1

4 5 through 63 64 through 127

0 0 0 0 1 ··· 0 1 1 1 1 1 0 0 0 0 ··· 1 1 1 1 1

Reserved. Treat the same as value 1, Denied.

Reserved. Treat the same as value 2, Postponed.

Table 170 (concluded) SMS Access Denied Reason (octet 1)

Bits H G F E D C B A 1 1 1 1 0 0 0 0 0 ··· 1 0 1 1 1 1 1 0 0 0 ··· 1 1 1 1 1 0 0 1 1 0 0 1 1 Value 128 through 223 224 through 255 Meaning Reserved. Treat Unavailable. the same as value 3,

Reserved for TIA/EIA-41 protocol extension. If unknown, treat the same as value 3, Unavailable.

CDMA-OTA

5-26

Signaling Protocols

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6.5.2.125 SMS_CauseCode

(TIA/EIA-41.5-D, page 5-262)

The SMS_CauseCode (SMSCAUSE) parameter indicates a reason for not delivering an SMS or OTASP message or indicates certain conditions at the Serving MSC for use during OTASP.

Field Identifier Length Contents H G F E D C B A octet 1 Notes a b Value SMS_CauseCode IMPLICIT OCTET STRING variable octets Type M M Reference 6.5.1.2 6.5.1.1 Notes

SMS Cause Code ···

n

Figure 136 SMS_CauseCode parameter Notes: a. b. Only the SMS_CauseCode SMS delivery postponed is used to indicate that an SMS message is pending delivery and that notification shall be provided. Ignore extra octets, if received. Send only defined (or significant) octets.

Signaling Protocols

5-27

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Table 171 SMS_CauseCode value SMS Cause Code (octet 1)

A. Network Problems: Bits H G F E D C B A 0 0 0 0 0 0 0 0 Value 0 Meaning Address vacant. SMS Destination Address is valid but not currently allocated to an SMS terminal. The MIN MSID associated with a valid destination address is not known to its HLR. Address translation failure. The SMS Destination Address is invalid (e.g., address is not a recognized address type, address is not for a known or possible SMS functional entity, the MIN MSID associated with a destination MS address does not correspond to its HLR, the ESN associated with a destination MS does not match the expected value, the SMS_DestinationAddress, SMS_OriginalDestinationAddress, destination MIN MSID, or original destination subaddress does not match the address of a destination SME, etc.). For CDMA OTASP, the TRN, the Activation_ MIN, or the ESN is currently not allocated to an OTASP call, etc.) Network resource shortage. Network transmission failed due to lack of a network resource or link capacity. Network failure. A network node failed, a link failed or a required operation failed. Invalid Teleservice ID. The SMS_TeleserviceIdentifier is not known, is not supported or is not authorized by an addressed functional entity. Other network problem. A network problem other than identified above. Unsupported network interface. The intersystem network interface required for the delivery of the received message is not supported. Reserved. Treat the same as value 5, Other network problem.

0 0

0 0

0 0

0 1

1

0 0 0 0 0 0

0 0 0 0 0 0

0 0 0 0 0 1

1 0 1 1 0 0

2 3 4

0 0 0 0

0 0 0 0

0 1 0 1

0 1 1 0

5 6

0 0

0 0 0 0 1 ··· 0 0 1 1 1

1 1 1 1

7 through 31

CDMA-OTA

5-28

Signaling Protocols

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Table 171 (continued) SMS Cause Code (octet 1)

B. Terminal Problems : Bits H G F E D C B A 0 0 0 0 1 0 1 0 0 0 0 0 0 0 0 1 Value 32 33 Meaning No page response. The addressed MS-based SME is known, but it does not respond to a page. SMS Notification is not pending. Destination busy. The destination MS-based SME is SMS capable, but is currently engaged in a call, a service or a call mode that precludes the use of SMS or the destination SME is congested. This value shall only be used between the MSC and the MC when allowed by bilateral agreement. SMS Notification is not pending. No acknowledgment. The destination SME does not acknowledge receipt of the SMS delivery (e.g., SMS or an OTASP Data message). This value may be used when terminal busy and no page response are not appropriate. SMS Notification is not pending. Destination resource shortage. A required terminal resource (e.g., memory, etc.) is not available to process this message. SMS notification is not pending. SMS delivery postponed. Delivery is not currently possible (e.g., No page response, Destination busy, No acknowledgment, Destination out of service, Other terminal problem), but SMS notification is pending. Destination out of service. The addressed destination is out of service for an extended period of time (e.g., MS sleep, inactive, power off). SMS notification is not pending. Destination no longer at this address. The MS-based SME is no longer at the temporary SMS routing address. The message sender should not reuse the temporary SMS routing address. SMS notification is not pending. Other terminal problem. A terminal problem other than described above. SMS notification is not pending. Reserved. Treat the same as value 39, Other terminal problems.

0 0

1 0

0 0

1 0

34

0 0

1 0

0 0

1 1

35

0 0

1 0

0 1

0 0

36

0 0

1 0

0 1

0 1

37

0 0

1 0

0 1

1 0

38

0 0

1 0

0 1

1 1

39

0 0 0 0

0 1 0 1 0 ··· 0 1 0 1 1 0 1 1 0 0 ··· 0 1 1 1 1

0 0 1 1 0 0 1 1

40 through 47 48 through 63

Reserved. Treat the same as value 36, SMS delivery postponed.

Signaling Protocols

5-29

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Table 171 (continued) SMS Cause Code (octet 1)

C. Radio Interface Problems : Bits H G F E D C B A 0 1 0 1 0 0 0 0 0 0 0 0 0 0 0 1 Value 64 65 Meaning Radio interface resource shortage. There is no channel available or there is radio congestion at this time. Radio interface incompatibility. The MS for an MS-based SME is operating in a mode that does not support SMS at this time. This cause code may also be used to indicate that the air-interface does not support OTASP Data Message delivery. Other radio interface problem. A radio interface problem to an MS-based SME other than described above. Unsupported Base Station Capability. Base Station does not support this service (e.g., SMS, OTASP, OTAPA). Reserved. Treat the same as value 66, Other radio interface problem

0 1 0 1

0 0 0 0

0 0 0 0

1 0 1 1

66 67

0 0

1 0 0 0 1 ··· 1 0 1 1 1

0 0 1 1

68 through 95

CDMA-OTA

5-30

Signaling Protocols

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Table 171 (concluded) SMS Cause Code (octet 1)

D. General Problems : Bits H G F E D C B A 0 1 0 1 1 0 1 0 0 0 0 0 0 0 0 1 Value 96 97 Meaning Encoding problem. The size of a parameter or field is not what is expected. SMS Service origination denied The originating MIN is not recognized, the originating address is not allowed for the originating MIN MS, the ESN does not match the originating MIN MSID, the origination is not authorized, the originating address is not recognized, etc. SMS Service termination denied. The destination is not authorized to receive the SMS this service message, the MC refused the message, the destination SME refused the message, the destination is not authorized for a required supplementary service, etc. This cause code may also be used to indicate that an MS rejected an OTASP Data Message. Supplementary service not supported. The originating supplementary service is not known or supported, the sender is not authorized for an originating supplementary service, etc. SMS Service not supported. SMS The service is not supported by an addressed functional entity. Reserved. Missing expected parameter An optional parameter that is required for a particular function). Missing mandatory parameter. A parameter is missing that is mandatory for a particular message. Unrecognized parameter value. A known parameter has a unknown or unsupported value. Unexpected parameter value. A known parameter has a known, but unexpected value. User Data size error. The User Data size is too large for access technology, transport network, or call mode, etc. The User Data size is not what is expected for the indicated teleservice. Other general problems. Session not active. An OTASP or OTAPA session does not currently exist for the MS. The session may have been terminated (e.g., due to loss of the associated traffic channel). Reserved. Treat the same as value 107, Other general problems. Reserved for TIA/EIA-41 protocol extension. If unknown, treat the same as value 107, Other general problems.

0 1

1 0

0 0

1 0

98

0 1

1 0

0 0

1 1

99

0 1 0 1 0 1 0 1 0 1 0 1 0 1

1 0 1 0 1 0 1 0 1 0 1 0 1 0

0 1 0 1 0 1 0 1 1 0 1 0 1 0

0 0 0 1 1 0 1 1 0 0 0 1 1 0

100 101 102 103 104 105 106

0 1 0 1

1 0 1 0

1 0 1 1

1 1 0 0

107 108

0 1 1 1

1 1 0 1 1 ··· 1 0 1 1 1 1 1 0 0 0 ··· 1 1 1 1 1

0 1 1 1 0 0 1 1

109 through 223 224 through 255

Signaling Protocols

5-31

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6.5.2.138 SMS_TerminationRestrictions

(TIA/EIA-41.5-D, page 5-285)

The SMS_TerminationRestrictions (SMSTERMREST) parameter defines the type of messages the MS is allowed to receive. The default value for this parameter (when it is not included) is to assume that the DEFAULT field is set to "Allow specific" and the Reverse Charges (RC) field is set to "Block message terminations charged to the destination".

Field Identifier Length Contents H G F Reserved ··· E D C RC B A octet 1 Notes a b Value SMS_TerminationRestrictions IMPLICIT OCTET STRING variable octets Type M M Reference 6.5.1.2 6.5.1.1 Notes

DEFAULT

Figure 155 SMS_TerminationRestrictions parameter Notes: a. b. Reserved bits shall be ignored on receipt and set to zero on sending. Ignore extra octets, if received. Send only defined (or significant) octets. Table 176 SMS_TerminationRestrictions value DEFAULT (octet 1, bits A and B)

Bits H G F E D C B A 0 0 0 1 1 0 1 1 Value 0 1 2 3 Meaning Block all. Block all message terminations regardless of more specific settings. Reserved. Allow specific. Allow message terminations specifically allowed. Allow all. Allow message terminations regardless of more specific settings.

Reverse Charges (RC) (octet 1, bit C)

Bits H G F E D C B A 0 1 Value 0 1 Meaning Block message terminations charged to the destination. Allow message terminations charged to the destination.

CDMA-OTA

5-32

Signaling Protocols

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6.5.2.145 SystemAccessType

(TIA/EIA-41.5-D, page 5-296)

The SystemAccessType (SYSACCTYPE) parameter defines the type of system access made by the MS.

Field Identifier Length Contents H G F E D C B A octet 1 Notes Value SystemAccessType IMPLICIT Unsigned Enumerated 1 octet Type M M Reference 6.5.1.2 6.5.1.1 Notes

SystemAccessType

Figure 162 SystemAccessType parameter Table 181 SystemAccessType value SystemAccessType (octet 1)

Bits H G F E D C B A 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 1 0 0 1 1 0 0 1 0 1 0 1 0 1 0 Value 0 1 2 3 4 5 6 7 8 9 10 through 223 224 through 255 Meaning Not used. Unspecified. Flash request. Autonomous registration. Call origination. Page response. No access. Used when the authentication procedure was initiated on the Control Channel. Power down registration. SMS page response. OTASP. Reserved. Treat Unspecified. the same as value 1,

0 0 0 0 0 0 0 1 1 1

0 0 0 0 0 0

0 1 1 0 1 0

1 1 0 0 0 1 1 0 1 1 0 0 1 1

0 0 0 1 0 ··· 1 0 1 1 1 1 1 0 0 0 ··· 1 1 1 1 1

Reserved for TIA/EIA-41 protocol extension. If unknown, treat the same as value 1, Unspecified.

Signaling Protocols

5-33

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6.5.2.160 TransactionCapability(TIA/EIA-41.5-D, page 5-315) The TransactionCapability (TRANSCAP) parameter indicates a system's transaction capability at the current time (i.e., this capability may change over time).

Field Identifier Length Contents H NAMI G NDSS F UZCI WIN_A E SPINI TL ··· D RUI C ANN B BUSY A PROF octet 1 2 Notes a a b Value TransactionCapability IMPLICIT OCTET STRING variable octets Type M M Reference 6.5.1.2 6.5.1.1 Notes

OTAPA S&R

Multiple Terminations

n

Figure 177 TransactionCapability parameter Notes: a. b. Reserved bits shall be ignored on receipt and set to zero on sending. Ignore extra octets, if received. Send only defined (or significant) octets. Table 192 TransactionCapability parameter Profile (PROF) (octet 1, bit A)

Bits H G F E D C B A 0 1 Value 0 1 Meaning The system is not capable of supporting the IS-41-C profile parameters. The system is capable of supporting the IS-41-C profile parameters.

Busy Detection (BUSY) (octet 1, bit B)

Bits H G F E D C B A 0 1 Value 0 1 Meaning The system is not capable of detecting a busy condition at the current time. The system is capable of detecting a busy condition at the current time.

Announcements (ANN) (octet 1, bit C)

Bits H G F E D C B A 0 1 Value 0 1 Meaning The system is not capable of honoring the AnnouncementList parameter at the current time. The system is capable of honoring the AnnouncementList parameter at the current time.

CDMA-OTA

5-34

Signaling Protocols

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Table 192 TransactionCapability parameter (continued)

Remote User Interaction (RUI) (octet 1, bit D)

Bits H G F E D C B A 0 1 Value 0 1 Meaning The system is not capable of interacting with the user. The system is capable of interacting with the user.

Subscriber PIN Intercept (SPINI) (octet 1, bit E)

Bits H G F E D C B A 0 1 Value 0 1 Meaning The system is not capable of supporting local SPINI operation at the current time. The system is capable of supporting local SPINI operation.

UZ Capability Indicator (UZCI) (octet 1, bit F)

Bits H G F E D C B A 0 1 Value 0 1 Meaning The system is not User Zone capable at the current time. The system is User Zone capable at the current time.

NDSS Capability (NDSS) (octet 1, bit

Bits H G F E D C B A 0 1 0 1

G)

Meaning Serving system is not NDSS capable. Serving system is NDSS capable.

Value

NAME Capability Indicator (NAMI) (octet 1, bit H)

Bits H G F E D C B A 0 1 Value 0 1 Meaning The system is not CNAP/CNAR capable. The system is CNAP/CNAR capable.

Multiple Terminations (octet 2, bits A-D)

Bits H G F E D C B A 0 0 0 0 Value 0 1 through 15 Meaning The system cannot accept a termination at this time (i.e., cannot accept routing information). The system supports the number of call legs indicated.

0 0 0 1 ··· 1 1 1 1

TerminationList (TL) (octet 2, bit E)

Bits H G F E D C B A 0 1 Value 0 1 Meaning The system is not capable of supporting the TerminationList parameter at the current time. The system is capable of supporting the TerminationList parameter at the current time.

Signaling Protocols

5-35

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Table 192 TransactionCapability parameter (concluded)

WIN Addressing: (WIN A) (octet 2, bit F)

Bits H G F E D C B A 0 1 Value 0 1 Meaning The system is not capable of supporting the TriggerAddressList parameter. The system is capable of supporting the TriggerAddressList parameter.

WILower Layer Segmentation & Reassembly : (S&R) (octet 2, bit G)

Bits H G F E D C B A 0 1 Value 0 1 Meaning The system is not capable of supporting lower layer segmentation & reassembly (S&R). The system is capable of supporting lower layer segmentation & reassembly (S&R).

Over the Air Parameter Administration: (OTAPA) (octet 2, bit H)

Bits H G F E D C B A 0 1 Value 0 1 Meaning The system is not capable of supporting the CDMA Over the Air Parameter Administration. The system is capable of supporting the CDMA Over the Air Parameter Administration.

CDMA-OTA

5-36

Signaling Protocols

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6C.2.3

New Parameters

New parameters that are common to CDMA and TDMA portions of the OTA enhancements for OTASP and OTAPA are shown in the following table. Table 6C.2.3a New Parameters Common to CDMA & TDMA

Parameter Name AKeyProtocolVersion BaseStationPartialKey MobileStationPartialKey ModulusValue NewlyAssignedMIN OTASPResultCode PrimitiveValue ServiceIndicator SignalingMessageEncryptionRepor t VoicePrivacyReport NewlyAssignedIMSI NewlyAssignedMSID Reference § 6.5.2.lB § 6.5.2.nB § 6.5.2.pB § 6.5.2.qB § 6.5.2.rB § 6.5.2.sB § 6.5.2.tB § 6.5.2.wB § 6.5.2.xB § 6.5.2.zB § 6.5.2.dqB § 6.5.2.aeB

Table 6C.2.3b New Parameters unique to CDMA

Parameter Name MobileStationMIN MSC_Address TemporaryReferenceNumber MobileStationIMSI MobileStationMSID Reference § 6.5.2.oC § 6.5.2.dnC § 6.5.2.yC § 6.5.2.dpC § 6.5.2.adC

New parameters that are common to TDMA and CDMA, and those that have been created uniquely for CDMA are defined below.

Signaling Protocols

5-37

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6.5.2.lB

AKeyProtocolVersion The AKeyProtocolVersion (AKEYPV) parameter is used to send A-key Generation Procedure protocol version(s) supported by the MS or selected by the AC.

Field Identifier Length Contents H G F E D C B A octet 1 ··· Notes Value AKeyProtocolVersion IMPLICIT OCTET STRING variable octets Type M M Reference 6.5.1.2 6.5.1.1 Notes

1st A-key Generation Procedure Protocol Version ··· nth A-key Generation Procedure Protocol Version

n

Figure lB Table lB

AKeyProtocolVersion parameter AKeyProtocolVersion values

A-key Generation Procedure Protocol Version values (octets 1-n)

Bits H G F E D C B A 0 0 0 0 0 0 0 0 0 0 0 1 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 1 0 1 0 0 0 1 1 0 1 1 0 0 0 1 1 1 0 0 1 1 Value 0 1 2 3 4 5 through 223 224 through 255 Meaning Not used. A-key Generation not supported. Diffie Hellman with 768-bit modulus, 160-bit primitive, and 160-bit exponents. Diffie Hellman with 512-bit modulus, 160-bit primitive, and 160-bit exponents. Diffie Hellman with 768-bit modulus, 32-bit primitive, and 160-bit exponents.

0 0 0

0 ··· 1 0 1 1 1 1 0 0 ··· 1 1 1 1

Reserved. Treat the same as value 1, A-key Generation not supported. Reserved for IS-41 protocol extension. If unknown, treat the same as value 1, A-key Generation not supported.

CDMA-OTA

5-38

Signaling Protocols

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6.5.2.nB

BaseStationPartialKey The BaseStationPartialKey (BSKEY) parameter is used to send the Base Station key value for the A-key Generation procedure.

Field Identifier Length Contents H MSB BS partial key value LSB G F E D C B A octet 1 ··· Notes Value BaseStationPartialKey IMPLICIT OCTET STRING variable octets Type M M Reference 6.5.1.2 6.5.1.1

partial

Notes

n

a

Figure nB BaseStationPartialKey parameter Notes: a. The length of this field corresponds to the AKeyProtocolVersion value used.

Signaling Protocols

5-39

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6.5.2.oC

MobileStationMIN The MobileStationMIN (MSMIN) parameter is used to send the MIN value stored in the MS's permanent memory at an OTASP call origination.

Field Identifier Length Contents H G F E D MINType C B A octet 1-5 Notes a Value MobileStationMIN IMPLICIT MINType 5 octets Type M M Reference 6.5.1.2 6.5.1.1 Notes

Figure oC MobileStationMIN parameter Notes: a. Refer to the MINType parameter type (see 6.5.3.u1) for a definition of this parameter.

Field Identifier Length Contents H G F Digit 2 Digit 4 Digit 6 Digit 8 Digit 10 E D C B Digit 1 Digit 3 Digit 5 Digit 7 Digit 9 A octet 1 2 3 4 5 Notes a a a a a Value MobileStationMIN IMPLICIT MINType 5 octets M 6.5.1.1 Type M Reference 6.5.1.2 Notes b

Figure oC MobileStationMIN parameter Notes: a. b. Digit 1 is the most significant digit and Digit 10 is the least significant digit. Refer to the MINType parameter type (see 6.5.3.u1) for notes and field encoding.

CDMA-OTA

5-40

Signaling Protocols

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6.5.2.pB

MobileStationPartialKey The MobileStationPartialKey (MSKEY) parameter is used to send the MS partial key value for the A-key Generation procedure.

Field Identifier Length Contents H MSB MS partial key value LSB G F E D C B A octet 1 ··· Notes Value MobileStationPartialKey IMPLICIT OCTET STRING variable octets Type M M Reference 6.5.1.2 6.5.1.1 Notes

n

a

Figure pB MobileStationPartialKey parameter Notes: a. The length of this field corresponds to the AKeyProtocolVersion value used.

Signaling Protocols

5-41

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6.5.2.qB

ModulusValue The ModulusValue (MODVAL) parameter is used to return the A-key Generation procedure modulus value.

Field Identifier Length Contents H MSB Modulus value LSB G F E D C B A octet 1 ··· Notes Value ModulusValue IMPLICIT OCTET STRING variable octets Type M M Reference 6.5.1.2 6.5.1.1 Notes

n

a

Figure qB ModulusValue parameter Notes: a. The length of this field corresponds to the AKeyProtocolVersion value used.

CDMA-OTA

5-42

Signaling Protocols

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6.5.2.rB

NewlyAssignedMIN The NewlyAssignedMIN (NEWMIN) parameter contains the MIN that may be assigned following the successful completion of the OTASP process.

Field Identifier Length Contents H G F E D MINType C B A octet 1-5 Notes a Value NewlyAssignedMIN IMPLICIT MINType 5 octets Type M M Reference 6.5.1.2 6.5.1.1 Notes

Figure rB NewlyAssignedMIN parameter Notes: a. Refer to the MINType parameter type (see 6.5.3.u1) for a definition of this parameter.

Field Identifier Length Contents H G F Digit 2 Digit 4 Digit 6 Digit 8 Digit 10 E D C B Digit 1 Digit 3 Digit 5 Digit 7 Digit 9 A octet 1 2 3 4 5 Notes a a a a a Value NewlyAssignedMIN IMPLICIT MINType 5 octets M 6.5.1.1 Type M Reference 6.5.1.2 Notes b

Figure rB NewlyAssignedMIN parameter Notes: a. b. Digit 1 is the most significant digit and Digit 10 is the least significant digit. Refer to the MINType parameter type (see 6.5.3.u1) for notes and field encoding.

Signaling Protocols

5-43

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6.5.2.sB

OTASP_ResultCode The OTASP_ResultCode (OTASPRC) parameter is used to specify the result of an OTASP related AC procedure.

Field Identifier Length Contents H G F E D C B A octet 1 Notes a Value OTASP_ResultCode IMPLICIT OCTET STRING 1 octet Type M M Reference 6.5.1.2 6.5.1.1 Notes

Result Code

Figure sB OTASP_ResultCode parameter Notes: a. The absence of this parameter or the presence of value 0 (for "Accepted"; see Table sB below) indicates a successful result. Table sB Result Code (octet 1)

Bits H G F E D C B A 0 0 0 0 0 0 0 0 0 0 0 1 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 1 1 1 0 1 0 0 0 1 1 0 1 0 0 1 1 0 1 0 Value 0 1 2 3 4 5 6 7 through 223 224 through 255 Meaning Accepted - Successful. Rejected - Unknown cause. Computation Failure - E.g., unable to compute A-key. CSC Rejected - CSC challenge failure. Unrecognized OTASPCallEntry. Unsupported AKeyProtocolVersion(s). Unable to Commit.

OTASP_ResultCode value

0 0 0

0 ··· 1 0 1 1 1 1 0 0 ··· 1 1 1 1

1 1 1 1 0 0 1 1

Reserved. Treat the same as value 1 Rejected Unknown Cause. Reserved for IS-41 protocol extension. If unknown, treat the same as value 1 Rejected Unknown Cause.

CDMA-OTA

5-44

Signaling Protocols

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6.5.2.tB

PrimitiveValue The PrimitiveValue (PRIMVAL) parameter is used to return the A-key Generation procedure primitive value from the AC to the OTAF.

Field Identifier Length Contents H MSB Primitive value LSB G F E D C B A octet 1 ··· Notes Value PrimitiveValue IMPLICIT OCTET STRING variable octets Type M M Reference 6.5.1.2 6.5.1.1 Notes

n

a

Figure tB Notes: a.

PrimitiveValue parameter

The length of this field corresponds to the AKeyProtocolVersion value used.

Signaling Protocols

5-45

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6.5.2.wB ServiceIndicator The ServiceIndicator (SRVIND) parameter indicates a type of service.

Field Identifier Length Contents H G F E D C B A octet 1 Notes Value ServiceIndicator IMPLICIT OCTET STRING variable octets Type M M Reference 6.5.1.2 6.5.1.1 Notes

Service ···

n

a

Figure wB ServiceIndicator parameter Notes: a. Ignore extra octets, if received. Send only defined (or significant) octets. Table wB Service (octet 1)

Bits H G F E D C B A 0 0 0 0 0 1 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 0 1 0 0 1 1 0 1 0 1 Value 0 1 2 3 4 through 223 224 through 255 Meaning Undefined Service. CDMA OTASP Service. TDMA OTASP Service. CDMA OTAPA Service.

ServiceIndicator value

0 0 0

0 ··· 1 0 1 1 1 1 0 0 ··· 1 1 1 1

0 0 1 1 0 0 1 1

Reserved. Treat the same as value 0 Undefined Service Reserved for IS-41 protocol extension. If unknown, treat the same as value 0 Undefined Service

CDMA-OTA

5-46

Signaling Protocols

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6.5.2.xB

SignalingMessageEncryptionReport The SignalingMessageEncryptionReport (SMERPT) parameter indicates the outcome of the Signaling Message Encryption initiated by the serving MSC.

Field Identifier Value SignalingMessageEncryption Report IMPLICIT OCTET STRING 1 octet Type M Reference 6.5.1.2 Notes

Length Contents H G

M

6.5.1.1

F

E

D

C

B

A

octet 1

Notes

SME Report

Figure xB SignalingMessageEncryptionReport parameter Table xB SMEReport (octet 1)

Bits H G F E D C B A 0 0 0 0 0 0 0 0 0 0 0 1 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 1 0 1 0 0 0 1 1 0 1 1 0 0 0 1 1 1 0 0 1 1 Value 0 1 2 3 4 5 through 223 224 through 255 Meaning Not used Signaling Message Encryption enabling not attempted. Signaling Message Encryption enabling no response. Signaling Message Encryption enabling successful is enabled. Signaling Message Encryption enabling failed.

SignalingMessageEncryptionReport value

0 0 0

0 ··· 1 0 1 1 1 1 0 0 ··· 1 1 1 1

Reserved. Treat the same as value 1 Signaling Message Encryption not attempted. Reserved for IS-41 protocol extension. If unknown, treat the same as value 1 Signaling Message Encryption not attempted.

Signaling Protocols

5-47

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6.5.2.yC

TemporaryReferenceNumber The TemporaryReferenceNumber (TRN) parameter is used to correlate the voice connection between the MS and CSC with the data connection between the MSC and OTAF, during an OTASP session.

Field Identifier Length Contents H G F Digit 2 Digit 4 ··· Nth Digit E D C B Digit 1 Digit 3 ··· N-1st Digit A octet 1 2 ··· Notes a a Value TemporaryReferenceNumber IMPLICIT OCTET STRING variable octets Type M M Reference 6.5.1.2 6.5.1.1 Notes

n

a

Figure yC TemporaryReferenceNumber parameter Notes: a. Digit 1 is the most significant digit and the Nth Digit is the least significant digit. Table yC TemporaryReferenceNumber value

Digit N, where N={1, 2, ...,} (octets 1-n)

Bits H G F E or D C B A 0 0 0 0 0 0 0 0 1 1 1 X 0 0 0 0 1 1 1 1 0 0 1 X 0 0 1 1 0 0 1 1 0 0 1 X 0 1 0 1 0 1 0 1 0 1 1 X Value 0 1 2 3 4 5 6 7 8 9 15 Meaning Digit = 0. Digit = 1. Digit = 2. Digit = 3. Digit = 4. Digit = 5. Digit = 6. Digit = 7. Digit = 8. Digit = 9. filler. Other values reserved.

Note: For odd number of digits, the Nth digit is

set to the filler value.

CDMA-OTA

5-48

Signaling Protocols

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6.5.2.zB

VoicePrivacyReport The VoicePrivacyReport (VPRPT) parameter indicates the outcome of the Voice Privacy procedure initiated by the Serving MSC.

Field Identifier Length Contents H G F E D C B A octet 1 Notes Value VoicePrivacyReport IMPLICIT OCTET STRING 1 octet Type M M Reference 6.5.1.2 6.5.1.1 Notes

Voice Privacy Report

Figure zB VoicePrivacyReport parameter Table zB VoicePrivacy Report (octet 1)

Bits H G F E D C B A 0 0 0 0 0 0 1 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ··· 1 0 1 1 1 1 0 0 ··· 1 1 1 1 0 0 0 0 0 1 0 1 1 0 1 0 1 0 1 0 1 0 1 0 1 Value 0 1 2 3 4 5 through 223 224 through 255 Meaning Not used. Voice Privacy not attempted. Voice Privacy no response. Voiec Privacy successful is active. Voice Privacy failed. Reserved. Treat the same as value 1, Voice Privacy not attempted. Reserved for IS-41 protocol extension. If unknown, treat the same as value 1, Voice Privacy not attempted.

VoicePrivacyReport value

1 1 0 0 1 1

Signaling Protocols

5-49

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6.5.2.dnC MSC_Address The MSC_Address (MSCADDR) parameter is used to convey the current routing address of the Serving MSC.

Field Identifier Length Contents H G F E D C B A octet 1 2 Encoding 1st BCD Digit 3rd BCD Digit ··· 3 4 5 6 ··· Notes b c d, e f Value MSC_Address IMPLICIT DigitsType variable octets Type M M Reference 6.5.1.2 6.5.1.1 Notes a

Type of Digits Nature of Number Numbering Plan Number of Digits 2nd BCD Digit 4th BCD Digit ···

nth

BCD Digit

n-1st

BCD Digit

m

Figure dnC-1 Notes: a. b. c. d. e. f.

MSC_Address parameter for BCD digits

See the DigitsType parameter type (see 6.5.3.2) for notes and field encoding. Type of Digits is ignored on receipt. Nature of Number may be National or International. Numbering Plan supported shall include E.164, X.121, and Private numbering plan for this parameter variant. The encoding field shall always be set to BCD for this parameter variant. The Number of Digits ranges from 0 to at least 15.

CDMA-OTA

5-50

Signaling Protocols

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Field Identifier Length Contents H G F E

Value MSC_Address IMPLICIT DigitsType variable octets

Type M M

Reference 6.5.1.2 6.5.1.1

Notes a

D

C

B

A

octet 1 2

Notes b c d, e

Type of Digits Nature of Number Numbering Plan MSB IP Address LSB Encoding

3 4 5 6 7

Figure dnC-2 Notes: a. b. c. d. e.

MSC_Address Parameter for an IP address

See the DigitsType parameter type (see 6.5.3.2) for notes and field encoding. Type of Digits is ignored on receipt. Nature of Number may be National or International. Numbering Plan shall be IP for this parameter variant. Encoding shall be octet string for this parameter variant.

Signaling Protocols

5-51

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Field Identifier Length Contents H G F E

Value MSC_Address IMPLICIT DigitsType variable octets

Type M M

Reference 6.5.1.2 6.5.1.1

Notes a

D

C

B

A

octet 1 2

Notes b c d, e f

Type of Digits Nature of Number Numbering Plan Encoding

3 4

Point Code

5 6

Subsystem Number (SSN)

7

Figure dnC-3

MSC_Address parameter for a generic SS7 Point Code Address

Notes: a. b. c. d. e. f. See the DigitsType parameter type (see 6.5.3.2) for notes and field encoding. Type of Digits is ignored on receipt. Nature of Number may be National . Numbering Plan shall be SS7 for this parameter variant. Encoding shall be octet string for this parameter variant. Bit A of Octet 4 is the first bit that would be emitted if the point code was transmitted by the MTP layer. If the point code is less than 24 bits in length, then all bits beyond the end of the point code up to and including bit H of Octet 6, should be set to 0.

CDMA-OTA

5-52

Signaling Protocols

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6.5.2.dpC MobileStationIMSI The MobileStationIMSI (MSIMSI) parameter is used to send the IMSI value stored in the MS's permanent memory at an OTASP call origination.

Field Identifier Length Contents H G F Digit 2 Digit 4 Digit 6 Digit 8 Digit 10 Digit 12 Digit 14 filler E D C B Digit 1 Digit 3 Digit 5 Digit 7 Digit 9 Digit 11 Digit 13 Digit 15 A octet 1 2 3 4 5 6 7 8 Notes a a a a a a a a Value MobileStationIMSI IMPLICIT IMSIType variable octets M 6.5.1.1 Type M Reference 6.5.1.2 Notes b

Figure dpC MobileStationIMSI parameter Notes: a. b. Digit 1 is the most significant digit and Digit 10 is the least significant digit. Refer to the IMSIType parameter type (see 6.5.3.u2) for notes and field encoding.

Signaling Protocols

5-53

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6.5.2.dqB NewlyAssignedIMSI The NewlyAssignedIMSI (NEWIMSI) parameter contains the IMSI that may be assigned following the successful completion of OTASP process.

Field Identifier Length Contents H G F Digit 2 Digit 4 Digit 6 Digit 8 Digit 10 Digit 12 Digit 14 filler E D C B Digit 1 Digit 3 Digit 5 Digit 7 Digit 9 Digit 11 Digit 13 Digit 15 A octet 1 2 3 4 5 6 7 8 Notes a a a a a a a a Value NewlyAssignedIMSI IMPLICIT IMSIType variable octets M 6.5.1.1 Type M Reference 6.5.1.2 Notes b

Figure dqB NewlyAssignedIMSI parameter Notes: a. b. Digit 1 is the most significant digit and Digit 10 is the least significant digit. Refer to the IMSIType parameter type (see 6.5.3.u2) for notes and field encoding.

CDMA-OTA

5-54

Signaling Protocols

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6.5.2.adC MobileStationMSID The MobileStationMSID (MS_MSID) identifies the MIN or the IMSI value stored in the MS's permanent memory at an OTASP call origination. The MS_MSID CHOICE is not explicitly encoded with a parameter ID and length.

Field CHOICE MobileStationMIN MobileStationIMSI Value Type M O O Reference 6.5.3.1 6.5.2.oC 6.5.2.dpC Notes

Figure adC MobileStationMSID parameter

Signaling Protocols

5-55

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6.5.2.aeB NewlyAssignedMSID The NewlyAssignedMSID (NEWMSID) identifies the MIN or the IMSI value that may be assigned following the successful completion of the OTASP process. The MS_MSID CHOICE is not explicitly encoded with a parameter ID and length.

Field CHOICE NewlyAssignedMIN NewlyAssignedIMSI Value Type M O O Reference 6.5.3.1 6.5.2.rB 6.5.2.dqB Notes

Figure aeB NewlyAssignedMSID parameter

CDMA-OTA

5-56

Signaling Protocols

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6.5.3

Parameter Type Definitions

This Section provides the definitions of the parameter types used in this document.

6.5.3.u1

MINType The MINType parameter type is a representation of an MS MobileIdentificationNumber (MIN), coded in BCD form.

Field Identifier Length Contents H G F Digit 2 Digit 4 Digit 6 Digit 8 Digit 10 E D C B Digit 1 Digit 3 Digit 5 Digit 7 Digit 9 A octet 1 2 3 4 5 Notes a a a a a Value MINType MPLICIT OCTET STRING 5 octets Type M M Reference 6.5.1.2 6.5.1.1 Notes

Figure u1 MINType parameter type Notes: a. Digit 1 is the most significant digit and Digit 10 is the least significant digit. Table u1 Digit n, where n={0,1, 2, ..., 9} (octets 1-5)

Bits H G F E or D C B A 0 0 0 0 0 0 0 0 1 1 X 0 0 0 0 1 1 1 1 0 0 X 0 0 1 1 0 0 1 1 0 0 X 0 1 0 1 0 1 0 1 0 1 X Value 0 1 2 3 4 5 6 7 8 9 Meaning Digit = 0 or filler. Digit = 1. Digit = 2. Digit = 3. Digit = 4. Digit = 5. Digit = 6. Digit = 7. Digit = 8. Digit = 9. Other values reserved.

Digit value

Signaling Protocols

5-57

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6.5.3.u2

IMSIType The IMSIType parameter type is a representation of an MS InternationalMobileStationIdentity (IMSI) used to identify a specific MS. It is defined in ITU-T recommendation E.212. IMSI may be up to 15 digits in length. Only the last digit may be set to the filler value (i.e. for IMSI with an odd number of digits).

Field Identifier Length Contents H G F Digit 2 Digit 4 Digit 6 Digit 8 Digit 10 Digit 12 Digit 14 filler E D C B Digit 1 Digit 3 Digit 5 Digit 7 Digit 9 Digit 11 Digit 13 Digit 15 A octet 1 2 3 4 5 6 7 8 Notes a a a a a a a a Value IMSIType MPLICIT OCTET STRING variable octets Type M M Reference 6.5.1.2 6.5.1.1 Notes

Figure u2 IMSIType parameter type Notes: a. Digit 1 (bits A through D of octet 1) is the most significant digit (i.e. first digit of MCC). Table u2 IMSI Digit values

Digit n, where n={0,1, 2, ..., 9} (octets 1-5)

Bits H G F E or D C B A 0 0 0 0 0 0 0 0 1 1 X 1 0 0 0 0 1 1 1 1 0 0 X 1 0 0 1 1 0 0 1 1 0 0 X 1 0 1 0 1 0 1 0 1 0 1 X 1 Value 0 1 2 3 4 5 6 7 8 9 15 Meaning Digit = 0 Digit = 1. Digit = 2. Digit = 3. Digit = 4. Digit = 5. Digit = 6. Digit = 7. Digit = 8. Digit = 9. Other values reserved. Filler.

CDMA-OTA

5-58

Signaling Protocols

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

7C SIGNALING PROCEDURES - CDMA

This section applies only to CDMA portion of the OTA enhancements for OTASP and OTAPA. It provides modifications to TIA/EIA-41.6-D "Signaling Procedures".

3.2

3.2.1

ORIGINATION CALL TASKS

Idle MS Origination

(TIA/EIA-41.6-D, page 6-12)

When the MS attempts to originate a call, the Serving MSC shall do the following: 1 1-1 1-2 1-3 2 3 3-1 3-1-1 3-1-2 3-1-3 3-1-3-1 3-1-3-2 3-1-4 3-2 4 5 5-1 6 6-1 7 8 9 ENDIF. IF the MS is not registered OR IF the location of the MS has changed since the last registration: Execute the "MSC Initiating MS Registration" task (see 4.38.1). ELSEIF the MSC requires the MS's service profile (e.g., per call authorization required or the service profile is not present): Execute the "MSC Initiating Qualification Request" task (see 4.33.1). ENDIF. Execute "Initialize the OneTimeFeatureIndicator Parameter" task (see 3.2.8). Execute "MSC Analyze MS Dialed Number" task (see 3.2.3). Execute "Apply Access Denial Treatment" task (see 3.4.5). ENDIF. IF an appropriate voice or traffic channel is available for the identified air interface control channel, the MSC may pre-seize the channel by: Reserve the available voice or traffic channel. Order the MS to acquire the reserved voice or traffic channel. Verify the MS has properly tuned to this voice or traffic channel. ENDIF. IF the MS is not authenticated and authentication is active: IF the MS has authentication capabilities and the MS's AuthenticationCapability indicates that the MS shall be authenticated1: Include the SystemAccessType parameter set to . Execute the "MSC Initiating an Authentication Request" task (see 4.4.1). IF authentication fails AND the OTASP Feature Code (*FC) is not dialed: Execute "Local Recovery Procedures" task (see 3.5.1). Exit this task._ ENDIF.

10 IF the PointOfReturn is ToneTermination: 10-1

1In

addition the MSC shall initiate authentication procedures if the MS has authentication capabilities and there is no AuthenticationCapability information for the MS.

Signaling Procedures

6-1

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

10-2

Exit this task.

11 ENDIF. 12 IF the MS is not authorized AND the OTASP feature code (*FC) was not dialed: 12-1 12-2 Execute "Apply Access Denial Treatment" task (see 3.4.5). Exit this task._

13 ENDIF. 14 Execute the "MSC PACA Call Origination Invocation" task (see 5.17.2). 15 IF unsuccessful: 15-1 16-1 16-2 16-3 16-4 16-4-1 16-5 17 ENDIF. 18 Execute the "MSC MWN Call Origination Invocation" task (see 5.13.7). 19 ENDIF. 20 IF the AnnouncementList parameter is received: 20-1 Execute the "Play All Announcements in the AnnouncementList" task (see 3.2.5). 21 ENDIF. 22 Execute the "MSC Routing Points Of Return" task (see 3.2.6). a a-1 a-2 b b-1 c IF OTASP feature code (*FC) was dialed: Include TRN. Route the call to the CSC. ELSE: Execute the "MSC Routing Points Of Return" task (see 3.2.6). ENDIF. Execute "Apply Access Denial Treatment" task (see 3.4.5). Reserve the available voice or traffic channel. Order the MS to acquire the reserved voice or traffic channel. Verify the MS has properly tuned to this voice or traffic channel. IF unsuccessful: Execute "Apply Access Denial Treatment" task (see 3.4.5). ENDIF. 16 ELSE (seize the channel by):

23 Exit this task.

CDMA-OTA

6-2

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

3.2.3

MSC Analyze MS Dialed Number

(TIA/EIA-41.6-D, Page 6-15)

Upon demand the Anchor MSC shall do the following: 1 1-1 2 2-1 3 3-1 4 a a-1 a-2 a-2-1 a-2-2 a-3 a-4 a-5 a-6 a-6-1 a-6-1-1 a-6-2 a-6-2-1 a-6-3 a-7 a-7-1 a-8 a-9 a-10 b 5 IF flash privileges are suspended (by the in the OneTimeFeatureIndicator parameter e.g., Call Transfer, Call Waiting, Three-Way Calling): Include the TransactionCapability parameter with the number of multiple terminations set to 0. ELSEIF Call Transfer, Three-Way Calling or similar feature is being invoked: Include the TransactionCapability parameter with the number of multiple terminations set to 1. ELSE: Include the TransactionCapability parameter with the number of multiple terminations set appropriately. ENDIF. IF an OTASP Feature Code (*FC) is received: Execute "MSC Obtaining a TRN" task (see 5.C1.1). IF unsuccessful indication is received: Execute "Apply Access Denial Treatment" task (see 3.4.5). Exit this task. ENDIF. Associate the TRN with the OTASP Call. Execute the "MSC Record the DMH Parameters" task (see 3.3.7). IF the MSC administers TRNs itself: IF the user specified a directory number during OTASP activation and the directory number is verified by the Serving MSC. The Called Party Number for the CSC is the directory number specified by the user during the OTASP activation. ELSE: The Called Party Number for the CSC is determined at the MSC. It may correspond to the TRN. ENDIF. ELSE: The Called Party Number for the CSC is the TRN, returned above in the "MSC Obtaining a TRN" task (see 5.C1.1). ENDIF. Return TRN to the Calling Task. Exit this task. IF the MS dialed a locally allowed number (e.g., 9-1-1, *-9-1-1, N11, *N11): ENDIF.

........... 30 Return to the calling task.

Signaling Procedures

6-3

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.1

4.1.1

AUTHENTICATION DIRECTIVE

AC Initiation of an Authentication Directive

When an AC determines that the authentication parameters associated with an MS must be changed, it shall start the authentication directive process. For example, the authentication parameters may be changed due to AC administrative procedures, when an authentication abnormality is detected or periodically. The AC shall perform the following: 1 2 a a-1 a-2 a-3 Include the ElectronicSerialNumber parameter set to identify the MS. Include the MobileIdentificationNumber MSID parameter set to identify the MS. IF the ServiceIndicator parameter, set to either the CDMA OTASP Service or the CDMA OTAPA Service value, is received: Relay the ServiceIndicator parameter. Relay the MobileStationMIN MobileStationMSID parameter for CDMA OTASP. For CDMA OTASP, Sset the MSID parameter to the MobileIdentificationNumber parameter to the received from the OTAF Activation_MIN value. ENDIF. IF SharedSecretData (SSD) presently shared with the VLR shall be discarded: Include the SSDNotShared (NOSSD) parameter. ENDIF. IF an SSD update shall be initiated: Select a RandomVariableSSD (RANDSSD) and execute CAVE using the value of the MS's A-key recorded in the AC's database to produce a pending SSD. (For for CDMA OTASP or CDMA OTAPA, the A-key may have been recorded in the OTASPCallEntry and, if the OTASPCallEntry is present, the pending SSD shall be stored under it.) Include the RandomVariableSSD (RANDSSD) parameter. Mark the MS pending SSD update. IF AC administrative procedures indicate that the pending SSD shall be shared with the VLR for the SSD update operation: IF the ServiceIndicator parameter, set to either the CDMA OTASP Service or the CDMA OTAPA Service value, is not received: IF the VLR's SystemCapabilities (SYSCAP) indicates that the VLR is able to execute the algorithm: Include the SharedSecretData (SSD) parameter set to the pending SSD value. IF the AuthenticationAlgorithmVersion (AAV) parameter for this MS is different than the default value: Include the AuthenticationAlgorithmVersion (AAV) parameter. ENDIF. ENDIF. ENDIF.

b 3 3-1 4 5 5-1

5-2 5-3 5-4 5-4-b 5-4-b-1

5-4-b-1-1 5-4-b-1-2 5-4-b-1-2-1 5-4-b-1-3 5-4-b-2 5-4-c

CDMA-OTA

6-4

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

5-a 5-5 5-5 5-5-1

ENDIF. ELSE (the SharedSecretData (SSD) is not to be shared): IF the SharedSecretData (SSD) is not to be shared: Select a RandomVariableUniqueChallenge (RANDU) and execute CAVE using the value of the pending SSD to produce an AuthenticationResponseUniqueChallenge (AUTHU) (For CDMA OTASP or CDMA OTAPA the SSD may have been stored in the OTASPCallEntry. For CDMA OTASP, and the AuthenticationData (AUTHDATA) is derived from the MobileStationMIN MobileStationMSID (MSMIN MS_MSID) received from the OTAF. For CDMA OTAPA, the AuthenticationData (AUTHDATA) is derived from the MSID received from the OTAF.) Include the RandomVariableUniqueChallenge (RANDU) AuthenticationResponseUniqueChallenge (AUTHU) parameters. Mark the MS pending Unique Challenge. ENDIF. ELSE (SSD update not initiated): IF the SharedSecretData (SSD) shall be shared with the VLR AND IF the ServiceIndicator parameter, set to either the CDMA OTASP Service or the CDMA OTAPA Service value, is not received: IF the VLR's SystemCapabilities (SYSCAP) indicates the VLR is capable of executing the algorithm: Include the SharedSecretData (SSD) and CallHistoryCount (COUNT) parameters. IF the AuthenticationAlgorithmVersion (AAV) parameter for this MS is different than the default value. Include the AuthenticationAlgorithmVersion (AAV) parameter. ENDIF. ENDIF. ENDIF. IF a Unique Challenge shall be initiated: Select a RandomVariableUniqueChallenge (RANDU) and execute CAVE using the value of the MS's SharedSecretData (SSD) recorded in the AC's database to produce an AuthenticationResponseUniqueChallenge (AUTHU). Include the RandomVariableUniqueChallenge (RANDU) AuthenticationResponseUniqueChallenge (AUTHU) parameters. Mark the MS pending Unique Challenge. ENDIF. ENDIF. IF a COUNT update shall be initiated: Include the UpdateCount (UPDCOUNT) parameter. Mark the MS pending COUNT update. ENDIF. IF the ServiceIndicator parameter, set to either the CDMA OTASP Service service or the CDMA OTAPA Service value, and the ActionCode parameter, set to Perform ReAuthentication, are received: Generate CDMAPrivateLongCodeMask SignalingMessageEncryptionKey (SMEKEY). (CDMAPLCM) and and and

5-5-2 5-5-3 5-6 6 6-1

6-1-1 6-1-1-1 6-1-1-2 6-1-1-2-1 6-1-1-3 6-1-2 6-2 6-3 6-3-1

6-3-2 6-3-3 6-4 7 8 8-1 8-2 9 c

c-1

Signaling Procedures

6-5

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

c-2 c-3 d

Include the CDMAPLCM and SMEKEY parameters. Mark the MS pending Voice Privacy Status Report and Signaling Message Encryption Status Report. ENDIF.

10 Send an AuthenticationDirective INVOKE to the HLR associated with the MS. 11 Start the Authentication Directive Timer (ADT). 12 WAIT for an Authentication Directive response: 13 WHEN a RETURN RESULT is received: 13-1 13-2 13-2-1 13-2-1-1 13-2-2 13-2-3 Stop timer (ADT). IF the message can be processed: IF the CallHistoryCount (COUNT) parameter is received: Store the received CallHistoryCount (COUNT) value. ENDIF. IF the MS is marked pending SSD update, OR IF the MS is marked pending Unique Challenge, OR IF the MS is marked pending COUNT update OR IF the MS is marked pending Voice Privacy Status ReportOR IF the MS is marked pending Signaling Message Encryption Report: Execute the "AC Awaiting AuthenticationStatusReport INVOKE" task (see 4.5.4). IF the invoking task is related to CDMA OTASP or CDMA OTAPA: Relay the receipt of Success or Failure along with any parameters received with that indication to the calling task. ENDIF. ENDIF. Exit this task. ELSE (the message cannot be processed): IF the MS is marked pending SSD update: IF the MS's pending SSD is stored in the AC's database. Remove the pending SSD from the AC's database. ENDIF. ENDIF. Clear all the MS's pending operation flags. Execute the "Local Recovery Procedures" task (see 3.5.1). IF the invoking task is related to CDMA OTASP or CDMA OTAPA: Indicate failure ENDIF. Return to the invoking process. ENDIF. Stop timer (ADT). IF the MS is marked pending SSD update: IF the MS's pending SSD is stored in the AC's database: Remove the pending SSD from the AC's database. to the calling task.

13-2-3-1 13-2-3-d 13-2-3-d-1 13-2-3-e 13-2-4 13-2-5 13-3 13-3-1 13-3-1-1 13-3-1-1-1 13-3-1-2 13-3-2 13-3-3 13-3-4 13-3-a 13-3-a-1 13-3-b 13-3-5 13-4 14-1 14-2 14-2-1 14-2-1-1

14 WHEN a RETURN ERROR or REJECT is received:

CDMA-OTA

6-6

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

14-2-2 14-3 14-4 14-5 14-a 14-a-1 14-b 14-6 15-1 15-1-1 15-1-1-1 15-1-2 15-2 15-3 15-4 15-a 15-a-1 15-b 15-5

ENDIF. ENDIF. Clear all the MS's pending operation flags. Execute the "Local Recovery Procedures" task (see 3.5.1). IF the invoking task is related to CDMA OTASP or CDMA OTAPA: Indicate failure ENDIF. Return to the invoking process. IF the MS is marked pending SSD update: IF the MS's pending SSD is stored in the AC's database: Remove the pending SSD from the AC's database. ENDIF. ENDIF. Clear all the MS's pending operation flags. Execute the "Local Recovery Procedures" task (see 3.5.1). IF the invoking task is related to CDMA OTASP or CDMA OTAPA: Indicate failure ENDIF. Return to the invoking process. to the calling task. to the calling task.

15 WHEN timer (ADT) expires:

16 ENDWAIT.

Signaling Procedures

6-7

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.1.3

VLR Receiving AuthenticationDirective INVOKE

(TIA/EIA-41.6-D, page 6-47)

When a VLR receives an AuthenticationDirective INVOKE, it shall perform the following: 1 1-1 1-1-1 1-2 1-a 1-a-1 1-a-2 1-a-2-1 1-a-2-2 1-a-3 1-a-3-1 1-a-4 1-b 1-3 1-3-a 1-3-a-1 1-3-a-1-1 1-3-a-1-2 1-3-a-2 1-3-a-3 1-3-b 1-3-1 1-3-1-1 1-3-2 1-3-3 1-3-4 1-3-5 1-3-5-1 1-3-5-2 1-3-5-2-1 1-3-5-3 1-3-5-4 1-3-5-4-1 1-3-5-5 ENDIF. IF the RandomVariableSSD (RANDSSD) parameter is received: IF the ServiceIndicator parameter, set to either the CDMA OTASP Service or the CDMA OTAPA Service value, is received: IF the SharedSecretData (SDD) parameter is received: Send a RETURN ERROR with the Error Code indicating OperationSequenceProblem. Exit this task. ENDIF. Relay the ServiceIndicator parameter. ENDIF. IF SharedSecretData (SSD) is shared: Remove the MS's current SharedSecretData (SSD) AuthenticationAlgorithmVersion (AAV) from the VLR's database. ENDIF. Relay the received RandomVariableSSD (RANDSSD) parameter. Mark the MS pending SSD update. IF the SharedSecretData (SSD) parameter is received: Store the pending SharedSecretData (SSD) value. IF the AuthenticationAlgorithmVersion (AAV) parameter is received: Store the received AuthenticationAlgorithmVersion (AAV) value. ENDIF. IF the CallHistoryCount (COUNT) parameter is received: Store the received CallHistoryCount (COUNT) value. ENDIF. and IF the received message can be processed: IF the SSDNotShared (NOSSD) parameter is received: Remove the MS's current SharedSecretData (SSD) AuthenticationAlgorithmVersion (AAV) from the VLR's database. ENDIF. IF the ServiceIndicator parameter set to the CDMA OTASP Service value is received: Create an OTASPCallEntry if one does not already exist. IF the OTASPCallEntry could not be created: Send a RETURN ERROR with the Error Code indicating System Failure. Exit this task. ELSE: Store the address of the HLR. ENDIF. and

CDMA-OTA

6-8

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

1-3-5-6

Select a RandomVariableUniqueChallenge (RANDU) and execute CAVE using the value of the pending SSD to produce an AuthenticationResponseUniqueChallenge (AUTHU) (For CDMA OTASP, AuthenticationData (AUTHDATA) is derived from received MobileStationMIN (MSMIN) . Include the RandomVariableUniqueChallenge (RANDU) AuthenticationResponseUniqueChallenge (AUTHU) parameters. Mark the MS pending Unique Challenge. ELSE (pending SSD is not shared): Relay the RandomVariableUniqueChallenge (RANDU) parameter. Relay the AuthenticationResponseUniqueChallenge (AUTHU) parameter. Mark the MS pending Unique Challenge. ENDIF. ELSE (an SSD update is not requested by the AC): IF the SharedSecretData (SSD) parameter is received: Store the received pending SharedSecretData (SSD). IF the AuthenticationAlgorithmVersion (AAV) parameter is received: Store the AuthenticationAlgorithmVersion (AAV) value. ENDIF. IF the CallHistoryCount (COUNT) parameter is received: Store the received CallHistoryCount (COUNT) value. ENDIF. ENDIF. IF the RandomVariableUniqueChallenge (RANDU) and AuthenticationResponseUniqueChallenge (AUTHU) parameters are received: Relay the received RandomVariableUniqueChallenge (RANDU) and AuthenticationResponseUniqueChallenge (AUTHU) parameters. Mark the MS pending Unique Challenge. ENDIF. ENDIF. IF the UpdateCount (UPDCOUNT) parameter is received: Relay the received UpdateCount (UPDCOUNT) parameter. Mark the MS pending COUNT update. ENDIF. Optionally include the LocationAreaID parameter. IF CDMAPLCM parameter is received: Relay the received CDMAPLCM parameter. Mark the MS pending Voice Privacy ENDIF. IF SMEKEY parameter is received: Relay the received SMEKEY parameter. Mark the MS pending Signaling Message Encryption ENDIF. Status Report. Status Report. and

1-3-5-7 1-3-5-8 1-3-6 1-3-6-1 1-3-6-2 1-3-6-3 1-3-7 1-4 1-4-1 1-4-1-1 1-4-1-2 1-4-1-2-1 1-4-1-3 1-4-1-4 1-4-1-4-1 1-4-1-5 1-4-2 1-4-3 1-4-3-1 1-4-3-2 1-4-4 1-5 1-6 1-6-1 1-6-2 1-7 1-8 1-c 1-c-1 1-c-2 1-d 1-e 1-e-1 1-e-2 1-f

Signaling Procedures

6-9

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

1-9

IF the MS is not marked pending SSD update, AND IF the MS is not marked pending Unique Challenge, AND IF the MS is not marked pending COUNT update, AND IF sharing SSD is off, AND IF the MS is not marked pending Voice Privacy Status Report, AND IF the MS is not marked pending Signaling Message Encryption Status Report : IF the CallHistoryCount (COUNT) is available: Include the CallHistoryCount (COUNT) parameter. ENDIF. Send an AuthenticationDirective RETURN RESULT to the requesting HLR. Exit this task. ELSE (the MS is marked pending SSD update, OR the MS is marked pending Unique Challenge, OR the MS is marked pending COUNT update OR the MS is marked pending Voice Privacy Status Report, OR the MS is marked pending Signaling Message Encryption Status Report): Include the SenderIdentificationNumber set to the identification number of the VLR. Send an AuthenticationDirective INVOKE to the MSC currently serving the MS. Start the Authentication Directive Timer (ADT). WAIT for an Authentication Directive response: WHEN a RETURN RESULT is received: Stop timer (ADT). IF the message can be processed: IF the CallHistoryCount (COUNT) is available: Include the CallHistoryCount (COUNT) parameter. ENDIF. Send a RETURN RESULT to the requesting HLR. Execute the "VLR Awaiting AuthenticationStatusReport INVOKE" task (see 4.5.2). Exit this task. ELSE (the message cannot be processed): Send a RETURN ERROR to the requesting HLR. IF the MS is marked pending SSD update: IF the pending SSD is stored in the VLR's database: Remove the MS's pending SSD and AuthenticationAlgorithmVersion (AAV) from the VLR's database. ENDIF. ENDIF. Clear all the MS's pending operation flags. Execute "Local Recovery Procedures" task (see 3.5.1). Exit this task. ENDIF. WHEN a RETURN ERROR or REJECT is received: Stop timer (ADT).

1-9-1 1-9-1-1 1-9-2 1-9-3 1-9-4 1-10

1-10-1 1-10-2 1-10-3 1-10-4 1-10-5 1-10-5-1 1-10-5-2 1-10-5-2-1

1-10-5-2-1-1 1-10-5-2-2 1-10-5-2-3 1-10-5-2-4 1-10-5-2-5 1-10-5-3 1-10-5-3-1 1-10-5-3-2 1-10-5-3-2-1 1-10-5-3-2-1-1

1-10-5-3-2-2 1-10-5-3-3 1-10-5-3-4 1-10-5-3-5 1-10-5-3-6 1-10-5-4 1-10-6 1-10-6-1

CDMA-OTA

6-10

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

1-10-6-2 1-10-6-3 1-10-6-3-1 1-10-6-3-1-1 1-10-6-3-2 1-10-6-3-2-1 1-10-6-3-3 1-10-6-4 1-10-6-4-1 1-10-6-5 1-10-6-5-1 1-10-6-6 1-10-6-7 1-10-6-7-1 1-10-6-7-1-1

CASE Error Code OF: : IF the parameter was originated from the initiating functional entity: Send a RETURN ERROR with the Error Code indicating . ELSE: Send a RETURN ERROR with the Error Code indicating . ENDIF. : Send a RETURN ERROR with the Error Code indicating . DEFAULT: Send a RETURN ERROR with the Error Code indicating . ENDCASE. IF the MS is marked pending SSD update: IF the pending SSD is stored in the VLR's database: Remove the MS's pending SharedSecretData (SSD) and AuthenticationAlgorithmVersion (AAV) from the VLR's database. ENDIF. ENDIF. Clear all the MS's pending operation flags. Execute "Local Recovery Procedures" task (see 3.5.1). Exit this task. WHEN timer (ADT) expires: Send a RETURN ERROR with the Error Code set to indicate . IF the MS is marked pending SSD update: IF the pending SSD is stored in the VLR's database: Remove the MS's pending SharedSecretData (SSD) and AuthenticationAlgorithmVersion (AAV) from the VLR's database. ENDIF. ENDIF. Clear all the MS's pending operation flags. Execute the "Local Recovery Procedures" task (see 3.5.1). ENDWAIT.

1-10-6-7-2 1-10-6-8 1-10-6-9 1-10-6-10 1-10-6-11 1-10-7 1-10-7-1 1-10-7-2 1-10-7-2-1 1-10-7-2-1-1

1-10-7-2-2 1-10-7-3 1-10-7-4 1-10-7-5 1-10-8 1-11 2 2-1 3 4 ENDIF.

ELSE (the received message cannot be processed): Send a RETURN ERROR to the requesting HLR. ENDIF. Exit this task.

Signaling Procedures

6-11

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Table 2

VLR AuthenticationDirective Response

Problem Detection and Recommended Response from VLR to HLR

PROBLEM DEFINITION RETURN ERROR Error Code

X X X X X X X X X X X X e e a e e b, e a d, e e d, e a d, e e c, e

1

2

3

4

5

6

7

8

9

10

11

Notes

RETURN RESULT

Problem Detections: 1. The requested MAP operation is recognized, but not supported, by the receiving VLR, or the requesting functional entity is not authorized. 2. A required VLR resource (e.g., internal memory record, VLR is fully occupied) is temporarily not available (e.g., congestion). 3. A required resource (e.g., data base access, functional entity) is not presently accessible due to a failure. Human intervention may be required for resolution. 4. A supplied parameter value has an encoding problem (e.g., The supplied MobileIdentificationNumber parameter digit values do not meet the BCD specification). 5. A supplied parameter value is unrecognized or has nonstandard values (e.g., Not used). 6. A VLR record does not presently exist for the supplied MobileIdentificationNumber or IMSI parameter. 7. An optional parameter required by the VLR was expected, but not received (e.g., only MobileIdentificationNumber and ElectronicSerialNumber parameters received). A received optional parameter required the VLR to expect an additional optional parameter that was not received (e.g., RandomVariableSSD (RANDSSD) and SharedSecretData (SSD) or RandomVariableSSD (RANDSSD), RandomVariableUniqueChallenge (RANDU) and AuthenticationResponseUniqueChallenge (AUTHU)). 8. A VLR record exists for the supplied MobileIdentificationNumber parameter, but the supplied ElectronicSerialNumber parameter does not match the ESN in the VLR record. 9. The VLR has another Authentication process in-progress for the supplied MobileIdentificationNumber parameter. 10. The VLR supports Authentication, but it does not support the requested Authentication feature (e.g., Count updates, Sharing secret data), initiate an AuthenticationStatusReport INVOKE. 11. The VLR supports Authentication, SSD is not presently being shared for the supplied MobileIdentificationNumber parameter, thus the VLR did not expect to receive a SSDNotShared (NOSSD) parameter. Notes: a. b.

This Error Code is not an appropriate VLR response to an AuthenticationDirective transaction. It is recommended that an VLR supports AuthenticationDirective transactions.

CDMA-OTA

6-12

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

c. d. e.

Only RETURN RESULT operations needing clarification have been included. Include the in question as the FaultyParameter parameter. This response may have been originated by the MSC.

Signaling Procedures

6-13

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.1.6

MSC Receiving Authentication Parameters

(TIA/EIA-41.6-D, page 6-53)

When an MSC receives authentication parameters, the Serving MSC shall perform the following for the specified MS: 1 1-1 1-1-1 1-2 1-3 2 3 3-1 3-1-1 3-1-2 3-1-3 3-2 3-2-1 3-2-2 3-2-3 3-3 3-3-1 3-3-2 3-3-2-1 3-3-2-2 3-3-2-3 3-3-3 3-3-3-1 IF the DenyAccess parameter is received: IF the indicated MS is involved in a call or service operation anchored by this MSC, AND IF the call is not an OTASP call: The Serving MSC may optionally discontinue the call or service operation currently in progress. ENDIF. Return to the calling task. ENDIF. IF the RandomVariableSSD (RANDSSD) parameter is received (an SSD update is requested): IF the MS is involved in a call and has been handed off to another MSC: Include the SSDUpdateReport parameter set to indicate . Execute the "MSC Initiating an Authentication Status Report" task (see 4.5.1). Return to the invoking process. ELSEIF the SSD update cannot be attempted: Include the SSDUpdateReport parameter set to indicate . Execute the "MSC Initiating an Authentication Status Report" task (see 4.5.1). Return to the invoking process. ELSE (SSD update can be attempted): Send an SSD update order to the MS using the RandomVariableSSD (RANDSSD) value received. IF a Base Station Challenge order is not received from the MS: Include the SSDUpdateReport parameter set to indicate . Execute the "MSC Initiating an Authentication Status Report" task (see 4.5.1). Return to the invoking process. ELSE (Base Station Challenge order is received from the MS): Execute the "MSC Initiating a Base Station Challenge" task (see 4.6.1) using the value of RandomVariableBaseStation (RANDBS) provided by the MS. IF the SSD update fails, the MSC shall: Include the SSDUpdateReport parameter set to indicate . Execute the "MSC Initiating an Authentication Status Report" task (see 4.5.1). Return to the invoking process. ELSE (SSD update successful): (Continue this task.) ENDIF. ENDIF.

3-3-3-2 3-3-3-2-1 3-3-3-2-2 3-3-3-2-3 3-3-3-3 3-3-3-3-1 3-3-3-4 3-3-4

CDMA-OTA

6-14

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

3-4 4 5

ENDIF. ENDIF. IF the RandomVariableUniqueChallenge (RANDU) and AuthenticationResponseUniqueChallenge (AUTHU) parameters are received (a Unique Challenge is requested): IF the MS is involved in a call and has been handed off to another MSC: Include the RandomVariableUniqueChallenge (RANDU) and AuthenticationResponseUniqueChallenge (AUTHU) parameters received. Execute the "MSC Initiating an Authentication Directive Forward" task (see 4.2.1). IF the Unique Challenge was not attempted: Include the UniqueChallengeReport parameter set to indicate . IF an SSD update was performed: Include the SSDUpdateReport parameter set to indicate . ENDIF. Execute the "MSC Initiating an Authentication Status Report" (see 4.5.1) task. Return to the invoking process. ELSEIF there was no response to the Unique Challenge: Include the UniqueChallengeReport parameter set to indicate . IF an SSD update was performed: Include the SSDUpdateReport parameter set to indicate . ENDIF. Execute the "MSC Initiating an Authentication Status Report" (see 4.5.1) task. Return to the invoking process. ELSEIF the Unique Challenge failed: Include the UniqueChallengeReport parameter set to indicate . IF an SSD update was performed: Include the SSDUpdateReport parameter set to indicate . ENDIF. Execute the "MSC Initiating an Authentication Status Report" (see 4.5.1) task. Return to the invoking process. ELSE (Unique Challenge successful): (Continue this task.) ENDIF. ELSEIF the Unique Challenge cannot be attempted: Include the UniqueChallengeReport parameter set to indicate . IF an SSD update was performed: Include the SSDUpdateReport parameter set to indicate . ENDIF. Execute the "MSC Initiating an Authentication Status Report" (see 4.5.1) task.

5-1 5-1-1 5-1-2 5-1-3 5-1-3-1 5-1-3-2

5-1-3-2-1 5-1-3-3 5-1-3-4 5-1-3-5 5-1-4 5-1-4-1 5-1-4-2 5-1-4-2-1 5-1-4-3 5-1-4-4 5-1-4-5 5-1-5 5-1-5-1 5-1-5-2 5-1-5-2-1 5-1-5-3 5-1-5-4 5-1-5-5 5-1-6 5-1-6-1 5-1-7 5-2 5-2-1 5-2-2 5-2-2-1 5-2-3 5-2-4

Signaling Procedures

6-15

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

5-2-5 5-3 5-3-1 5-3-2 5-3-2-1 5-3-2-2 5-3-2-2-1 5-3-2-3 5-3-2-4 5-3-2-5 5-3-3 5-3-4

Return to the invoking process. ELSE (Unique Challenge can be attempted): Send a Unique Challenge order to the MS RandomVariableUniqueChallenge (RANDU) value received. IF the MS does not respond to the Unique Challenge Order: Include the UniqueChallengeReport parameter set to indicate . IF an SSD update was performed: Include the SSDUpdateReport parameter set to indicate . ENDIF. Execute the "MSC Initiating an Authentication Status Report" (see 4.5.1) task. Return to the invoking process. ENDIF. IF the AuthenticationResponseUniqueChallenge (AUTHU) response from the MS is not equal to the AuthenticationResponseUniqueChallenge (AUTHU) value received from the VLR: Include the UniqueChallengeReport parameter set to indicate . IF an SSD update was performed: Include the SSDUpdateReport parameter set to indicate . ENDIF. Execute the "MSC Initiating an Authentication Status Report" (see 4.5.1) task. Return to the invoking process. ELSE (Unique Challenge successful): (Continue this task.) ENDIF. ENDIF. using the

5-3-4-1 5-3-4-2 5-3-4-2-1 5-3-4-3 5-3-4-4 5-3-4-5 5-3-5 5-3-5-1 5-3-6 5-4 6 7 7-1 7-1-1 7-1-2 7-1-2-1 7-1-3 7-1-4 7-1-4-1 7-1-5 7-1-6 7-1-7 7-2 7-2-1 7-2-2 7-2-2-1 ENDIF.

IF a COUNT update is requested by the VLR: IF the MS is involved in a call and has been handed off to another MSC: Include the CountUpdateReport parameter set to indicate . IF an SSD update was performed: Include the SSDUpdateReport parameter set to indicate . ENDIF. IF a Unique Challenge was performed: Include the UniqueChallengeReport parameter set to indicate . ENDIF. Execute the "MSC Initiating an Authentication Status Report" task (see 4.5.1). Return to the invoking process. ELSEIF the COUNT update cannot be attempted: Include the CountUpdateReport parameter set to indicate . IF an SSD update was performed: Include the SSDUpdateReport parameter set to indicate .

CDMA-OTA

6-16

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

7-2-3 7-2-4 7-2-4-1 7-2-5 7-2-6 7-2-7 7-3 7-3-1 7-3-2 7-3-2-1 7-3-2-2 7-3-2-2-1 7-3-2-3 7-3-2-4 7-3-2-4-1 7-3-2-5 7-3-2-6 7-3-2-7 7-3-3 7-3-3-1 7-3-4 7-4 8 a a-1 a-2 a-3 a-4 b 9 9-1 9-1-1 9-2 9-3 9-3-1 9-4 9-5 9-5-1 ENDIF.

ENDIF. IF a Unique Challenge was performed: Include the UniqueChallengeReport parameter set to indicate . ENDIF. Execute the "MSC Initiating an Authentication Status Report" task (see 4.5.1). Return to the invoking process. ELSE (COUNT update can be attempted): Send a Parameter Update order to the MS. IF the MS does not respond to the Parameter Update order: Include the CountUpdateReport parameter set to indicate . IF an SSD update was performed: Include the SSDUpdateReport parameter set to indicate . ENDIF. IF a Unique Challenge was performed: Include the UniqueChallengeReport parameter set to indicate . ENDIF. Execute the "MSC Initiating an Authentication Status Report" task (see 4.5.1). Return to the invoking process. ELSE (COUNT update successful): (Continue this task.) ENDIF. ENDIF.

IF the CDMAPrivateLongCodeMask (CDMAPLCM) SignalingMessageEncryptionKey (SMEKEY) is received:

OR

the

Initiate Voice Privacy, if not already active, and Signaling Message Encryption, if not already active, over the air-interface, per the Serving MSC's capabilities. Include the VoicePrivacyReport and the SignalingMessageEncryptionReport parameters set to appropriate values. Execute the "MSC Initiating an Authentication Status Report" task (see 4.5.1). Return to the invoking process. ENDIF. IF an SSD update was performed OR IF a Unique Challenge was performed OR IF a COUNT update was performed: IF an SSD update was performed: Include the SSDUpdateReport parameter set to indicate . ENDIF. IF a Unique Challenge was performed: Include the UniqueChallengeReport parameter set to indicate . ENDIF. IF a COUNT update was performed: Include the CountUpdateReport parameter set to indicate .

Signaling Procedures

6-17

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

9-6 9-7 9-8 10-1

ENDIF. Execute the "MSC Initiating an Authentication Status Report" task (see 4.5.1). Return to the invoking process. Return to the invoking process.

10 ELSE: 11 ENDIF.

CDMA-OTA

6-18

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.5

4.5.1

AUTHENTICATION STATUS REPORT

MSC Initiating an Authentication Status Report

(TIA/EIA-41.6-D, Page 6-92)

When an MSC determines that an Authentication Status Report is necessary to report the outcome of authentication operations requested by the VLR, it shall perform the following: 1 1-1 2 3 3-1 4 5 5-1 6 a a-1 b c c-1 d 7 8 e e-1 e-2 e-3 f g g-1 h 9 IF the outcome of an SSD update shall be reported: Include the SSDUpdateReport parameter set to the value indicated by the calling task. ENDIF. IF the outcome of a Unique Challenge shall be reported: Include the UniqueChallengeReport parameter set to the value indicated by the calling task. ENDIF. IF the outcome of a COUNT update shall be reported: Include the CountUpdateReport parameter set to the value indicated by the calling task. ENDIF. IF the outcome of the enabling of CDMA Voice Privacy shall be reported: Include VoicePrivacyReport parameter received from the calling task. ENDIF. IF the outcome of the enabling of CDMA Signaling Message Encryption shall be reported: Include SignalingMessageEncryptionReport parameter received from the calling task. ENDIF. Include the SenderIdentificationNumber set to the identification number of the sending functional entity. Include the SystemCapabilities (SYSCAP) parameter indicating whether authentication parameters were requested for this system access. IF the MS is in a call and the call was originated using an OTASP Feature Code (*FC): Include the ElectronicSerialNumber ElectronicSerialNumber value. parameter set to the set to MS's the

Set Include the MobileIdentificationNumber Activation_MIN value. ENDIF.

parameter

Include the ServiceIndicator parameter set to the CDMA OTASP Service value. IF the ServiceIndicator parameter set to a value of CDMA OTAPA Service was received with the authentication parameters: Include the ServiceIndicator parameter set to the CDMA OTAPA Service value. ENDIF. Send an AuthenticationStatusReport INVOKE to the MSC's associated VLR.

10 Start the Authentication Status Report Timer (ASRT).

Signaling Procedures

6-19

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

11 WAIT for an Authentication Status Report response: 12 WHEN a RETURN RESULT is received: 12-1 12-2 12-2-1 12-2-2 12-3 12-3-1 12-3-2 12-4 13-1 13-2 13-3 14-1 14-2 Stop timer (ASRT). IF the message can be processed: Execute the "MSC Receiving Authentication Parameters" task (see 4.1.6) using the parameters received. Return to the invoking process. ELSE (the message cannot be processed): Execute the "Local Recovery Procedures" task (see 3.5.1). Return to the invoking process. ENDIF. Stop timer (ASRT). Execute the "Local Recovery Procedures" task (see 3.5.1). Return to the invoking process. Execute the "Local Recovery Procedures" task (see 3.5.1). Return to the invoking process.

13 WHEN a RETURN ERROR or REJECT is received:

14 WHEN timer (ASRT) expires:

15 ENDWAIT.

CDMA-OTA

6-20

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.5.2

VLR Awaiting AuthenticationStatusReport INVOKE

Page 6-93)

(TIA/EIA-41.6-D,

When a VLR requests the Serving MSC to perform authentication operations that require the Serving MSC to report the outcome, the VLR shall perform the following: 1 2 3 3-1 3-2 3-2-a 3-2-a-1 3-2-a-1-1 3-2-a-1-2 3-2-a-2 3-2-b 3-2-1 3-2-1-1 3-2-1-2 3-2-1-3 3-2-1-3-1 3-2-1-4 3-2-1-5 3-2-1-5-1 3-2-1-6 3-2-1-6-1 ENDIF. IF the AuthenticationStatusReport INVOKE reports the outcome of operations initiated by the VLR: Clear all the MS's pending operation flags. Send a RETURN RESULT to the requesting MSC. IF COUNT updating has been completed: Increment the value of CallHistoryCount (COUNT) in the VLR's database. ENDIF. IF all of the authentication operations initiated by the VLR have been successfully completed: Exit this task. ELSE (the INVOKE reports the failure of an authentication operation initiated by the VLR): Execute the "VLR Initiating an Authentication Failure Report" task (see 4.3.5) with the ReportType parameter set to indicate the authentication failure reported by the Serving MSC. Exit this task. ENDIF. ENDIF. IF the MS is marked pending SSD update: IF the pending SSD is stored in the VLR's database: Remove the pending SharedSecretData (SSD) and AuthenticationAlgorithmVersion (AAV) from the VLR's database. ENDIF. ENDIF. Clear all the MS's pending operation flags. Start the Authentication Status Report Response Timer (ASRRT). WAIT for an AuthenticationStatusReport INVOKE: WHEN an AuthenticationStatusReport INVOKE is received: Stop timer (ASRRT). IF the received message can be processed: IF the ServiceIndicator parameter set to CDMA OTASP Service value is received: IF OTASPCallEntry is not found: Send a RETURN ERROR with the Error Code indicating Unrecognized MIN. Exit this task. ENDIF.

3-2-1-6-2 3-2-1-7 3-2-2 3-2-3 3-2-3-1 3-2-3-1-1 3-2-3-2 3-2-4 3-2-5

Signaling Procedures

6-21

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

3-2-6 3-2-7 3-2-8 3-2-9 3-2-10 3-2-11 3-2-12 3-2-12-1 3-2-12-2 3-2-12-2-1

Relay the received SystemCapabilities (SYSCAP) parameter modifying it to indicate whether the VLR is able to execute . Include the SenderIdentificationNumber set to the identification number of the VLR. Relay all other received parameters. Send an AuthenticationStatusReport INVOKE to the HLR associated with the MS (For CDMA OTASP, the HLR address is stored in the OTASPCallEntry). Start the Authentication Status Report Timer (ASRT). WAIT for an Authentication Status Report response: WHEN a RETURN RESULT is received: Stop timer (ASRT). IF the message can be processed: IF the DenyAccess parameter is received: Relay the DenyAccess parameter. ENDIF. IF the SSDNotShared (NOSSD) parameter is received: Remove the MS's current SharedSecretData (SSD) and AuthenticationAlgorithmVersion (AAV) from the VLR's database. ENDIF. IF the RandomVariableSSD (RANDSSD) is received: IF SharedSecretData (SSD) is shared: Remove the MS's current SharedSecretData (SSD) and AuthenticationAlgorithmVersion (AAV) from the VLR's database. ENDIF. Relay the parameter. received RandomVariableSSD (RANDSSD)

3-2-12-2-1-1 3-2-12-2-2 3-2-12-2-3 3-2-12-2-3-1

3-2-12-2-4 3-2-12-2-5 3-2-12-2-5-1 3-2-12-2-5-1-1

3-2-12-2-5-2 3-2-12-2-5-3 3-2-12-2-5-4 3-2-12-2-5-5 3-2-12-2-5-5-1 3-2-12-2-5-5-2 3-2-12-2-5-5-2-1 3-2-12-2-5-5-3 3-2-12-2-5-5-4

Mark the MS pending SSD update. IF the SharedSecretData (SSD) is received: Store the pending SharedSecretData (SSD) value. IF the AuthenticationAlgorithmVersion (AAV) parameter is received: Store the value. ENDIF. Select a RandomVariableUniqueChallenge (RANDU) and execute CAVE using the value of the pending SharedSecretData (SSD) to produce an AuthenticationResponseUniqueChallenge (AUTHU). Include the RandomVariableUniqueChallenge (RANDU) and AuthenticationResponseUniqueChallenge (AUTHU) parameters. Mark the MS pending Unique Challenge. ELSE (the SharedSecretData (SSD) is not received): AuthenticationAlgorithmVersion (AAV)

3-2-12-2-5-5-5

3-2-12-2-5-5-6 3-2-12-2-5-6

CDMA-OTA

6-22

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

3-2-12-2-5-6-1 3-2-12-2-5-6-2 3-2-12-2-5-6-3 3-2-12-2-5-7 3-2-12-2-6 3-2-12-2-6-1 3-2-12-2-6-1-1 3-2-12-2-6-1-2 3-2-12-2-6-1-2-1 3-2-12-2-6-1-3 3-2-12-2-6-1-4 3-2-12-2-6-1-4-1 3-2-12-2-6-1-5 3-2-12-2-6-2 3-2-12-2-6-3 3-2-12-2-6-3-1

Relay the RandomVariableUniqueChallenge (RANDU) parameter. Relay the AuthenticationResponseUniqueChallenge (AUTHU) parameter. Mark the MS pending Unique Challenge. ENDIF. ELSE (an SSD update is not requested by the AC): IF the SharedSecretData (SSD) parameter is received: Store the SharedSecretData (SSD) value. IF the AuthenticationAlgorithmVersion (AAV) parameter is received: Store the value. ENDIF. IF the CallHistoryCount (COUNT) parameter is received: Store the received CallHistoryCount (COUNT) value. ENDIF. ENDIF. IF the RandomVariableUniqueChallenge (RANDU): Relay the received RandomVariableUniqueChallenge (RANDU) and AuthenticationResponseUniqueChallenge (AUTHU) parameters. Mark the MS pending Unique Challenge. ENDIF. IF the UpdateCount (UPDCOUNT) parameter is received: Relay the received UpdateCount (UPDCOUNT) parameter. Mark the MS pending COUNT update. ENDIF. Send an AuthenticationStatusReport RETURN RESULT to the requesting MSC. IF the MS is marked pending SSD update, OR IF the MS is marked pending Unique Challenge, OR IF the MS is marked pending COUNT update: Execute the "VLR Awaiting INVOKE" task (see 4.5.2). ENDIF. Exit this task. ELSE (the message cannot be processed): Send a RETURN ERROR to the requesting MSC. Exit this task. ENDIF. AuthenticationStatusReport AuthenticationAlgorithmVersion (AAV)

3-2-12-2-6-3-2 3-2-12-2-6-4 3-2-12-2-7 3-2-12-2-7-1 3-2-12-2-7-2 3-2-12-2-8 3-2-12-2-9 3-2-12-2-10

3-2-12-2-10-1 3-2-12-2-11 3-2-12-2-12 3-2-12-3 3-2-12-3-1 3-2-12-3-2 3-2-12-4 3-2-13 3-2-13-1 3-2-13-2

WHEN a RETURN ERROR or REJECT is received: Stop timer (ASRT). CASE Error Code OF:

Signaling Procedures

6-23

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

3-2-13-3 3-2-13-3-1 3-2-13-3-1-1 3-2-13-3-2 3-2-13-3-2-1 3-2-13-3-3 3-2-13-4 3-2-13-4-1 3-2-13-5 3-2-13-5-1 3-2-13-6 3-2-13-7 3-2-13-8 3-2-14 3-2-14-1 3-2-14-2 3-2-14-3 3-2-15 3-3 3-3-1 3-3-2 3-3-2-1 3-3-2-1-1 3-3-2-2 3-3-3 3-3-4 3-3-5 3-3-6 3-4 4 4-1 4-1-1 4-1-1-1 4-1-2 4-2 4-3 4-4 5 6

: IF the parameter was originated from the initiating functional entity: Send a RETURN ERROR with the Error Code indicating . ELSE: Send a RETURN ERROR with the Error Code indicating . ENDIF. : Send a RETURN ERROR with the Error Code indicating . DEFAULT: Send a RETURN ERROR with the Error Code indicating . ENDCASE. Execute the "Local Recovery Procedures" task (see 3.5.1). Exit this task. WHEN timer (ASRT) expires: Send a RETURN ERROR with the Error Code indicating . Execute the "Local Recovery Procedures" task (see 3.5.1). Exit this task. ENDWAIT.

ELSE (the message cannot be processed): Send a RETURN ERROR to the MSC. IF the MS is marked pending SSD update: IF the pending SSD is stored in the VLR's database: Remove the pending SharedSecretData (SSD) and AuthenticationAlgorithmVersion (AAV) from the VLR's database. ENDIF. ENDIF. Clear all the MS's pending operation flags. Execute the "Local Recovery Procedures" task (see 3.5.1). Exit this task. ENDIF. WHEN timer (ASRRT) expires: IF the MS is marked pending SSD update: IF the pending SharedSecretData (SSD) is stored in the VLR's database: Remove the pending SharedSecretData (SSD) AuthenticationAlgorithmVersion (AAV) from the VLR's database. ENDIF. ENDIF. Clear all the MS's pending operation flags. Execute the "Local Recovery Procedures" task (see 3.5.1). ENDWAIT. Exit this task. and

CDMA-OTA

6-24

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Table 11

VLR AuthenticationStatusReport Response Problem Detection and Recommended Response from VLR to MSC

PROBLEM DEFINITION RETURN ERROR Error Code

1

2

3

4

5

6

7

8

9

10

11

Notes

X X X X X X X X X X X X

a a e a e b, e a d e d, e a d, e c

RETURN RESULT

Problem Detections: 1. The requested MAP operation is recognized, but not supported by the receiving AC (HLR/VLR) or the requesting functional entity is not authorized. 2. A required AC (HLR) resource (e.g., internal memory record, AC (HLR/VLR) is fully occupied) is temporarily not available (e.g., congestion). 3. A required resource (e.g., data base access, functional entity) is not presently accessible due to a failure. Human intervention may be required for resolution. 4. A supplied parameter value an encoding problem (e.g., the supplied MobileIdentificationNumber parameter or Digits (Dialed) parameter digit values do not meet the expected BCD specification). 5. A supplied parameter value is unrecognized or has nonstandard values (e.g., Not used, the SystemCapabilities (SYSCAP) parameter indicated authentication is not supported (), but this AuthenticationStatusReport was received). 6. The supplied MobileIdentificationNumber parameter's AC (HLR) responded that the MIN is not in the AC (HLR)'s range of MIN's or directory numbers (suspect routing error). 7. An optional parameter required by the AC (HLR) was expected, but not received (e.g., a SSD update process was in-progress and a ReportType set to was received, but the expected second ReportType parameter indicating the CallHistoryCount's (COUNT's) incrementing status (e.g., , , etc.) was not received). 8. The supplied MobileIdentificationNumber parameter's AC (HLR) responded that the MIN is within the range of the AC (HLR), but the MIN is not presently assigned to a subscriber. DenyAccess parameter value is . 9. An AC (HLR) record exists for the supplied MobileIdentificationNumber parameter, but the supplied ElectronicSerialNumber parameter does not match the ESN in the MIN's record. DenyAccess parameter value is . 10. An AC (HLR) record exists for the supplied MobileIdentificationNumber parameter, but the MIN is either a DelinquentAccount, StolenUnit, DuplicateUnit or Unspecified. DenyAccess parameter value is . 11. The VLR does not have an OTASPCallEntry for the CDMA OTASP transaction.

Signaling Procedures

6-25

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Notes: a. b. c. d. e.

This Error Code is not an appropriate AC (HLR) response to a AuthenticationStatusReport transaction. It is recommended that an AC (HLR) supports AuthenticationStatusReport transactions. Only RETURN RESULT operations needing clarification have been included. Include the in question as the FaultyParameter parameter. This response may have been originated by the AC (HLR).

CDMA-OTA

6-26

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.5.3

HLR Receiving AuthenticationStatusReport INVOKE

page 6-98)

(TIA/EIA-41.6-D,

When an HLR receives an AuthenticationStatusReport INVOKE, it shall perform the following: 1 1-x 1-a 1-a-1 1-a-1-1 1-a-1-2 1-a-2 1-b 1-1 1-2 1-3 1-4 1-5 1-6 1-6-1 1-6-2 1-6-2-x 1-6-2-x-1 1-6-2-x-1-1 ENDIF. Include the SenderIdentificationNumber set to the identification number of the HLR. Relay all other received parameters. Start the Authentication Status Report Timer (ASRT). Send an AuthenticationStatusReport INVOKE to the AC associated with the MS (For CDMA OTASP, the AC address is stored in the OTASPCallEntry). WAIT for an Authentication Status Report response: WHEN a RETURN RESULT is received: Stop timer (ASRT). IF the message can be processed: IF the SharedSecretData parameter is received: IF the MIN may be needed for authentication calculations for the MS: IF the MobileIdentificationNumber parameter was not present as the MSID parameter in the INVOKE AND IF the MIN cannot be derived from the IMSI: Include the MobileIdentificationNumber parameter set to identify the MS to the VLR. ENDIF. ENDIF. ENDIF. Relay all received parameters. Send a RETURN RESULT to the requesting VLR. ELSE: Send a RETURN ERROR with the Error Code indicating requesting VLR. ENDIF. WHEN a RETURN ERROR or REJECT is received: Stop timer (ASRT). to the IF the received message can be processed: Include the MSID parameter set to identify the MS to the AC. IF the ServiceIndicator parameter set to CDMA OTASP Service value is received: IF OTASPCallEntry is not found: Send a RETURN ERROR with the Error Code indicating Unrecognized MIN. Exit this task. ENDIF.

1-6-2-x-1-1-1 1-6-2-x-1-2 1-6-2-x-2 1-6-2-y 1-6-2-1 1-6-2-2 1-6-3 1-6-3-1 1-6-4 1-7 1-7-1

Signaling Procedures

6-27

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

1-7-2 1-7-3 1-7-3-1 1-7-3-1-1 1-7-3-2 1-7-3-2-1 1-7-3-3 1-7-4 1-7-4-1 1-7-5 1-7-5-1 1-7-6 1-7-7 1-7-8 1-8 1-8-1 1-8-2 1-8-3 1-9 2 2-1 3 4

CASE Error Code OF: : IF the parameter was originated from the initiating functional entity: Send a RETURN ERROR with Error Code set to indicate . ELSE: Send a RETURN ERROR with Error Code set to indicate . ENDIF. : Send a RETURN ERROR with Error Code set to indicate . DEFAULT: Send a RETURN ERROR with Error Code set to indicate . ENDCASE. Execute the "Local Recovery Procedures" task (see 3.5.1). Exit this task. WHEN timer (ASRT) expires: Send a RETURN ERROR with the Error Code indicating . Execute the "Local Recovery Procedures" task (see 3.5.1). Exit this task. ENDWAIT.

ELSE (the received message cannot be processed): Send a RETURN ERROR to the requesting VLR. ENDIF. Exit this task.

CDMA-OTA

6-28

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Table 12

HLR AuthenticationStatusReport Response Problem Detection and Recommended Response from HLR to VLR

PROBLEM DEFINITION RETURN ERROR Error Code

1

2

3

4

5

6

7

8

9

10

11

Notes

X X X X X X X X X

a a e a e b, e a d e d, e a d, e

RETURN RESULT

X

X

X

c

Problem Detections: 1. The requested MAP operation is recognized, but not supported by the receiving AC (HLR/VLR) or the requesting functional entity is not authorized. 2. A required AC (HLR) resource (e.g., internal memory record, AC (HLR/VLR) is fully occupied) is temporarily not available (e.g., congestion). 3. A required resource (e.g., data base access, functional entity) is not presently accessible due to a failure. Human intervention may be required for resolution. 4. A supplied parameter value an encoding problem (e.g., the supplied MobileIdentificationNumber parameter or Digits (Dialed) parameter digit values do not meet the expected BCD specification). 5. A supplied parameter value is unrecognized or has nonstandard values (e.g., Not used, the SystemCapabilities (SYSCAP) parameter indicated authentication is not supported (), but this AuthenticationStatusReport was received). 6. The supplied MobileIdentificationNumber parameter's AC (HLR) responded that the MIN is not in the AC (HLR)'s range of MIN's or directory numbers (suspect routing error). 7. An optional parameter required by the AC (HLR) was expected, but not received (e.g., a SSD update process was in-progress and a ReportType set to was received, but the expected second ReportType parameter indicating the CallHistoryCount's (COUNT's) incrementing status (e.g., , , etc.) was not received). 8. The supplied MobileIdentificationNumber parameter's AC (HLR) responded that the MIN is within the range of the AC (HLR), but the MIN is not presently assigned to a subscriber. DenyAccess parameter value is . 9. An AC (HLR) record exists for the supplied MobileIdentificationNumber parameter, but the supplied ElectronicSerialNumber parameter does not match the ESN in the MIN's record. DenyAccess parameter value is . 10. An AC (HLR) record exists for the supplied MobileIdentificationNumber parameter, but the MIN is either a Delinquent Account, StolenUnit, DuplicateUnit or Unspecified. DenyAccess parameter value is . 11. The HLR does not have an OTASPCallEntry for the CDMA OTASP transaction.

Signaling Procedures

6-29

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Notes: a. b. c. d. e.

This Error Code is not an appropriate AC (HLR) response to a AuthenticationStatusReport transaction. It is recommended that an AC (HLR) supports AuthenticationStatusReport transactions. Only RETURN RESULT operations needing clarification have been included. Include the in question as the FaultyParameter parameter. This response may have been originated by the AC (HLR).

CDMA-OTA

6-30

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.5.4

AC Awaiting AuthenticationStatusReport INVOKE

100)

(TIA/EIA-41.6-D, page 6-

When an AC requests the VLR to perform authentication operations that require the VLR to report the outcome, the AC shall perform the following: 1 2 3 3-1 3-2 3-2-1 3-2-a 3-2-a-1 3-2-b 3-2-c 3-2-d 3-2-d-1 3-2-e 3-2-f 3-2-g 3-2-g-1 3-2-h 3-2-2 3-2-2-1 Start the Authentication Status Report Response Timer (ASRRT). WAIT for an AuthenticationStatusReport INVOKE: WHEN an AuthenticationStatusReport INVOKE is received: Stop timer (ASRRT). IF the received message can be processed: Clear all the MS's pending operation flags. IF the ServiceIndicator parameter, set to either the CDMA OTASP Service or the CDMA OTAPA Service value, is received: Indicate success and relay received parameters to the calling task. ENDIF. Clear all the MS's pending operation flags. IF the INVOKE message reports that the application of Voice Privacy is NOT successful: Return failure to the calling task. ENDIF. IF the INVOKE message reports that the application of Signaling. Message Encryption is NOT successful: Return failure to the calling task. ENDIF. IF the INVOKE reports that SSD updating has been successful: Update the AC's database to indicate that the pending SharedSecretData (SSD) value is now the value used by the MS (For CDMA OTASP, the AC's database is updated only if the corresponding A-key was not generated as part of the current CDMA OTASP transaction). IF the ServiceIndicator parameter set to either the CDMA OTASP Service value or the CDMA OTAPA Service value is received: IF an OTASPCallEntry exists AND IF the OTASPCallEntry contains an A-key: Mark the pending SSD in the OTASPCallEntry as valid SSD. ELSE (OTASPCallEntry does not exist1 OR OTASPCallEntry does not contain an A-key): Update the AC's database to indicate that the pending SharedSecretData (SSD)value is now the value used by the MS. ENDIF. ELSE:

3-2-2-m 3-2-2-m-1 3-2-2-m-1-1 3-2-2-m-2 3-2-2-m-2-1 3-2-2-m-3 3-2-2-n

1

At this point of processing an OTASPCallEntry will always exist for OTASP but it might not exist for OTAPA.

Signaling Procedures

6-31

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

3-2-2-n-1 3-2-2-o 3-2-3 3-2-4 3-2-4-1 3-2-5 3-2-6 3-2-6-1 3-2-7 3-2-8 3-2-8-1 3-2-9 3-2-10 3-2-10-1 3-2-11 3-2-12 3-2-12-1

Update the AC's database to indicate that the pending SharedSecretData (SSD)value is now the value used by the MS. ENDIF. ENDIF. IF the INVOKE reports that COUNT updating has been successful: Increment the value of COUNT in the AC's database. ENDIF. IF an authentication failure has been detected: Execute recovery procedures according to the AC's internal algorithm. ENDIF. IF local administrative procedures request that service shall be denied: Include the DenyAccess parameter: ENDIF. IF SharedSecretData (SSD) presently shared with the VLR shall be discarded: Include the SSDNotShared (NOSSD) parameter. ENDIF. IF an SSD update shall be initiated: Select a RandomVariableSSD (RANDSSD) and execute CAVE using the value of the MS's A-key recorded in the AC's database to produce a pending SharedSecretData (SSD). Include the RandomVariableSSD (RANDSSD) parameter. Mark the MS pending SSD update. IF AC administrative procedures indicate that the pending SharedSecretData (SSD) shall be shared with the VLR for the SSD update operation AND IF the ServiceIndicator parameter, set to either the CDMA OTASP Service or the CDMA OTAPA Service value, is not received: IF the VLR's SystemCapabilities indicates that the VLR is able to execute the algorithm: Include the SharedSecretData (SSD) parameter set to the pending SSD value. IF the AuthenticationAlgorithmVersion (AAV) parameter is received: Store the AuthenticationAlgorithmVersion (AAV) value. ENDIF. ENDIF. ELSE (pending SharedSecretData (SSD) is not to be shared: Select a RandomVariableUniqueChallenge (RANDU) and execute CAVE using the value of the pending SSD to produce an AuthenticationResponseUniqueChallenge (AUTHU). Include the RandomVariableUniqueChallenge (RANDU) and AuthenticationResponseUniqueChallenge (AUTHU) parameters. Mark the MS pending Unique Challenge. ENDIF. ELSE (SSD update not initiated):

3-2-12-2 3-2-12-3 3-2-12-4

3-2-12-4-1 3-2-12-4-1-1 3-2-12-4-1-2 3-2-12-4-1-2-1 3-2-12-4-1-3 3-2-12-4-2 3-2-12-5 3-2-12-5-1

3-2-12-5-2 3-2-12-5-3 3-2-12-6 3-2-13

CDMA-OTA

6-32

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

3-2-13-1 3-2-13-1-1 3-2-13-1-1-1 3-2-13-1-1-2 3-2-13-1-1-2-1 3-2-13-1-1-3 3-2-13-1-2 3-2-13-2 3-2-13-3 3-2-13-3-1

IF the SharedSecretData (SSD) shall be shared with the VLR: IF the VLR's SystemCapabilities indicates the VLR is capable of executing the algorithm: Include the SharedSecretData (SSD) and CallHistoryCount (COUNT) parameters. IF the AuthenticationAlgorithmVersion (AAV) parameter is received: Store the AuthenticationAlgorithmVersion (AAV) value. ENDIF. ENDIF. ENDIF. IF a Unique Challenge shall be initiated: Select a RandomVariableUniqueChallenge (RANDU) and execute CAVE using the value of the MS's SharedSecretData (SSD) recorded in the AC's database to produce an AuthenticationResponseUniqueChallenge (AUTHU). Include the RandomVariableUniqueChallenge (RANDU) and AuthenticationResponseUniqueChallenge (AUTHU) parameters. Mark the MS pending Unique Challenge. ENDIF. ENDIF. IF a COUNT update shall be initiated: Include the UpdateCount (UPDCOUNT) parameter. Mark the MS pending COUNT update. ENDIF. Send an AuthenticationStatusReport RETURN RESULT to the requesting HLR. IF the MS is marked pending SSD update, OR IF the MS is marked pending Unique Challenge, OR IF the MS is marked pending COUNT update: Execute the "AC Awaiting AuthenticationStatusReport INVOKE" task (see 4.5.4). ENDIF. Exit this task.

3-2-13-3-2 3-2-13-3-3 3-2-13-4 3-2-14 3-2-15 3-2-15-1 3-2-15-2 3-2-16 3-2-17 3-2-18 3-2-18-1 3-2-19 3-2-20 3-3 3-3-1 3-3-a 3-3-a-1 3-3-b 3-3-2 3-3-2-1 3-3-3 3-3-4 3-3-5 3-3-6

ELSE (the message cannot be processed): Send a RETURN ERROR to the requesting HLR. IF the invoking task is related to CDMA OTASP or CDMA OTAPA: Indicate failure ENDIF. IF the MS is marked pending SSD update: Remove the pending SharedSecretData (SSD) from the AC's database. ENDIF. Clear all the MS's pending operation flags. Execute the "Local Recovery Procedures" task (see 3.5.1). Exit this task. to the calling task.

Signaling Procedures

6-33

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

3-4 4 4-1 4-1-1 4-2 4-3 4-4 4-a 4-a-1 4-b 5 6

ENDIF. WHEN timer (ASRRT) expires: IF the MS is marked pending SSD update: Remove the pending SharedSecretData (SSD) from the AC's database. ENDIF. Clear all the MS's pending operation flags. Execute the "Local Recovery Procedures" task (see 3.5.1). IF the invoking task is related to CDMA OTASP or CDMA OTAPA: Indicate failure ENDIF. ENDWAIT. Exit this task. Table 13 AC AuthenticationStatusReport Response Problem Detection and Recommended Response from AC to HLR to the calling task.

PROBLEM DEFINITION RETURN ERROR Error Code

1

2

3

4

5

6

7

8

9

10

11

Notes

X X X X X X X X

a a e a e b, e a d e d, e a d, e

RETURN RESULT

X

X

X

X

c

Problem Detections: 1. The requested MAP operation is recognized, but not supported by the receiving AC (HLR/VLR) or the requesting functional entity is not authorized. 2. A required AC (HLR) resource (e.g., internal memory record, AC (HLR/VLR) is fully occupied) is temporarily not available (e.g., congestion). 3. A required resource (e.g., data base access, functional entity) is not presently accessible due to a failure. Human intervention may be required for resolution. 4. A supplied parameter value an encoding problem (e.g., the supplied MobileIdentificationNumber parameter or Digits (Dialed) parameter digit values do not meet the expected BCD specification). 5. A supplied parameter value is unrecognized or has nonstandard values (e.g., Not used, the SystemCapabilities (SYSCAP) parameter indicated authentication is not supported (), but this AuthenticationStatusReport was received). 6. The supplied MobileIdentificationNumber parameter's AC (HLR) responded that the MIN is not in the AC (HLR)'s range of MIN's or directory numbers (suspect routing error).

CDMA-OTA

6-34

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

7.

An optional parameter required by the AC (HLR) was expected, but not received (e.g., a SSD update process was in-progress and a ReportType set to was received, but the expected second ReportType parameter indicating the CallHistoryCount's (COUNT's) incrementing status (e.g., , , ) was not received). 8. The supplied MobileIdentificationNumber parameter's AC (HLR) responded that the MIN is within the range of the AC (HLR), but the MIN is not presently assigned to a subscriber. DenyAccess parameter value is . 9. An AC (HLR) record exists for the supplied MobileIdentificationNumber parameter, but the supplied ElectronicSerialNumber parameter does not match the ESN in the MIN's record. DenyAccess parameter value is . 10. An AC (HLR) record exists for the supplied MobileIdentificationNumber parameter, but the MIN is either a DelinquentAccount, StolenUnit, DuplicateUnit or Unspecified. DenyAccess parameter value is . 11. The ServiceIndicator parameter is received and the AC does not have an OTASPCallEntry for the CDMA OTASP transaction.

Notes: a. b. c. d. e.

This Error Code is not an appropriate AC (HLR) response to a AuthenticationStatusReport transaction. It is recommended that an AC (HLR) supports AuthenticationStatusReport transactions. Only RETURN RESULT operations needing clarification have been included. Include the in question as the FaultyParameter parameter. This response may have been originated by the AC (HLR).

Signaling Procedures

6-35

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.6

4.6.1

BASE STATION CHALLENGE

MSC Initiating a Base Station Challenge

(TIA/EIA-41.6-D, page 6-104)

When an MSC receives a Base Station Challenge Order from an MS, it shall perform the following: 1 2 a a-1 a-2 b c c-1 d 3 4 5 6 7 7-1 7-2 7-2-1 7-3 8 8-1 8-2 9 9-1 Include the ElectronicSerialNumber parameter set to identify the MS. Include the MobileIdentificationNumber MSID parameter set to identify the MS. IF the MS is in a call AND the call was originated using an OTASP Feature Code (*FC): Include the ServiceIndicator parameter set to the CDMA OTASP Service value. Set the MSID parameter to the MobileIdentificationNumber parameter carrying to the Activation_MIN value. ENDIF. IF the ServiceIndicator parameter set to a value of CDMA OTAPA Service was received with the authentication parameters: Include the ServiceIndicator parameter set to the CDMA OTAPA Service value. ENDIF. Include the RandomVariableBaseStation (RANDBS) parameter provided by the MS. Send a BaseStationChallenge INVOKE to the MSC's associated VLR. Start the Base Station Challenge Timer (BSCT). WAIT for a Base Station Challenge response: WHEN a RETURN RESULT is received: Stop timer (BSCT). IF the message can be processed: Send a Base Station Challenge response to the MS that includes the received AuthenticationResponseBaseStation (AUTHBS). ENDIF. WHEN a RETURN ERROR or REJECT is received: Stop timer (BSCT). Execute the "Local Recovery Procedures" task (see 3.5.1). WHEN timer (BSCT) expires: Execute the "Local Recovery Procedures" task (see 3.5.1).

10 ENDWAIT. 11 Exit this task.

CDMA-OTA

6-36

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.6.2

VLR Receiving BaseStationChallenge INVOKE

(TIA/EIA-41.6-D, page 6-104)

When a VLR receives a BaseStationChallenge INVOKE, it shall perform the following: 1 1-a 1-a-1 1-a-1-1 1-a-1-2 1-a-2 1-b 1-1 ENDIF. IF the pending SharedSecretData (SSD) was provided to the VLR AND IF the ServiceIndicator parameter, set to either the CDMA OTASP Service or the CDMA OTAPA Service value, is not received: Execute CAVE using the pending SharedSecretData (SSD) of the MS and the RandomVariableBaseStation (RANDBS) provided in the BaseStationChallenge INVOKE to produce the AuthenticationResponseBaseStation (AUTHBS). Include the AuthenticationResponseBaseStation (AUTHBS) parameter. Send a RETURN RESULT to the requesting MSC. ELSE (SharedSecretData (SSD) is not shared, AuthenticationResponseBaseStation is to be computed by the AC): i.e., the IF the received message can be processed: IF the ServiceIndicator parameter set to CDMA OTASP Service value is received: IF OTASPCallEntry is not found: Send a RETURN ERROR with the Error Code indicating Unrecognized MIN. Exit this task. ENDIF.

1-1-1

1-1-2 1-1-3 1-2 1-2-1 1-2-2 1-2-3 1-2-4 1-2-5 1-2-6 1-2-6-1 1-2-6-2 1-2-6-2-1 1-2-6-2-2 1-2-6-2-3 1-2-6-3 1-2-6-3-1 1-2-6-3-2 1-2-6-4 1-2-7 1-2-7-1 1-2-7-2 1-2-7-3

Include the SenderIdentificationNumber set to the identification number of the VLR. Relay all other received parameters. Send a BaseStationChallenge INVOKE to the HLR associated with the MS (For CDMA OTASP, HLR address is stored in the OTASPCallEntry). Start the Base Station Challenge Timer (BSCT). WAIT for a Base Station Challenge response: WHEN a RETURN RESULT is received: Stop timer (BSCT). IF the message can be processed: Relay all received parameters. Send the RETURN RESULT to the requesting MSC. Exit this task. ELSE (the message cannot be processed): Send a RETURN ERROR to the requesting MSC. Exit this task. ENDIF. WHEN a RETURN ERROR or REJECT is received: Stop timer (BSCT). CASE Error Code OF: :

Signaling Procedures

6-37

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

1-2-7-3-1 1-2-7-3-1-1 1-2-7-3-2 1-2-7-3-2-1 1-2-7-3-3 1-2-7-4 1-2-7-4-1 1-2-7-5 1-2-7-5-1 1-2-7-6 1-2-7-7 1-2-7-8 1-2-8 1-2-8-1 1-2-8-2 1-2-8-3 1-2-9 1-3 2 2-1 3 4 ENDIF. :

IF the parameter was originated from the initiating functional entity: Send a RETURN ERROR with the Error Code indicating . ELSE: Send a RETURN ERROR with the Error Code indicating . ENDIF. Send a RETURN ERROR with the Error Code indicating . DEFAULT: Send a RETURN ERROR with the Error Code indicating . ENDCASE. Execute the "Local Recovery Procedures" task (see 3.5.1). Exit this task. WHEN timer (BSCT) expires: Send a RETURN ERROR with Error Code . Execute "Local Recovery Procedures" task (see 3.5.1). Exit this task. ENDWAIT.

ELSE (the received message cannot be processed): Send a RETURN ERROR to the requesting MSC. ENDIF. Exit this task. Table 14 VLR BaseStationChallenge Response

Problem Detection and Recommended Response from VLR to an MSC

PROBLEM DEFINITION RETURN ERROR Error Code

X X X X X X X X d d d b, d a d d a a a c

1

2

3

4

5

6

7

8

Notes

RETURN RESULT

Problem Detections: 1. The requested MAP operation is recognized, but not supported by the VLR or the requesting functional entity is not authorized.

CDMA-OTA

6-38

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

2. 3. 4. 5. 6. 7. 8.

A required VLR resource (e.g., voice channel, internal memory record, VLR is fully occupied) is temporarily not available (e.g., congestion). A required resource (e.g., data base access, functional entity) is not presently accessible due to a failure. Human intervention may be required for resolution. A supplied parameter value has an encoding problem (e.g., The supplied MobileIdentificationNumber parameter digit values do not meet the BCD specification). The supplied MIN's HLR indicated the MobileIdentificationNumber parameter is not in the HLR's range of MINs or Directory Numbers (suspect routing error). The VLR has another Authentication process active for the supplied MobileIdentificationNumber parameter. The VLR does not presently have a record for the supplied MobileIdentificationNumber parameter (The VLR does not have an OTASPCallEntry for the CDMA OTASP transaction). The VLR presently has a record for the supplied MobileIdentificationNumber parameter, but the supplied ElectronicSerialNumber parameter does not match the ESN in the MobileIdentificationNumber's record.

Notes: a. b. c. d.

This Error Code is not an appropriate VLR response to a BaseStationChallenge transaction. It is recommended that a VLR supports BaseStationChallenge transactions. Only the RETURN RESULT operations needing clarification have been included. This response may have been originated by the HLR (AC).

Signaling Procedures

6-39

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.6.3

HLR Receiving BaseStationChallenge INVOKE

(TIA/EIA-41.6-D, page 6-106)

When an HLR receives a BaseStationChallenge INVOKE, it shall perform the following: 1 1-x 1-a 1-a-1 1-a-1-1 1-a-1-2 1-a-2 1-b 1-1 1-2 1-3 1-4 1-5 1-6 1-6-1 1-6-2 1-6-2-1 1-6-2-2 1-6-3 1-7 1-7-1 1-7-2 1-7-3 1-7-3-1 1-7-3-1-1 1-7-3-2 1-7-3-2-1 1-7-3-3 1-7-4 1-7-4-1 1-7-5 1-7-5-1 1-7-6 1-7-7 1-7-8 1-8 : Send a RETURN ERROR with Error Code set to indicate . DEFAULT: Send a RETURN ERROR with Error Code set to indicate . ENDCASE. Execute the "Local Recovery Procedures" task (see 3.5.1). Exit this task. WHEN timer (BSCT) expires: IF the received message can be processed: Include the MSID parameter set to identify the MS to the AC. IF the ServiceIndicator parameter set to CDMA OTASP Service value is received: IF OTASPCallEntry is not found: Send a RETURN ERROR with the Error Code indicating Unrecognized MIN. Exit this task. ENDIF. ENDIF. Include the SenderIdentificationNumber set to the identification number of the HLR. Relay all other received parameters. Send a BaseStationChallenge INVOKE to the AC associated with the MS (For CDMA OTASP, the AC address is stored in the OTASPCallEntry). Start the Base Station Challenge Timer (BSCT). WAIT for a Base Station Challenge response: WHEN a RETURN RESULT is received: Stop timer (BSCT). IF the message can be processed: Send a RETURN RESULT to the requesting VLR. Exit this task. ENDIF. WHEN a RETURN ERROR or REJECT is received: Stop timer (BSCT). CASE Error Code OF: : IF the parameter was originated from the initiating functional entity: Send a RETURN ERROR with Error Code set to indicate . ELSE: Send a RETURN ERROR with Error Code set to indicate . ENDIF.

CDMA-OTA

6-40

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

1-8-1 1-8-2 1-8-3 1-9 2 2-1 3 4

Send a RETURN ERROR with the Error Code indicating . Execute the "Local Recovery Procedures" task (see 3.5.1). Exit this task. ENDWAIT.

ELSE (the received message cannot be processed): Send a RETURN ERROR to the requesting VLR. ENDIF. Exit this task. Table 15 HLR BaseStationChallenge Response

Problem Detection and Recommended Response from HLR to a VLR

PROBLEM DEFINITION RETURN ERROR Error Code

X X X X X X X d d d b, d a d d a a a c

1

2

3

4

5

6

7

Notes

RETURN RESULT

Problem Detections: 1. The requested MAP operation is recognized, but not supported by the HLR or the requesting functional entity is not authorized. 2. A required HLR resource (e.g., voice channel, internal memory record, HLR is fully occupied) is temporarily not available (e.g., congestion). 3. A required resource (e.g., data base access, functional entity) is not presently accessible due to a failure. Human intervention may be required for resolution. 4. A supplied parameter value has an encoding problem (e.g., The supplied MobileIdentificationNumber parameter digit values do not meet the BCD specification). 5. The supplied MobileIdentificationNumber parameter is not in the HLR's range of MINs or Directory Numbers (suspect routing error). 6. The HLR does not presently have a record for the supplied MobileIdentificationNumber parameter (The HLR does not have an OTASPCallEntry for the CDMA OTASP transaction). 7. The HLR presently has a record for the supplied MobileIdentificationNumber parameter, but the supplied ElectronicSerialNumber parameter does not match the ESN in the MIN's record. Notes: a. b. c.

This Error Code is not an appropriate HLR response to a BaseStationChallenge transaction. It is recommended that a HLR supports BaseStationChallenge transactions. Only the RETURN RESULT operations needing clarification have been included.

Signaling Procedures

6-41

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

d.

This response may have been originated by the AC.

CDMA-OTA

6-42

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.6.4

AC Receiving BaseStationChallenge INVOKE

(TIA/EIA-41.6-D, page 6-108)

When an AC receives a BaseStationChallenge INVOKE, it shall perform the following: 1 1-a 1-a-1 1-a-1-1 1-a-1-2 1-a-2 1-b 1-1 ENDIF. Execute CAVE using the pending SSD of the MS and the RandomVariableBaseStation (RANDBS) provided in the BaseStationChallenge INVOKE (for CDMA OTASP the AuthenticationData is derived from the MobileStationMIN MobileStationMSID parameter value stored in the OTASPCallEntry, for CDMA OTAPA the AuthenticationData is derived from the MSID parameter value), to produce the AuthenticationResponseBaseStation (AUTHBS). Include the AuthenticationResponseBaseStation (AUTHBS) parameter. Send a RETURN RESULT to the requesting HLR. ELSE (the received message cannot be processed): Send a RETURN ERROR to the requesting HLR. ENDIF. Exit this task. IF the received message can be processed: IF the ServiceIndicator parameter set to CDMA OTASP Service value is received: IF OTASPCallEntry is not found: Send a RETURN ERROR with the Error Code indicating Unrecognized MIN. Exit this task. ENDIF.

1-2 1-3 2 2-1 3 4

Signaling Procedures

6-43

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Table 16

AC BaseStationChallenge Response

Problem Detection and Recommended Response from AC to a HLR

PROBLEM DEFINITION RETURN ERROR Error Code

X X X X X X X X a a a c b a

1

2

3

4

5

6

7

8

Notes

RETURN RESULT

Problem Detections: 1. The requested MAP operation is recognized, but not supported by the AC or the requesting functional entity is not authorized. 2. A required AC resource (e.g., voice channel, internal memory record, AC is fully occupied) is temporarily not available (e.g., congestion). 3. A required resource (e.g., data base access, functional entity) is not presently accessible due to a failure. Human intervention may be required for resolution. 4. A supplied parameter value has an encoding problem (e.g., The supplied MobileIdentificationNumber parameter digit values do not meet the BCD specification). 5. The supplied MobileIdentificationNumber parameter is not in the AC's range of MINs or Directory Numbers (suspect routing error). 6. The AC has another Authentication process active for the supplied MobileIdentificationNumber parameter. 7. The AC does not presently have a record for the supplied MobileIdentificationNumber parameter (The AC does not have an OTASPCallEntry for the CDMA OTASP transaction). 8. The AC presently has a record for the supplied MobileIdentificationNumber parameter, but the supplied ElectronicSerialNumber parameter does not match the ESN in the MIN's record. Notes: a. b. c.

This Error Code is not an appropriate AC response to a BaseStationChallenge transaction. It is recommended that an AC supports BaseStationChallenge transactions. Only the RETURN RESULT operations needing clarification have been included.

CDMA-OTA

6-44

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.35 REDIRECTION DIRECTIVE

4.35.2 MSC Receiving RedirectionDirective INVOKE

(TIA/EIA-41.6-D, page 6-221)

When an MSC receives a RedirectionDirective INVOKE, it shall perform the following: 1 1-1 IF the received message can be processed: IF there is a call or leg in progress that is associated with the received BillingID parameter and with the received MobileIdentificationNumber parameter or IMSI parameter (or with both) parameters: Release the associated facilities, which may be facilities toward a toward the requesting MSC, or, if the call being redirected is an OTASP call, release the associated facilities toward the attached CSC. Send a RETURN RESULT to the requesting network element, which may be an MSC, or, if the call being redirected is an OTASP call, may be an OTAF. Redirect the call to the received destination address. IF applicable: Maintain the transmission of answer supervision on the incoming facility, if applicable. ENDIF. IF there was a TRN associated to the call that has been redirected: Replace that association by an association to a new TRN whose value is the received destination address. ENDIF. Exit this task. ELSE (there is no call or leg in process): Send a RETURN ERROR with a proper Error Code value (see the following table) to the requesting network element, which may be an MSC, or, if the call being redirected is an OTASP call, may be an OTAF. Exit this task. ENDIF. ELSE (the received message cannot be processed): Execute "Local Recovery Procedures" task (see 3.5.1). Send a RETURN ERROR with a proper Error Code value (see the following table) to the requesting network element, which may be an MSC, or, if the call being redirected is an OTASP call, may be an OTAF. ENDIF. Exit this task.

1-1-1

1-1-2 1-1-3 1-1-4 1-1-4-1 1-1-5 1-1-a 1-1-a-1 1-1-b 1-1-6 1-2 1-2-1

1-2-2 1-3 2 2-1 2-2

3 4

Signaling Procedures

6-45

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.38 REGISTRATION NOTIFICATION

4.38.1 MSC Initiating MS Registration

(TIA/EIA-41.6-D, page 6-233)

When an MSC determines that a roaming Mobile Station (MS) is now within its service area (through autonomous registration, call origination, call termination (e.g., a page response following a call to the roamer access number), or other mechanism, except for detection by a call handoff), or if instructed to do so for CDMA OTASP, this new Serving MSC shall start the registration notification process by doing the following: 1 2 a a-1 b 3 3-1 3-2 3-3 3-4 4 5 5-1 6 6-1 7 8 9 Include the QualificationInformationCode parameter set according to the information needed from the VLR. Include the SystemAccessType parameter set to the type of access performed by the MS. IF the MS enters an OTASP session (initiated by either the MS or the Serving MSC): Include the SystemAccessType parameter set to OTASP. ENDIF. IF the access occurred in a border cell: Include the BorderCellAccess parameter with a value of . The MSC should include the ReceivedSignalQuality parameter set to the signal strength of the received access. The MSC should include the ControlChannelData parameter set to the Control Channel Identification information. The MSC should include the SystemAccessData parameter set to the cell site information._ ENDIF. IF the MSC is authentication capable: Include the SystemCapabilities (SYSCAP) parameter set to indicate the authentication-related capabilities of this system. IF authentication parameters were requested (i.e., AUTH=1 in the Overhead Message Train), but were not received from the MS on the system access: Include the ReportType (RPTTYP) parameter indicating . ENDIF. Include the ElectronicSerialNumber parameter set to identify the MS. Include the MobileIdentificationNumber MSID parameter set to identify the MS.

10 Include the MSCID parameter set to the identity of the MSC. 11 Include the SystemMyTypeCode parameter set to the MSC's manufacturer. 12 Include the TerminalType (TERMTYP) parameter as declared by the MS. 13 IF the MSC is sending the message to an SS7 network: 13-1 Include the PC_SSN parameter with the Type set to set to the MSC's point code and subsystem number. and the PC and SSN fields

14 ENDIF. 15 IF the MS and MSC are is SMS capable: 15-1 Include the SMS_Address parameter set to be used to route SMS messages to the MS.

CDMA-OTA

6-46

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

c c-1

ELSEIF the MSC supports any other service (e.g., CDMA OTAPA) for which the current routing address of Serving MSC is needed: Include the MSC_Address parameter set to a value that can be used to route SMDPP messages to the MSC. Include the TransactionCapability parameter to identify the current capabilities of the serving MSC. Include the TransactionCapability parameter indicating local SPINI operation supported.

16 ENDIF. d

17 IF the MSC supports local SPINI operation: 17-1

18 ENDIF. 19 IF the MS is intentionally inaccessible for normal Call Delivery for periods of time (e.g., using a slotted mode, paging frame class, or sleep mode): ............ 28 Exit this task.

Signaling Procedures

6-47

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.38.2 VLR Receiving RegistrationNotification INVOKE

235)

(TIA/EIA-41.6-D, page 6-

When a VLR receives a RegistrationNotification INVOKE, it shall perform the following: .......... 12 IF the MS has registered with an MSC within the domain of the VLR: .......... 12-11 IF an SMS_Address parameter is received: 12-11-1 12-11-1-1 12-11-2 12-12 12-12-1 12-12-1-1 12-12-1-2 12-12-2 12-13 12-a 12-a-1 12-a-1-1 12-a-2 12-b 12-c 12-c-1 12-c-1-1 12-c-2 12-d 12-d-1 12-d-1-1 12-d-1-1-1 12-d-1-1-2 12-d-1-2 12-d-2 12-e ENDIF. ENDIF. ELSE: IF a TransactionCapability parameter is not received: IF current OTAPA capability indicates that the OTAPA is supported: Record the OTAPA capability set to OTAPA Not Supported. GOTO Register the MS. ENDIF. ENDIF. IF a TransactionCapability parameter is received: IF the OTAPA capability indicated by that parameter is different than the current OTAPA capability: GOTO Register the MS. ENDIF. ENDIF. IF an MSC_Address parameter is received: IF the MSC_Address is different than the current MSC temporary routing address: GOTO Register the MS. ENDIF. ELSE: IF an SMS temporary routing address exists: Clear the SMS temporary routing address. GOTO Register the MS (to report loss of SMS capability). ENDIF. IF the SMS_Address is different than the current SMS temporary routing address: GOTO Register the MS. ENDIF.

12-14 IF the information requested by the QualificationInformationCode is available: .......... 35 Exit this task.

CDMA-OTA

6-48

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.38.3 HLR Receiving RegistrationNotification INVOKE

241)

(TIA/EIA-41.6-D, page 6-

When an HLR receives a RegistrationNotification INVOKE, it shall perform the following: .......... 1-5 1-6 1-7 1-a 1-a-1 1-a-1-1 1-a-1-1-1 1-a-1-1-2 1-a-1-1-2-1 1-a-1-1-3 1-a-1-1-3-1 1-a-1-1-4 1-a-1-1-5 1-a-1-1-5-1 ENDIF. Include the SystemMyTypeCode parameter set to the HLR's manufacturer. Send a RETURN RESULT to the requesting VLR. IF the TransactionCapability for the current Serving MSC indicates that CDMA OTAPA Service is supported: IF an AvailabilityType parameter RegistrationNotification INVOKE: was NOT received with the

IF CDMA OTAPA Service is authorized for the MS on the current Serving MSC: Set the status of CDMA OTAPA Service as available. IF the SMS_Address parameter has been received: Set the temporary MSC routing address to the received SMS_Address value. ELSEIF the MSC_Address parameter has been received: Set the temporary MSC routing address to the received MSC_Address value. ENDIF. IF the OTA Delivery Pending Flag is set for this MS AND the OTAPA service status is available: Retrieve the routing address of the OTAF stored with the OTA Delivery Pending Flag for the MS to use in routing an SMSNotification message toward the OTAF. Clear the OTA Delivery Pending Flag. Execute the "HLR Initiating SMSNotification INVOKE" task (see 4.47.1). ENDIF. ELSE (Service is not authorized for the current system): Set the CDMA OTAPA Service status to unavailable. ENDIF. ELSE (AvailabilityType parameter was received): Set the CDMA OTAPA Service status to unavailable. ENDIF. ELSE (TransactionCapability indicates CDMA OTAPA service not supported): Set the CDMA OTAPA Service status to unavailable. ENDIF. IF an SMS_Address parameter was received in the RegistrationNotification INVOKE (this sequence is repeated only so that the SMSNotification is sent after the RegistrationNotification RETURN RESULT):

1-a-1-1-5-2 1-a-1-1-5-3 1-a-1-1-6 1-a-1-2 1-a-1-2-1 1-a-1-3 1-a-2 1-a-2-1 1-a-3 1-b 1-b-1 1-c 1-8

Signaling Procedures

6-49

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

1-8-1 1-8-1-1 1-8-1-1-1 1-8-1-1-2 1-8-1-1-2-1 1-8-1-1-2-2 1-8-1-1-3 1-8-1-2 1-8-1-2-1 1-8-1-3 1-8-2 1-8-2-1 1-8-3 1-9 1-9-2 1-9-3 1-9-4 1-9-4-1 1-9-4-2 1-9-5 1-10 ..........

IF an AvailabilityType parameter RegistrationNotification INVOKE:

was

NOT

received

with

the

IF SMS service is authorized for the MS on the current serving system: Optionally set the temporary SMS routing address to the received SMS_Address. IF the SMS Delivery Pending Flag is set for this MS: Clear the SMS Delivery Pending Flag. Execute the "HLR Initiating SMSNotification INVOKE" task (see 4.47.1). ENDIF. ELSE (SMS service is not authorized for the current system): GOTO SMS Not Available. ENDIF. ELSE (AvailabilityTypeparameter was received: GOTO SMS Not Available. ENDIF. ELSE (no SMS_Address parameter was received): Set the SMS status to unavailable. Clear the temporary SMS routing address. Optionally, IF the MC is to be informed of MS unavailability: Include the SMS_AccessDeniedReason parameter set to Unavailable. Execute the "HLR Initiating SMSNotification INVOKE" task (see 4.47.1). ENDIF. ENDIF.

SMS Not Available:

CDMA-OTA

6-50

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.46 SMS DELIVERY POINT-TO-POINT

4.46.4 MSC Receiving an SMSDeliveryPointToPoint INVOKE

page 6-273) (TIA/EIA-41.6-D,

Upon receipt of an SMSDeliveryPointToPoint INVOKE for an intended MS, the receiving MSC shall do the following: 1 1-x 1-x-1 1-x-1-1 1-x-2 1-x-2-1 1-x-2-2 1-x-2--2-1 1-x-2-2-1-1 1-x-2-2-2 1-x-2-2-2-1 1-x-2-2-2-2 1-x-2-2-3 1-x-2-3 1-x-2-3-1 1-x-2-4 1-x-2-4-1 1-x-2-4-1-1 1-x-2-4-2 1-x-2-4-2-1 1-x-2-4-2-2 1-x-2-4-3 1-x-2-5 1-x-2-5-1 1-x-2-6 IF the message can be processed: IF the ServiceIndicator parameter set to either the CDMA OTASP Service or the CDMA OTAPA Service is received: IF the SMS_BearerData parameter has a non-zero length: Execute the "MSC Receiving SMDPP INVOKE for OTA Data Message Exchange" task (see 5.C3.2). ELSEIF the ActionCode parameter is received: CASE ActionCode OF: Attach MSC to OTAF: IF the ServiceIndicator parameter is set to the CDMA OTASP Service value: Execute the "MSC Receiving SMDPP INVOKE to Attach with OTAF" task (see 5.C1.3). ELSEIF the ServiceIndicator parameter is set to the CDMA OTAPA Service value: Include the SMS_CauseCode parameter set to indicate Unexpected parameter value. Send a RETURN RESULT. ENDIF. Initiate RegistrationNotification: Execute the "MSC Receiving SMDPP INVOKE for Registration of MS" task (see 5.C4.2). Release TRN: IF the ServiceIndicator parameter is set to the CDMA OTASP Service value: Execute the "MSC Receiving SMDPP INVOKE to Release TRN" task (see 5.C1.5). ELSEIF the ServiceIndicator parameter is set to the CDMA OTAPA Service value: Include the SMS_CauseCode parameter set to indicate Unexpected parameter value. Send a RETURN RESULT. ENDIF. Record NEWMSID: Execute the "MSC Receiving SMDPP INVOKE to Record NEWMSID" task (see 5.C1.5). DEFAULT:

Signaling Procedures

6-51

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

1-x-2-6-1 1-x-2-6-2 1-x-2-7 1-x-2 1-x-3 1-y 1-1 ............ ENDIF.

Include the SMS_CauseCode parameter set to indicate Unexpected parameter value. Send a RETURN RESULT. ENDCASE. Exit this task.

ENDIF. IF the SMS_DestinationAddress parameter is received:

CDMA-OTA

6-52

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.47 SMS NOTIFICATION

4.47.1 HLR Initiating SMSNotification INVOKE

(TIA/EIA-41.6-D, page 6-285)

Upon request to send an SMSNotification message, the HLR shall do the following: 1 2 3 3-1 4 4-1 5 5-1 6 7 8 Include the ElectronicSerialNumber parameter set to the ESN of the desired MS. Include the MobileIdentificationNumber MSID parameter set to the MIN or IMSI of the desired MS. IF MS is denied: Include the SMS_AccessDeniedReason parameter set to Denied. ELSEIF MS is unavailable or the temporary SMS routing address is not current: Include the SMS_AccessDeniedReason parameter set to Unavailable. ELSE: Include the SMS_Address parameter set to the temporary SMS routing address for the desired MS, for SMS, or set to temporary MSC routing address for OTAPA. ENDIF. Send an SMSNotification message toward the MS's MC, for SMS, or toward the OTAF, for OTAPA. Start the SMS Notification Timer (SNT).

.............

Signaling Procedures

6-53

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.47.C OTAF Receiving an SMSNotification INVOKE

Upon receipt of an SMSNotification INVOKE, the OTAF shall do the following: 1 1-1 1-1-1 1-1-2 IF the received message can be processed: IF the SMS_Address parameter was received: Store the SMS_Address as the temporary routing address with the current time. Optionally, Inform the CSC that the MS, identified by the received MobileIdentificationNumber MSID and ElectronicSerialNumber parameters, is available for an OTAPA session. Send an SMSNotification RETURN RESULT. ELSE (expected parameters not received): Send a RETURN ERROR with the Error Code set to MissingParameter. ENDIF. ELSE (the received message cannot be processed): Send a RETURN ERROR with the proper Error Code value (see the following table). ENDIF. Exit this task.

1-1-3 1-3 1-3-1 1-4 2 2-1 3 4

CDMA-OTA

6-54

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Table 4.47.C

OTAF SMSNotification Response

Problem Detection and Recommended Response from the MC toward the initiating HLR

PROBLEM DETECTION RETURN ERROR Error Code

UnrecognizedMIN UnrecognizedESN MIN/HLRMismatch OperationSequenceProblem ResourceShortage OperationNotSupported TrunkUnavailable ParameterError SystemFailure UnrecognizedParameterValue FeatureInactive MissingParameter

X X X X X a a X a X b, e a d e d a d c

1

2

3

4

5

6

7

Notes

RETURN RESULT

Problem Detections: 1. The requested MAP operation is recognized, but not supported, by the receiving OTAF, or the requesting functional entity is not authorized. 2. A required OTAF resource (e.g., internal memory record, OTAF is fully occupied) is temporarily not available (e.g., congestion). 3. A required resource (e.g., data base access, functional entity) is not presently accessible due to a failure. Human intervention may be required for resolution. 4. A supplied parameter has an encoding problem (e.g., the supplied MobileIdentificationNumber parameter digit values do not meet the BCD specification). 5. A supplied parameter value is unrecognized or has nonstandard values (e.g., Not used). 6. An expected, or required, optional parameter (e.g., SMS_Address) was not received. 7. The supplied MobileIdentificationNumberparameter is not in the OTAF's range of MINs (suspect routing error). Notes: a. b. c. d. e.

This Error Code is not an appropriate OTAF response to an SMSNotification transaction. It is recommended that an OTAF supports SMSNotification transactions. Only RETURN RESULT operations needing clarification have been included. Include the Parameter Identifier in question as the FaultyParameter parameter. The OTAF did not respond, possibly indicating that it does not support an SMSNotification message.

Signaling Procedures

6-55

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.48 SMS REQUEST

4.48.1 MC or OTAF Initiating SMS Request

(TIA/EIA-41.6-D, page 6-288)

Upon request to obtain a routing address for an MS-based SME or an OTAPA capable MS (this request may be accepted, postponed, unavailable, or denied), the MC or OTAF shall do the following: 1 1-1 2 3 4 a 5 5-1 6 7 8 9 IF the ESN is known for the MS: Include the ElectronicSerialNumber parameter set to identify the MS. ENDIF. Include the MobileIdentificationNumber MSID parameter set to identify the MS. Include the SMS_TeleserviceIdentifier parameter, if applicable, set to the appropriate teleservice identifier value if applicable. Include the ServiceIndicator parameter, if applicable, set to identify the service for which this SMSRequest is being made. IF notification is not required: Include the SMS_NotificationIndicator parameter set to . ENDIF. Send an SMSRequest INVOKE message toward the HLR serving the MIN MS. Start the SMS Request Timer (SRT). WAIT for an SMS Request response: Stop the timer (SRT). IF the message can be processed: IF an SMS_Address is received: Return to the calling task with the SMS_Address and an accepted indication. ELSEIF an SMS_AccessDeniedReason parameter is received: CASE SMS_AccessDeniedReason value OF: Postponed: Return to the calling task with a postponed indication. Denied: Return to the calling task with a denied indication. Unavailable: Return to the calling task with a unavailable indication. ENDCASE. ENDIF. ELSE (the message cannot be processed): Return to the calling task with a denied indication. ENDIF.

10 WHEN a RETURN RESULT is received: 10-1 10-2 10-2-1 10-2-1-1 10-2-2 10-2-2-1 10-2-2-2 10-2-2-2-1 10-2-2-3 10-2-2-3-1 10-2-2-4 10-2-2-4-1 10-2-2-5 10-2-3 10-3 10-3-1 10-4

11 WHEN a RETURN ERROR or REJECT is received:

CDMA-OTA

6-56

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

11-1 11-2 12-1

Stop the timer (SRT). Return to the calling task with a denied indication. Return to the calling task with a denied indication.

12 WHEN the timer (SRT) expires: 13 ENDWAIT. 14 Exit this task.

Signaling Procedures

6-57

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.48.2 HLR Receiving an SMSRequest INVOKE

(TIA/EIA-41.6-D, page 6-289)

Upon receipt of an SMSRequest INVOKE, the HLR shall do the following: 1 1-1 IF the message can be processed: IF the addressed MS is not known, OR IF the MS is known, but is not authorized for SMS, OR IF the ServiceIndicator parameter is present and its value is not supported by the HLR: Include the SMS_AccessDeniedReason parameter indicating Denied. Send a RETURN RESULT. Exit this task. ENDIF. IF ServiceIndicator parameter is present and indicates CDMA OTAPA service: IF the ElectronicSerialNumber parameter was not received: Include the ElectronicSerialNumber parameter set to identify the MS. ENDIF. IF either current serving MSC is not OTAPA capable OR is not secure to program the MS at its current location, OR IF the temporary routing address is not current, OR IF the MS is reported as inactive: IF the SMSNotificationIndicator parameter was present in the SMSRequest INVOKE and the SMSNotificationIndicator indicates Do not notify when available: Include the SMSAccessDeniedReason parameter set to Unavailable. ELSE: IF the OTA Delivery Pending Flag for this MS is not already set: Set the OTA Delivery Pending Flag for this MS, storing the routing address of the OTAF from which the SMSRequest INVOKE was received with that flag. ELSE: Replace the routing address previously stored with the OTA Delivery Pending Flag for this MS with the routing address of the OTAF from which the SMSRequest INVOKE was received. ENDIF. Include the SMSAccessDeniedReason parameter set to Postponed. ENDIF. Send a RETURN RESULT. Exit this task. ELSE: Include the SMS_Address parameter set to the current address for the MS. Send a RETURN RESULT. Exit this task. ENDIF. ENDIF. ELSEIF (the teleservice indicated by the SMS_TeleserviceIdentifier parameter is unknown or is not supported):

1-1-1 1-1-a 1-1-b 1-a 1-b 1-b-1 1-b-1-1 1-b-2 1-b-3

1-b-3-1

1-b-3-1-1 1-b-3-2 1-b-3-2-1 1-b-3-2-1-1

1-b-3-2-2 1-b-3-2-2-1

1-b-3-2-3 1-b-3-2-4 1-b-3-3 1-b-3-4 1-b-3-5 1-b-4 1-b-4-1 1-b-4-2 1-b-4-3 1-b-5 1-c 1-2

CDMA-OTA

6-58

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

1-2-1 1-3 1-3-1 1-3-2 1-3-2-1 1-3-3 1-4

Include the SMS_AccessDeniedReason parameter indicating Invalid: ELSEIF the temporary SMS routing address is current (as determined by the HLR, e.g., some time between never to until revoked) for the addressed MS: Include the SMS_Address parameter set to the current SMS address for the MS. IF the ElectronicSerialNumber parameter was not received: Include the ElectronicSerialNumber parameter set to identify the MS. ENDIF. ELSEIF the addressed MS is able to receive SMS messages (e.g., MS is registered to an SMS capable system), but the SMS address is not current or the MS is reported as inactive: Relay all parameters received in the SMSRequest INVOKE. Include the ElectronicSerialNumber parameter for the addressed MS. Send an SMSRequest INVOKE to the VLR that is currently serving the indicated MS. Start the SMS Request Timer (SRT). WAIT for an SMS Request Response: WHEN a RETURN RESULT is received: Stop timer (SRT). IF the message can be processed: Relay all received parameters. ELSE (message cannot be processed): Execute "Local Recovery Procedures" task (see 3.5.1). Set the SMS Delivery Pending Flag for this MS. Include the SMS_AccessDeniedReason parameter set to Postponed. ENDIF. WHEN a RETURN ERROR or REJECT is received: Stop timer (SRT). Execute "Local Recovery Procedures" task (see 3.5.1). Set the SMS Delivery Pending Flag for this MS. Include the SMS_AccessDeniedReason parameter set to Postponed. WHEN timer (SRT) expires: Execute "Local Recovery Procedures" task (see 3.5.1). Set the SMS Delivery Pending Flag for this MS. Include the SMS_AccessDeniedReason parameter set to Postponed. ENDWAIT. ELSE (the MS is not registered to an SMS capable system or the MS is registered to an SMS incapable system): IF the SMS_NotificationIndicator parameter was present in the SMSRequest INVOKE and the SMS_NotificationIndicator indicates : Include the SMS_AccessDeniedReason parameter set to Unavailable. ELSE: Set the SMS Delivery Pending Flag for this MS.

1-4-1 1-4-2 1-4-3 1-4-4 1-4-5 1-4-6 1-4-6-1 1-4-6-2 1-4-6-2-1 1-4-6-3 1-4-6-3-1 1-4-6-3-2 1-4-6-3-3 1-4-6-4 1-4-7 1-4-7-1 1-4-7-2 1-4-7-3 1-4-7-4 1-4-8 1-4-8-1 1-4-8-2 1-4-8-3 1-4-9 1-5 1-5-1 1-5-1-1 1-5-2 1-5-2-1

Signaling Procedures

6-59

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

1-5-2-2 1-5-3 1-6 1-7 2 2-1 2-2 3 4 ENDIF.

Include the SMS_AccessDeniedReason parameter set to Postponed. ENDIF. Send a RETURN RESULT.

ELSE (message cannot be processed): Include the Error Code parameter set to the proper value (see the following table). Send a RETURN ERROR. ENDIF. Exit this task.

CDMA-OTA

6-60

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

5.C1 OTAF ATTACHMENT WITH SERVING MSC

5.C1.1 MSC Obtaining a TRN

When the MSC determines that a TRN is required: 1 IF the MSC administers TRNs itself: 1-1 IF a TRN is available: 1-1-1 Assign a TRN. 1-1-2 Include the TRN. 1-1-3 Return to the calling task. 1-2 ELSE: 1-2-1 Return to the calling task with an unsuccessful indication. 1-3 ENDIF. 2 ELSE (the MSC obtains TRNs from the OTAF): 2-1 Include the BillingID parameter set to identify the OTASP call. 2-2 Include the Digits (Dialed) parameter set to the digits received from the MS. 2-3 Include the ElectronicSerialNumber parameter set to the ElectronicSerialNumber received from the MS. 2-4 Include the MobileIdentificationNumber MSID parameter set to MobileIdentificationNumber either MIN or IMSI received from the MS. 2-5 Include the MSCID parameter set to the identity of the MSC. 2-6 Include TransactionCapability parameter set to indicate that the TerminationList is not supported. 2-7 Send a FeatureRequest INVOKE to the OTAF associated with the MSC. 2-8 Start the Feature Request Response Timer (FRRT). 2-9 WAIT for Feature Request response: 2-10 WHEN a RETURN RESULT is received: 2-10-1 Stop timer (FRRT). 2-10-2 IF the message can be processed: 2-10-2-1 IF Digits (Destination) parameter is received: 2-10-2-1-1 Use the destination digits as TRN. 2-10-2-1-2 Include the TRN as CalledPartyNumber. 2-10-2-1-3 Return to the calling task. 2-10-2-2 ELSE: 2-10-2-2-1 Return to the calling task with an unsuccessful indication. 2-10-2-3 ENDIF. 2-10-3 ELSE (the message cannot be processed): 2-10-3-1 Return to the calling task with an unsuccessful indication. 2-10-4 ENDIF. 2-11 WHEN a RETURN ERROR or REJECT is received: 2-11-1 Stop timer (FRRT). 2-11-2 Return to the calling task with an unsuccessful indication. 2-12 WHEN timer (FRRT) expires:

Signaling Procedures

6-61

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

2-12-1 Return to the calling task with an unsuccessful indication. 2-13 ENDWAIT. 3 ENDIF.

CDMA-OTA

6-62

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

5.C1.2 OTAF Initiating an SMDPP INVOKE to Attach with Serving MSCUpon

request by the CSC to attach with the Serving MSC (the request must include the TRN), the OTAF shall do the following: 1 2 2-1 3 3-1 4 5 Allocate an Activation_MIN value to the transaction. IF no Activation_MIN value is available: Return failure indication to CSC. ELSE: Mark the Activation_MIN as busy. ENDIF. Identify Serving MSC's address. The OTAF may translate the received TRN value to the Serving MSC address and save its result for subsequent communication with the MSC. IF Serving MSC address is not found: Release the Activation_MIN. Return failure indication to CSC. ENDIF. Include the SMS_BearerData parameter with its length set to zero. Include the SMS_TeleserviceIdentifier parameter with its length set to 0.

6 6-1 6-2 7 8 9

10 Include the MobileIdentificationNumber parameter set to the Activation_MIN value. 11 Include the ServiceIndicator parameter set to the CDMA OTASP Service value. 12 Include the ActionCode parameter set to indicate "Attach MSC to OTAF". 13 Include the TRN parameter set to the value received from the CSC. 14 Send an SMDPP INVOKE towards the Serving MSC. 15 Start the SMDPP timer (SMTcs). 16 WAIT for an SMDPP response: 17 WHEN a RETURN RESULT is received: 17-1 17-2 17-2-1 17-3 17-3-1 17-3-1-1 17-3-1-2 17-3-2 17-3-3 17-3-3-1 17-3-4 17-3-5 17-3-5-1 17-3-6 Stop the timer (SMTcs). IF the message cannot be processed: Execute the "OTAF Recovery Procedure" task (see 5.C6.1). ELSE: IF the message contains an SMS_CauseCode parameter: Store the SMS_CauseCode. Execute "OTAF Recovery Procedure" task (see 5.C6.1). ENDIF. IF the message contains an ElectronicSerialNumber parameter: Store the ElectronicSerialNumber parameter. ENDIF. IF the message parameter: ENDIF. contains an MobileStationMIN MobileStationMSID

Store the MobileStationMIN MobileStationMSID parameter.

Signaling Procedures

6-63

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

17-3-7 17-3-7-1 17-3-8 17-3-9 17-3-9-1 17-3-10 17-3-11 17-3-11-1 17-3-12 17-3-13 17-4 18-1 18-2 19-1

IF the message contains an SystemCapabilities parameter: Store the SystemCapabilities parameter. ENDIF. IF the message contains an MSCID parameter: Store the MSCID parameter. ENDIF. IF the message contains an AuthorizationDenied parameter or a DenyAccess parameter, or both: Relay the information to the CSC. ENDIF. Notify CSC. ENDIF. Stop the timer (SMTcs). Execute "OTAF Recovery Procedure" task (see 5.C6.1). Execute "OTAF Recovery Procedure" task (see 5.C6.1).

18 WHEN a REJECT is received:

19 WHEN the timer (SMTcs) expires: 20 ENDWAIT. 21 Exit this task.

CDMA-OTA

6-64

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

5.C1.3 MSC Receiving an SMDPP INVOKE to Attach with OTAF

Upon receipt of an SMDPP INVOKE with the ActionCode parameter indicating "Attach MSC to OTAF" and the ServiceIndicator parameter indicates CDMA OTASP service, the MSC shall do the following: 1 1-1 1-1-1 1-1-2 1-1-3 1-1-3-1 1-1-4 1-1-4-1 1-1-4-1 1-1-4-1-1 1-1-4-b 1-1-4-b-1 1-1-4-c 1-1-4-2 1-1-4-3 1-1-4-4 1-1-4-5 1-1-4-5-1 1-1-4-6 1-1-4-6-1 1-1-4-7 1-1-4-8 1-1-4-8-1 1-1-4-9 1-1-4-10 1-1-4-10-1 1-1-4-11 1-1-5 1-2 1-2-1 ELSE: Include the SMS_CauseCode parameter set to indicate Address Translation Failure. ENDIF. IF the received message can be processed: IF the TRN is known AND corresponds to an active OTASP call: Determine MS's MobileIdentificationNumber ElectronicSerialNumber associated with the TRN. Create an OTASPCallEntry. IF OTASPCallEntry could not be created: Include the SMS_CauseCode parameter set to indicate Network Resource Shortage. ELSE: Include the MobileStationMIN MobileIdentificationNumber value. parameter set to MS's MSID and

IF mobile origination contained a MIN value: Include the MobileStationMIN parameter set to the MS's MIN value. ELSEIF mobile origination contained an IMSI value: Include the MobileStationIMSI parameter set to the MS's IMSI value. ENDIF. Include the ElectronicSerialNumber ElectronicSerialNumber value. parameter set to MS's

Include the MSCID parameter set to Serving MSC's MSCID value. Include the SystemCapabilities parameter set to indicate Serving System's authentication capabilities. IF the mobile is operating in an unsupported mode: Set the SMS_CauseCode to Radio Interface Incompatibility. ELSEIF the MS has performed intersystem handoff: Include the SMS_CauseCode parameter set to indicate Network Interface not Supported. ENDIF. IF the AC has denied access to this MS: Include DenyAccess parameter. ENDIF. IF the HLR has denied access to this MS OR the registration attempt was unsuccessful: Include AuthorizationDenied parameter. ENDIF.

Signaling Procedures

6-65

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

1-3 2 2-1 3 4 5

ENDIF. ELSE: Include the SMS_CauseCode parameter set to the proper value. ENDIF. Send an SMDPP RETURN RESULT to the requesting OTAF. Exit this task.

CDMA-OTA

6-66

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

5.C1.4 OTAF Initiating an SMDPP INVOKE to Release TRN

Upon request by the CSC to release TRN, the OTAF shall do the following: 1 2 3 4 5 6 7 8 9 Set the length of the SMS_BearerData parameter to zero. Set the length of the SMS_TeleserviceIdentifier parameter to zero. Include the ElectronicSerialNumber parameter set to the MS's ElectronicSerialNumber value returned from the Serving MSC. Set the MobileIdentificationNumber parameter to the Activation_MIN value. Set the ServiceIndicator parameter to the CDMA OTASP Service value. Set the ActionCode parameter to indicate Release TRN. Send the SMDPP Invoke message to the Serving MSC. Start the SMDPP timer (SMTcs). WAIT for an SMDPP response: Stop the timer (SMTcs). IF the message can not be processed: Execute "OTAF Recovery Procedure" task (see 5.C6.1). ELSE: IF the message contains an SMS_CauseCode parameter: Store the SMS_CauseCode. Execute "OTAF Recovery Procedure" task (see 5.C6.1). ENDIF. Notify CSC. ENDIF: Stop the timer (SMTcs). Execute "OTAF Recovery Procedure" task (see 5.C6.1).

10 WHEN a RETURN RESULT is received: 10-1 10-2 10-2-1 10-3 10-3-1 10-3-1-1 10-3-1-2 10-3-2 10-3-3 10-4 11-1 11-2 12-1

11 WHEN a REJECT is received:

12 WHEN the timer (SMTcs) expires: Execute "OTAF Recovery Procedure" task (see 5.C6.1). 13 ENDWAIT. 14 Exit this task.

Signaling Procedures

6-67

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

5.C1.5 MSC Receiving an SMDPP INVOKE to Release TRN

Upon receipt of an SMDPP INVOKE with the ActionCode parameter indicating Release TRN and the ServiceIndicator parameter indicating CDMA OTASP Service, the MSC shall do the following: 1 1-1 1-1-1 1-2 1-2-1 1-3 2 2-1 3 4 5 ELSE: Set the SMS_CauseCode to proper value. ENDIF. Send an SMDPP RETURN RESULT message to the requesting OTAF. Exit this task. IF the received message can be processed: IF an OTASPCallEntry is found: Release TRN. ELSE: Set the SMS_CauseCode to Address translation Failure. ENDIF.

CDMA-OTA

6-68

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

5.C2 OTAF ATTACHMENT WITH SERVING MSC (ALT)

5.C2.1 OTAF Receiving a FeatureRequest INVOKE (ALT)

When an OTAF receives a FeatureRequest INVOKE, it shall perform the following: 1 1-1 1-1-1 1-1-1-1 1-1-1-2 1-1-1-3 1-1-2 1-1-2-1 1-1-2-1-1 1-1-2-1-2 1-1-2-1-2-1 1-1-2-1-2-2 1-1-2-1-3 1-1-2-1-3-1 1-1-2-1-4 1-1-2-2 1-1-2-2-1 1-1-2-3 1-1-3 1-2 1-2-1 1-3 1-4 2 2-1 3 4 ELSE: Include the FeatureResult parameter set to operation. ENDIF. Send a RETURN RESULT. ELSE (the received message cannot be processed): Send a RETURN ERROR with a proper Error Code value to the requesting MSC. ENDIF. Exit this task. to indicate unsuccessful feature IF the received message can be processed: IF the received Digits (Dialed) parameter contains an OTASP feature code: IF a TRN is available: Assign (or obtain) a TRN. Include the Digits (Destination) parameter set to the TRN. Include the FeatureResult parameter set to operation. ELSE (a TRN is not available): IF there is an alternate OTAF/CSC designated to handle overflow traffic: Execute "OTAF Requesting TRN from an Alternate OTAF" task (see 5.C2.2). IF a TRN is obtained fron the overflow OTAF/CSC: Include the Digits (Destination) parameter set to the TRN. Include the FeatureResult parameter set to successful feature operation. Include the FeatureResult parameter set to unsuccessful feature operation. ENDIF. ELSE (there is no OTAF/CSC designated to handle overflow): Include the FeatureResult parameter set to feature operation. ENDIF. ENDIF. to indicate unsuccessful to indicate to indicate successful feature

ELSE (a TRN is not obtained from the overflow OTAF/CSC): to indicate

Signaling Procedures

6-69

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Table 5.C2.1

OTAF FeatureRequest Response

Problem Detection and Recommended Response from OTAF to MSC

PROBLEM DEFINITION RETURN ERROR Error Code

a a a X X X X X X X d a d c a a a X a a b a d

1

2

3

4

5

6

7

8

Notes

RETURN RESULT AccessDeniedReason

Problem Detections: 1. The requested IS-41 MAP operation is recognized, but not supported, by the receiving OTAF, or the requesting functional entity is not authorized. 2. A required OTAF resource (e.g., internal memory record, the OTAF is fully occupied) is temporarily not available (e.g., congestion). 3. A required resource (e.g., data base access, functional entity) is not presently accessible due to a failure. Human intervention may be required for resolution. 4. A supplied parameter has an encoding problem (e.g., the supplied MobileIdentificationNumber parameter digit values do not meet the BCD specification, the Digits (Dialed) parameter has an inconsistent length, digits in the Digits (Dialed) parameter do no meet the BCD specification). 5. A supplied parameter value is unrecognized or has nonstandard values (e.g., Not used, the supplied Digits (Dialed) parameter contain an unexpected Code 11, Code 12, or ST digit, the supplied Digits (Dialed) parameter is an unexpected length, or a Digits (Dialed) parameter is using an unrecognized value for numbering plan, encoding, or type of digit). 6. An expected, or required, optional parameter (e.g., BillingId MSCID) was not received. 7. The supplied ElectronicSerialNumber parameter is in use for another activation in progress. 8. The MS is AuthorizationDenied (e.g., , , , or ). Notes: a. b. c. d.

This Error Code is not an appropriate OTAF response to a FeatureRequest transaction. It is recommended that an OTAF support FeatureRequest transactions. Only RETURN RESULT operations needing clarification have been included. Include the in question as the FaultyParameter parameter. .

CDMA-OTA

6-70

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

5.C2.2 OTAF Requesting TRN from an Alternate OTAF (ALT)

When an OTAF requires a TRN to be used to direct or redirect an OTASP call to a CSC associated to a different OTAF, it shall perform the following: 1 IF the OTAF had received a FeatureRequest INVOKE for the OTASP call: 1-1 Relay the received BillingID parameter to identify the call on the Originating MSC. 1-2 1-3 1-4 1-5 1-6 1-6-1 1-7 1-8 1-9 1-10 1-11 Relay the received MobileIdentificationNumber MSID parameter. Relay the received ElectronicSerialNumber parameter. Relay the received MSCID parameter to identify the Originating MSC. Include the SystemMyTypeCode parameter. IF the PC_SSN parameter is received: Relay the received PC_SSN parameter to address the Originating MSC. ENDIF. Include SenderIdentificationNumber parameter set to the OTAF's identification number. Send a RoutingRequest INVOKE to the OTAF from which a TRN is needed. Start the Routing Request Timer (RRT). WAIT for a Routing Request response.

1-12 WHEN a RETURN RESULT is received: 1-12-1 Stop timer (RRT). 1-12-2 1-12-2-1 1-12-3 1-12-3-1 1-12-3-1-1 1-12-3-1-2 1-12-3-1-3 1-12-3-2 1-12-3-2-1 IF the message cannot be processed: Return to the calling task with an unsuccessful indication. ELSE (the message can be processed): IF Digits (destination) are received): Use the destination digits as TRN. Include the TRN as CalledPartyNumber. Return to the calling task. ELSE: Return to the calling task with an unsuccessful indication.

1-12-3-3 ENDIF. 1-12-4 ENDIF. 1-13 WHEN a RETURN ERROR or REJECT is received: 1-13-1 1-13-2 1-14 1-14-1 Stop timer (RRT). Return to the calling task with an unsuccessful indication. WHEN timer (RRT) expires: Return to the calling task with an unsuccessful indication.

1-15 ENDWAIT. 2 ELSE (no FEATREQ had been received for this OTASP call): 2-1 3 Return to the calling task with an unsuccessful indication. ENDIF.

Signaling Procedures

6-71

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

5.C2.3 OTAF Receiving RoutingRequest INVOKE (ALT)

When an OTAF receives a RoutingRequest INVOKE, it shall perform the following: 1 1-1 1-1-1 1-1-2 1-1-3 1-1-4 1-2 1-2-1 1-3 2 2-1 3 4 IF the received message can be processed: IF a TRN is available: Assign (or obtain) a TRN. Include the Digits (Destination) parameter set to the TRN. Include the MSCID parameter set to the value received in the RoutingRequest INVOKE. Send a RETURN RESULT to the requesting OTAF. ELSE (no TRN is available): Send a RETURN ERROR with Error Code ENDIF. ELSE (the received message cannot be processed): Send a RETURN ERROR with a proper Error Code value to the requesting OTAF. ENDIF. Exit this task. to the requesting OTAF.

CDMA-OTA

6-72

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Table 5.C2.3

OTAF RoutingRequest Response

Problem Detection and Recommended Response from OTAF to OTAF

PROBLEM DEFINITION RETURN ERROR Error Code

a a a a X X X X X X d a d c e e e X e e b a d

1

2

3

4

5

6

7

Notes

RETURN RESULT AccessDeniedReason

Problem Detections: 1. The requested IS-41 MAP operation is recognized, but not supported, by the receiving OTAF, or the requesting functional entity is not authorized. 2. A required OTAF resource (e.g., internal memory record, the OTAF is fully occupied, all TRNs already assigned) is temporarily not available (e.g., congestion). 3. A required resource (e.g., data base access, functional entity) is not presently accessible due to a failure. Human intervention may be required for resolution. 4. A supplied parameter has an encoding problem (e.g., the supplied MobileIdentificationNumber parameter digit values do not meet the BCD specification). 5. A supplied parameter value is unrecognized or has nonstandard values (e.g., Not used). 6. An expected, or required, optional parameter (e.g., SenderIdentificationNumber) was not received. 7. The MS is AuthorizationDenied (e.g., , , , or ).

Notes: a. b. c. d. e.

This Error Code is not an appropriate OTAF response to a RoutingRequest transaction. It is recommended that an OTAF supports RoutingRequest transactions. Only RETURN RESULT operations needing clarification have been included. Include the in question as the FaultyParameter parameter. This AccessDeniedReason is not an appropriate MSC OTAF response to a RoutingRequest transaction.

Signaling Procedures

6-73

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

5.C2.4 OTAF Initiating MSC Redirection of an OTASP Call (ALT)

When an OTAF determines that it should initiate MSC redirection of an OTASP call, it shall perform the following: 1 1-1 1-2 1-2-1 1-2-2 1-2-3 1-2-4 1-2-5 1-2-6 1-2-7 1-2-8 1-2-9 1-2-10 1-2-10-1 1-2-10-2 1-2-10-2-1 1-2-10-2-1-1 1-2-10-2-2 1-2-10-2-3 1-2-10-3 1-2-10-3-1 1-2-10-3-2 1-2-10-4 1-2-11 1-2-11-1 1-2-11-2 1-2-12 1-2-12-1 1-2-12-2 1-2-12-3 1-2-13 1-2-13-1 1-2-13-2 1-2-14 1-3 ENDIF. IF the OTAF had received a FeatureRequest INVOKE for the OTASP call: Execute "OTAF Requesting TRN from an Alternate OTAF" task (see 5.C2.2). IF a TRN is obtained: Include the Digits (Destination) parameter set to the TRN. Relay the received BillingID parameter. Relay the received MobileIdentificationNumber MSID parameter. Relay the received ElectronicSerialNumber parameter. Include the SystemMyTypeCode parameter to identify the manufacturer of the OTAF. Include the SenderIdentificationNumber, parameter set to the OTAF's identification number. Send a RedirectionDirective INVOKE to the Originating MSC associated with the OTASP call. Start the Redirection Directive Timer (RDT). WAIT for a Redirection Directive response: WHEN a RETURN RESULT is received: Stop timer (RDT). IF the message can be processed: IF the call is still connected to the CSC: Direct the CSC to release the call. ENDIF. Exit this task. ELSE (the message cannot be processed): Execute the "Local Recovery Procedures" task (see 3.5.1). Exit this task. ENDIF. WHEN the CSC notifies the OTAF that the call has disconnected: Stop timer (RDT). Exit this task. WHEN a RETURN ERROR or REJECT is received: Stop timer (RDT). Execute the "Local Recovery Procedures" task (see 3.5.1). Exit this task. WHEN timer (RDT) expires: Execute the "Local Recovery Procedures" task (see 3.5.1). Exit this task. ENDWAIT.

CDMA-OTA

6-74

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

2

ENDIF. Originating MSC RedirectionDirective Response for OTASP Problem Detection and Recommended Response from Originating MSC to an OTAF

Table 5.C2.4

PROBLEM DEFINITION RETURN ERROR Error Code

1

2

3

4

5

6

7

8

Notes

X X a a X X X X X X d a d c b a d

RETURN RESULT

Problem Detections: 1 The requested IS-41 MAP operation is recognized, but not supported, by the receiving Originating MSC, or the requesting functional entity is not authorized. 2 A required Originating MSC resource (e.g., internal memory record, MSC is fully occupied) is temporarily not available (e.g., congestion). 3 A required resource (e.g., data base access, functional entity) is not presently accessible due to a failure or the Digits (Destination) parameter received from the HLR is not acceptable. Human intervention may be required for resolution. 4 A supplied parameter value has an encoding problem (e.g., The supplied MobileIdentificationNumber parameter digit values do not meet the BCD specification). 5 A supplied parameter value is unrecognized or has nonstandard values (e.g., Not used, the Originating MSC does not presently have a routed call attempt active for the supplied BillingID parameter). 6 The Originating MSC does not presently have a routed call attempt active for the supplied MobileIdentificationNumber parameter. 7 The Originating MSC has a routed call attempt active for the supplied MobileIdentificationNumber parameter, but the supplied ElectronicSerialNumber parameter does not match the ESN of the routed call. Notes: a. b. c. d.

This Error Code is not an appropriate MSC response to a RedirectionRequest transaction. It is recommended that an Originating MSC supports RedirectionRequest transactions. Only RETURN RESULT operations needing clarification have been included. Include the in question as the FaultyParameter parameter.

Signaling Procedures

6-75

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

5.C3 EXCHANGE OF OTASP DATA

MESSAGES

5.C3.1 OTAF Initiating SMDPP INVOKE for OTASP Data Message Exchange

When triggered (the trigger must include the formatted IS-683 message), the OTAF shall do the following: 1 x x-1 y 2 3 4 a a-1 b c c-1 Include the SMS_BearerData parameter set identical to the OTASP Data message. IF the OTASP Data message encapsulated in the SMS_BearerData parameter is an OTAPA Request Message: Include the ActionCode parameter set to a value of Allocate Resources or a value of Release Resources as appropriate. ENDIF. Include the SMS_TeleserviceIdentifier parameter with its length set equal to zero. Include the ElectronicSerialNumber parameter set to the MS's ElectronicSerialNumber value returned from the Serving MSC. Include the MobileIdentificationNumber parameter set to the Activation_MIN value. IF CDMA OTASP Service: Include the MobileIdentificationNumber parameter set to the Activation_MIN value. ENDIF. IF CDMA OTAPA Service: Include the MSID parameter set to the value of the MS's MIN or IMSI at the start of the OTAPA session. (When the MS has both the MIN & the IMSI at the start of the OTAPA session then the MIN form of the MSID is used.) ENDIF. Include the ServiceIndicator parameter, set to either the CDMA OTASP Service or the CDMA OTAPA Service service value, as appropriate. Send an SMDPP INVOKE to the Serving MSC. Start the SMDPP timer (SMTcx)(x=m, l: depending on the mode of MS operation, the lengths of the OTASP Data Messages being exchanged and the corresponding response time at the MS). WAIT for an SMDPP response: WHEN a RETURN RESULT is received: Stop the timer (SMTcx). IF the message can not be processed: Execute the "OTAF Recovery Procedure" task (see 5.C6.1). ELSE: IF the SMS_CauseCode parameter is present: Relay the SMS_CauseCode value to the invoking task (Failure reason). ELSE: Relay contents of SMS_BearerData parameter to invoking task. ENDIF.

d 5 6 7

8 9 9-1 9-2

9-2-1 9-3 9-3-1 9-3-1-1 9-3-2 9-3-2-1 9-3-3

CDMA-OTA

6-76

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

9-4 10-1 10-2 11-1

ENDIF. Stop the timer (SMTcx). Execute "OTAF Recovery Procedure" task (see 5.C6.1). Execute "OTAF Recovery Procedure" task (see 5.C6.1).

10 WHEN a REJECT is received:

11 WHEN the timer (SMTcx) expires: 12 ENDWAIT. 13 Exit this task.

Signaling Procedures

6-77

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

5.C3.2 MSC Receiving SMDPP INVOKE for OTASP or OTAPA Data Message Exchange

Upon receipt of an SMDPP INVOKE with ServiceIndicator parameter indicating either CDMA OTASP Service or CDMA OTAPA Service AND SMS_BearerData parameter with non-zero length, the MSC shall do the following: 1 1-1 1-1-1 1-1-1-1 1-1-2 1-1-2-1 1-1-2-1-1 1-1-2-2 1-1-2-2-1 1-1-2-2-2 1-1-2-2-3 1-1-2-2-3-1 1-1-2-2-4 1-1-2-2-4-1 1-1-2-2-4-2 1-1-2-2-4-3 1-1-2-2-4-3-1 1-1-2-2-4-3-2 1-1-2-2-4-3-2-1 1-1-2-2-4-3-3 1-1-2-2-4-4 1-1-2-2-4-4-1 1-1-2-2-4-5 1-1-2-2-4-5-1 1-1-2-2-4-6 1-1-2-2-5 1-1-2-3 1-1-3 ENDIF. ENDIF. IF the received message can be processed: IF the OTASPCallEntry is found: IF the MS is operating in an unsupported mode: Include the SMS_CauseCode parameter set to indicate Radio Interface Incompatibility. ELSE: IF the MS performed an intersystem handoff: Include the SMS_CauseCode parameter set to indicate Network Interface not supported. ELSE: Extract the OTASP Data Message from the SMS_BearerData Parameter. Send the OTASP Data Message to the MS. IF the message could not be sent: Include the SMS_CauseCode parameter set to indicate Network Failure ELSE: WAIT for response from the MS (the waiting period must not exceed its associated voice call duration): CASE MS event OF: OTASP Data Message response: Include the SMS_BearerData parameter made identical to the OTASP Data Message. IF the OTASP Data Message transport size limitations: exceeds IS-41 message

Include the SMS_CauseCode parameter set to indicate Encoding Problem. ENDIF. No Layer 2 acknowledgment: Include the SMS_CauseCode parameter set to indicate No Acknowledgment. Reject Order received: Include the SMS_CauseCode parameter set to indicate SMS Termination Denied. ENDCASE. ENDIF.

CDMA-OTA

6-78

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

1-2 1-2-1 1-3 2 2-1 3 4 5 1 1-1 1-2 1-2-1 1-2-1-1 1-2-2 1-2-2-1 1-2-3 1-2-3-1 1-2-4 1-2-4-1 1-2-4-2 1-2-4-3

ELSE: Include the SMS_CauseCode parameter set to indicate Address Translation Failure. ENDIF. ELSE (message can not be processed): Include the SMS_CauseCode set to the proper value. ENDIF. Send an SMDPP RETURN RESULT to the requesting OTAF. Exit this task. IF the received message can be processed: CASE ServiceIndicator parameter value OF: CDMA OTASP Service: IF an OTASPCallEntry is not found: Include the SMS_CauseCode parameter set to Session not active. ELSEIF the MS is operating in an unsupported mode: Include the SMS_CauseCode parameter set to Radio interface incompatibility. ELSEIF the MS has performed an intersystem handoff: Include the interface. ELSE: Extract the OTASP Data Message from the SMS_BearerData parameter. Send the OTASP Data Message to the MS. IF the OTASP Data Message could not be sent: Include the SMS_CauseCode parameter set to Network failure. ELSE: WAIT for response from the MS (the waiting period must not exceed its associated voice call duration): WHEN an OTASP Data Message response is received: IF the OTASP Data Message size limitations: exceeds IS-41 message transport SMS_CauseCode parameter set to Unsupported network

1-2-4-3-1 1-2-4-4 1-2-4-4-1 1-2-4-4-3 1-2-4-4-3-1 1-2-4-4-3-1-1 1-2-4-4-3-2 1-2-4-4-3-2-1 1-2-4-4-3-3 1-2-4-4-4 1-2-4-4-4-1 1-2-4-4-5

Include the SMS_CauseCode parameter set to Encoding problem. ELSE: Include the SMS_BearerData parameter set to the OTASP Data Message. ENDIF. WHEN the MSC determines that no Layer 2 acknowledgment will be received: Include the SMS_CauseCode acknowledgment. WHEN a Reject Order is received: parameter set to No

Signaling Procedures

6-79

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

1-2-4-4-5-1 1-2-4-4-6 1-2-4-5 1-2-5 1-3 1-3-1 1-3-1-1 1-3-1-2 1-3-1-2-1 1-3-1-3 1-3-2 1-3-2-1 1-3-2-2 1-3-2-2-1 1-3-2-3 1-3-3 1-3-3-1 1-3-3-1-1 1-3-3-1-1-1 1-3-3-1-1-1-1 1-3-3-1-1-1-2 1-3-3-1-1-1-3 1-3-3-1-1-2 1-3-3-1-1-3 1-3-3-1-1-3-1 ENDIF.

Include the SMS_CauseCode termination denied. ENDWAIT. ENDIF.

parameter

set

to

Service

CDMA OTAPA Service: IF the MS is operating in an unsupported mode: Include the SMS_CauseCode parameter set to Radio interface incompatibility. IF an OTAPA session is currently in progress: Release the MS from the traffic channel, if not on a call (or other service operation occurring in the Conversation Substate). ENDIF. ELSEIF the MS has performed an intersystem handoff: Include the interface. SMS_CauseCode parameter set to Unsupported network

IF an OTAPA session is currently in progress: Release the MS from the traffic channel, if not on a call (or other service operation occurring in the Conversation Substate). ENDIF. ELSE: IF the ActionCode parameter is present: IF the ActionCode parameter indicates Allocate Resources: IF an OTAPA session is currently in progress OR an incompatible call type is currently in progress: Include the SMS_CauseCode parameter set to Destination busy. Send an SMDPP RETURN RESULT to the requesting OTAF. Exit this task. ENDIF. IF the mobile is idle: Allocate a traffic channel to enable the delivery of OTASP Data messages to the MS and retain the traffic channel until further instructions. IF a traffic channel is not successfully allocated: Include the SMS_CauseCode parameter set to the appropriate value (e.g., No page response). Send an SMDPP RETURN RESULT to the requesting OTAF. Exit this task. ENDIF. ENDIF. ELSE (ActionCode parameter is not Allocate Resources):

1-3-3-1-1-3-2 1-3-3-1-1-3-2-1 1-3-3-1-1-3-2-2 1-3-3-1-1-3-2-3 1-3-3-1-1-3-3 1-3-3-1-1-4 1-3-3-1-2

CDMA-OTA

6-80

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

1-3-3-1-2-1 1-3-3-1-2-1-1 1-3-3-1-2-1-2 1-3-3-1-2-1-3 1-3-3-1-2-2 1-3-3-1-2-2-1 1-3-3-1-2-2-2 1-3-3-1-2-2-3 1-3-3-1-2-3 1-3-3-1-3 1-3-3-2 1-3-3-2-1 1-3-3-2-1-1 1-3-3-2-1-2 1-3-3-2-1-3 1-3-3-2-2 1-3-3-3 1-3-3-4 1-3-3-5 1-3-3-6 1-3-3-6-1 1-3-3-7 1-3-3-7-1 1-3-3-7-3 1-3-3-7-3-1 1-3-3-7-3-1-1 1-3-3-7-3-2 1-3-3-7-3-2-1 1-3-3-7-3-3 1-3-3-7-4 ENDIF.

IF the ActionCode parameter does not indicate Release Resources1: Include the SMS_CauseCode parameter set to Unexpected parameter value. Send an SMDPP RETURN RESULT to the requesting OTAF. Exit this task. ELSEIF an OTAPA session for the MS is not currently in progress. Include the SMS_CauseCode parameter set to Session not active. Send an SMDPP RETURN RESULT to the requesting OTAF. Exit this task. ENDIF. ENDIF. ELSE (ActionCode parameter is not present): IF OTAPA session for the MS is not currently in progress: Include the SMS_CauseCode parameter set to Session not active. Send an SMDPP RETURN RESULT to the requesting OTAF. Exit this task. ENDIF. Extract the OTASP Data Message from the SMS_BearerData parameter. Send the OTASP Data Message to the MS. IF the OTASP Data Message could not be sent: Include the SMS_CauseCode parameter set to Network failure. ELSE: WAIT for response from the MS (the waiting period must not exceed its associated traffic channel duration): WHEN an OTASP Data Message response is received: IF the OTASP Data Message size limitations: exceeds IS-41 message transport

Include the SMS_CauseCode parameter set to Encoding problem. ELSE: Include the SMS_BearerData parameter set to the OTASP Data Message. ENDIF. WHEN the MSC determines that no Layer 2 acknowledgment will be received:

1

The only ActionCode parameter values expected with an SMS_BearerData parameter for CDMA OTAPA are Allocate Resources and Release Resources.

Signaling Procedures

6-81

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

1-3-3-7-4-1 1-3-3-7-5 1-3-3-7-5-1 1-3-3-7-6 1-3-3-8 1-3-3-9 1-3-3-9-1 1-3-3-10 1-3-4 1-4 1-4-1 1-5 2 2-1 3 4 5 ENDIF. DEFAULT

Include the SMS_CauseCode acknowledgment. WHEN a Reject Order is received: Include the SMS_CauseCode termination denied. ENDWAIT. ENDIF.

parameter

set

to

No

parameter

set

to

Service

IF the ActionCode parameter is present AND indicates Release Resources: Release the MS from the traffic channel, if not on a call. ENDIF. (unexpected ServiceIndicator parameter value):

Include the SMS_CauseCode parameter set to Unexpected parameter value. ENDCASE (of ServiceIndicator parameter value).

ELSE (message can not be processed): Include the SMS_CauseCode parameter set to an appropriate value. ENDIF. Send an SMDPP RETURN RESULT to the requesting OTAF. Exit this task.

CDMA-OTA

6-82

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

5.C4 MSC PROCEDURE TRIGGERS FOR OTASP

5.C4.1 OTAF Initiating SMDPP INVOKE for MS Registration

When triggered (the trigger must include the newly assigned MobileIdentificationNumber MSID value), the OTAF shall do the following: 1 2 3 4 a a-1 b c c-1 d u u-1 v x x-1 x-1-1 x-2 x-2-1 x-3 y 5 6 7 8 9 ENDIF. Include the ServiceIndicator parameter set to either the CDMA OTASP Service or the CDMA OTAPA Service value, as appropriate. Include the ActionCode parameter set to indicate Initiate Registration Notification. Include the NewlyAssignedMIN parameter set to the MIN value received from the CSC. Send an SMDPP INVOKE to the Serving MSC. Start the SMDPP timer (SMTcm). Include the SMS_BearerData parameter with its length set equal to zero. Include the SMS_TeleserviceIdentifier parameter with its length set equal to zero. Include the ElectronicSerialNumber parameter set to the MS's ElectronicSerialNumber value returned from the Serving MSC. Include the MobileIdentificationNumber parameter set to the Activation_MIN value. IF the MIN has been assigned: Include the NewlyAssignedMIN parameter set to the MIN value. ENDIF. IF the IMSI has been assigned: Include the NewlyAssignedIMSI parameter set to the IMSI value. ENDIF. IF CDMA OTASP Service: Include the MobileIdentificationNumber parameter set to the Activation_MIN value. ENDIF. IF CDMA OTAPA Service: IF the MS has MIN at the start of the session: Include the MobileIdentificationNumber parameter set to the MS's MIN. ELSE: Include the IMSI parameter set to the MS's IMSI. ENDIF.

10 WAIT for an SMDPP response: 11 WHEN a RETURN RESULT is received: 11-1 11-2 11-2-1 11-3 Stop the timer (SMTcm). IF the message can not be processed: Execute the "OTAF Recovery Procedure" task (see 5.C6.1). ELSE:

Signaling Procedures

6-83

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

11-3-1 11-3-2 11-3-3 11-3-4 11-3-5 11-3-6 11-4 12-1 12-2 13-1

IF the message contains an SMS_CauseCode parameter: Record the failure result and the SMS_CauseCode value. ELSE: Record the successful result. ENDIF. Return the results to the invoking task. ENDIF. Stop the timer (SMTcm). Execute "OTAF Recovery Procedure" task (see 5.C6.1). Execute "OTAF Recovery Procedure" task (see 5.C6.1).

12 WHEN a REJECT is received:

13 WHEN the timer (SMTcm) expires: 14 ENDWAIT. 15 Exit this task.

CDMA-OTA

6-84

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

5.C4.2 MSC Receiving SMDPP INVOKE for Registration of MS

Upon receipt of an SMDPP INVOKE with the ActionCode parameter indicating Initiate Registration Notification and the ServiceIndicator parameter indicates either CDMA OTASP Service or CDMA OTAPA Service, the MSC shall do the following: 1 1-1 1-1-1 1-1-a 1-1-a-1 1-1-a-2 1-1-a-2-1 1-1-a-3 1-1-b 1-1-2 1-1-3 1-1-3-1 1-1-4 1-1-4-1 1-1-5 1-1-6 1-1-7 1-1-7-1 1-1-8 1-1-9 1-2 1-2-1 1-3 2 2-1 3 4 5 ENDIF. Execute "MSC Initiating MS Registration" task (see 4.38.1). IF the previous task was unsuccessful: Set the SMS_CauseCode to indicate Other Network Problem. ELSE: Include the AuthorizationDenied parameter if received. ENDIF. Execute "MSC initiating an MS Inactive" task (see 4.30.1). IF the previous task was unsuccessful: Set the SMS_CauseCode to indicate Other Network Problem. ENDIF. Include SMS_CauseCode parameter if set during this procedure. ELSE (OTASPCallEntry could not be found): Send an SMDPP RETURN RESULT to the OTAF with SMS_CauseCode parameter set to indicate Address translation Failure.Session not active ENDIF. ELSE (message can not be processed): Include the SMS_CauseCode parameter set to the proper value. ENDIF. Send the SMDPP RETURN RESULT to the requesting OTAF. Exit this task. IF the received message can be processed: IF the OTASPCallEntry is found OR (IF the ServiceIndicator parameter indicates CDMA OTAPA Service AND IF an OTAPA session is active): Record the received NewlyAssignedMIN value(s). or NewlyAssignedIMSI or both

IF a successful registration had occured with the old MSID: Execute "MSC initiating an MS Inactive" task (see 4.30.1). IF the previous task was unsuccessful: Set the SMS_CauseCode to indicate Other Network Problem. ENDIF.

Signaling Procedures

6-85

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

5.C4.3 OTAF Initiating SMDPP INVOKE to Record New MIN MSID

When triggered (the trigger must include the newly assigned MobileIdentificationNumber or IMSI or both value(s) ), the OTAF shall do the following: 1 2 3 4 a a-1 b c c-1 Include the SMS_BearerData parameter with its length set equal to zero. Include the SMS_TeleserviceIdentifier parameter with its length set equal to zero. Include the ElectronicSerialNumber parameter set to the MS's ElectronicSerialNumber value returned from the Serving MSC. Include the MobileIdentificationNumber parameter set to the Activation_MIN value. IF CDMA OTASP Service: Include the MobileIdentificationNumber parameter set to the Activation_MIN value. ENDIF. IF CDMA OTAPA Service: Include the MSID parameter set to the value of the MS's MIN or IMSI at the start of the OTAPA session. (When the MS has both the MIN & the IMSI at the start of the OTAPA session then the MIN form of the MSID is used.) ENDIF. Include the ServiceIndicator parameter, set to either the CDMA OTASP Service or the CDMA OTAPA Service value, as appropriate. Include the ActionCode parameter set to indicate Record NEWMIN NEWMSID. Include the NewlyAssignedMIN parameter set to the MobileIdentificationNumber value received from the CSC. IF the MIN has been assigned: Include the NewlyAssignedMIN parameter set to the MIN value. ENDIF. IF the IMSI has been assigned: Include the NewlyAssignedIMSI parameter set to the IMSI value. ENDIF. Send an SMDPP INVOKE to the Serving MSC. Start the SMDPP timer (SMTcs).

d 5 6 7 u u-1 v w w-1 x 8 9

10 WAIT for an SMDPP response: 11 WHEN a RETURN RESULT is received: 11-1 11-2 11-2-1 11-3 11-3-1 11-3-1-1 11-3-2 11-3-2-1 11-3-3 Stop the timer (SMTcs). IF the message can not be processed: Execute the "OTAF Recovery Procedure" task (see 5.C6.1). ELSE: IF the message contains an SMS_CauseCode parameter: Record the failure result and the SMS_CauseCode. ELSE: Record the successful result. ENDIF.

CDMA-OTA

6-86

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

11-3-4 11-4 12-1 12-2 13-1

Relay the results to invoking task. ENDIF. Stop the timer (SMTcs). Execute "OTAF Recovery Procedure" task (see 5.C6.1). Execute "OTAF Recovery Procedure" task (see 5.C6.1).

12 WHEN a REJECT is received:

13 WHEN the timer (SMTcs) expires: 14 ENDWAIT. 15 Exit this task.

Signaling Procedures

6-87

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

5.C4.4 MSC Receiving SMDPP INVOKE to Record NEW MIN MSID

Upon receipt of an SMDPP INVOKE with the ActionCode parameter indicating Record NEWMIN NEWMSID and the ServiceIndicator parameter indicates either CDMA OTASP Service or CDMA OTAPA Service, the MSC shall do the following: 1 1-1 1-1-1 1-1-1 1-1-1-1 1-1-2 1-1-3 1-1-3-1 1-1-4 1-2 1-2-1 1-3 2 2-1 3 4 5 ELSE: Send an SMDPP RETURN RESULT to the OTAF with SMS_CauseCode parameter set to indicate Address translation Failure Session not active. ENDIF. ELSE (message can not be processed): Include the SMS_CauseCode parameter set to the proper value. ENDIF. Send the SMDPP RETURN RESULT to the requesting OTAF. Exit this task. IF the received message can be processed: IF the OTASPCallEntry is found OR (IF the ServiceIndicator parameter indicates CDMA OTAPA Service AND IF an OTAPA session is active): Record the received NewlyAssignedMIN value. IF NewlyAssignedMIN is received: Record the received NewlyAssignedMIN value. ENDIF. IF NewlyAssignedIMSI is received: Record the received NewlyAssignedIMSI value. ENDIF.

CDMA-OTA

6-88

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

5.C5 CSC TRIGGERS TO EXECUTE OTASP PROCEDURES

5.C5.1 CSC Trigger for OTASP Data Message Exchange

When triggered, the OTAF shall do the following: 1 2 3 3-1 4 4-1 5 6 Format the appropriate OTASP Data message as instructed by the CSC.

Execute "OTAF Initiating SMSDeliveryPointToPoint INVOKE for OTASP Data Message Exchange" task (see 5.C3.1). IF the previous task was successful: Parse the response and relay results to the CSC. ELSE: Indicate failure to the CSC. ENDIF. Exit this task.

Signaling Procedures

6-89

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

5.C5.2 CSC Trigger for OTASP for A-key Generation

When triggered, the OTAF shall do the following: 1 2 2-1 2-2 3 4 4-1 4-2 5 6 7 8 8-1 8-2 9 Execute "OTAF Initiating OTASPRequest INVOKE" task (see 5.C7.1), using ActionCode value Generate Public Encryption Values. IF the previous task was unsuccessful: Indicate failure to the CSC. Exit this task. ENDIF. IF OTASP_ResultCode is received: Relay information contained therein to the CSC. Exit this task. ENDIF. Format the MS Key Request message. Execute "OTAF Initiating SMSDeliveryPointToPoint INVOKE for OTASP Data Message Exchange" task (see 5.C3.1). IF the previous task was unsuccessful: Indicate failure to the CSC. Exit this task. ENDIF. Relay information contained therein to the CSC. Exit this task.

10 IF SMS_CauseCode is received: 10-1 10-2

11 ENDIF. 12 Parse received MS Key Response message. 13 IF an Error is detected: 13-1 13-2 Relay this information to the CSC. Exit this task. message.

14 ENDIF. 15 Format the Key Generation Request 16 Execute "OTAF Initiating SMSDeliveryPointToPoint INVOKE for OTASP Data Message Exchange" task (see 5.C3.1). 17 IF the previous task was unsuccessful: 17-1 17-2 Indicate failure to the CSC. Exit this task.

18 ENDIF. 19 IF SMS_CauseCode is received: 19-1 19-2 Relay information contained therein to the CSC. Exit this task.

20 ENDIF. 21 Parse received Key Generation Response message. 22 IF an Error is detected:

CDMA-OTA

6-90

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

22-1 22-2

Relay this information to the CSC. Exit this task.

23 ENDIF. 24 Execute "OTAF Initiating OTASPRequest INVOKE" task (see 5.C7.1), using the ActionCode value Generate A-key. 25 IF the previous task was unsuccessful: 25-1 25-2 Indicate failure to the CSC. Exit this task.

26 ENDIF. 27 IF OTASP_ResultCode is received: 27-1 28-1 28-2 Relay information contained therein to the CSC. Execute "OTAF Initiating OTASPRequest INVOKE" task (see 5.C7.1) using ActionCode value Perform SSD Update. Relay received information to the CSC. 28 ELSE:

29 ENDIF. 30 Exit this task.

Signaling Procedures

6-91

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

5.C5.3 CSC Trigger for OTASP for Perform SSD Update

When triggered, the OTAF shall do the following: 1 2 2-1 2-2 3 4 5 Execute "OTAF Initiating OTASPREQ INVOKE" task (see 5.C7.1) using ActionCode value Perform SSD Update procedure. IF the previous task was unsuccessful: Indicate failure to the CSC. Exit this task. ENDIF. Relay all received information to the CSC. Exit this task.

CDMA-OTA

6-92

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

5.C5.4 CSC Trigger for OTASP for Perform Reauthentication

When triggered, the OTAF shall do the following: 1 2 3 3-1 3-2 4 5 5-1 5-2 6 7 8 8-1 8-2 9 Format the Re-Authenticate Request message. Execute "OTAF Initiating SMSDeliveryPointToPoint INVOKE for OTASP Data Message Exchange" task (see 5.C3.1). IF the previous task was unsuccessful: Indicate failure to the CSC. Exit this task. ENDIF. IF SMS_CauseCode is received: Relay information contained therein to the CSC. Exit this task. ENDIF. Parse received Re-Authenticate Response message. IF an Error is detected: Relay this information to the CSC. Exit this task. ENDIF.

10 Execute "OTAF Initiating OTASPRequest INVOKE" task (see 5.C7.1), using ActionCode value Perform Re-Authentication. 11 IF the previous task was unsuccessful: 11-1 11-2 Indicate failure to the CSC. Exit this task.

12 ENDIF. 13 Relay all received information to the CSC. 14 Exit this task.

Signaling Procedures

6-93

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

5.C6 OTAF RECOVERY

5.C6.1 OTAF Recovery Procedure

When the OTAF detects an abnormal condition, it may perform the following actions as determined by internal algorithms and the specific condition encountered. 1 2 2-1 3 3-1 4 5 5-a 5-a-1 Record the abnormal condition. IF the OTASP call or OTAPA session is recoverable: Take proper action. ELSE: Report the failure to the CSC. ENDIF. IF the OTASP call or OTAPA session is lost: IF an OTASPREQ has been previously sent to the HLR during this OTASP call or OTAPA session: Execute "OTAF Initiating OTASPREQ INVOKE for `End OTASP Session' " task (see 5.C12.1 5.C7.1) with the ActionCode set to indicate Release Resources. For OTASP, Release the Activation_MIN. ENDIF. ENDIF. Exit this task.

5-a-2 5-b 6 7

CDMA-OTA

6-94

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

5.C7 OTASPREQUEST

The OTASPRequest operation triggers the AC to initiate certain procedures. The ActionCode parameter which is included in the OTASPRequest INVOKE specifies the procedures that the AC shall initiate.

5.C7.1 OTAF Initiating OTASPRequest INVOKE

Upon being triggered, the OTAF shall perform the following: 1 2 a a-1 b c c-1 Include the ElectronicSerialNumber parameter set to the MS's ElectronicSerialNumber value returned from the Serving MSC. Include the MobileIdentificationNumber parameter set to the Activation_MIN value. IF CDMA OTASP Service: Include the MobileIdentificationNumber parameter set to the Activation_MIN value. ENDIF. IF CDMA OTAPA Service: Include the MSID parameter set to the value of the MS's MIN or IMSI at the start of the OTAPA session. (When the MS has both the MIN & the IMSI at the start of the OTAPA session then the MIN form of the MSID is used.) ENDIF. Include the ServiceIndicator parameter set, either to CDMA OTASP Service value or CDMA OTAPA Service value, as appropriate Service value. Include the ActionCode parameter set to indicate the procedures that the AC shall initiate. Include the MobileStationMIN parameter returned from the Serving MSC. Include the MobileStationMSID parameter for CDMA OTASP but not for CDMA OTAPA. Only use the MSIMSI form of the MS_MSID if the IMSI_T was received from the MS at OTASP call origination and a MIN is not programmed in the MS. CASE ActionCode OF: Generate Public Encryption Values: Include the AKeyProtocolVersion parameter set to MS-supported A-key protocol version(s) value(s). Generate A-key: Include the MobileStationPartialKey parameter received from the MS. Perform SSD Update Procedure: For CDMA OTASP, include Include the MSCID parameter set to the Serving System's MSCID value. For CDMA OTASP, include Include the SystemCapabilities parameter set to indicate Serving System's authentication capabilities returned from Serving MSC. Perform Re-authentication Procedure: Include the AuthenticationData parameter set to the value received from the MS. Include the RandomVariable parameter set to the value sent to the MS from the OTAF.

d 3 4 4-1 x

5 6 6-1 7 7-1 8 8-1 8-2 9 9-1 9-2

Signaling Procedures

6-95

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

9-3 9-4 9-5 9-6

Include the AuthenticationResponse parameter set to the value received from the MS. Include the CallHistoryCount parameter set to the value received from the MS. For CDMA OTASP, include Include the MSCID parameter set to the Serving System's MSCID value. For CDMA OTASP, include Include the SystemCapabilities parameter set to indicate Serving System's authentication capabilities returned from Serving MSC. IF a NewlyAssignedMIN parameter is assigned to the MS during this OTASP session: Include the NewlyAssignedMIN parameter set to the new Mobile Identification Number value. ENDIF. IF CDMA OTASP Service or CDMA OTAPA Service: IF a new MIN has been assigned to the MS: Include the NewlyAssignedMIN form of the NewlyAssignedMSID parameter, set to the value of the new MIN. ELSEIF a new IMSI has been assigned to the MS: IF the MS has no MIN or the MS's existing MIN is being erased: Include the NewlyAssignedIMSI form of the NewlyAssignedMSID parameter, set to the value of the new IMSI. ENDIF. ENDIF. ENDIF. NOTE: There are no other parameters included. Signature: Include the RandomVariableBaseStation parameter set to a value as received from MS used to challenge the network.

10 Commit A-key: 10-1 10-1-1 10-2 10-1 10-1-1 10-1-1-1 10-1-2 10-1-2-1 10-1-2-1-1 10-1-2-2 10-1-3 10-2 11-1 a a-1

11 Release Resources: Generate Authentication

12 ENDCASE. 13 Send an OTASPRequest INVOKE to the appropriate HLR. 14 Start the OTASPRequest Timer (OTARTcx), (x=s, l: depending on the ActionCode value). 15 WAIT for an OTASPRequest response: 16 WHEN a RETURN RESULT is received: 16-1 16-2 16-2-1 16-2-2 16-3 16-3-1 16-4 17-1 Stop timer (OTARTcx). IF the message can be processed: Indicate success and relay all received parameters to the invoking task. Exit this task. ELSE: Execute "OTAF Recovery Procedures" task (see 5.C6.1). ENDIF. Stop timer (OTARTcx).

17 WHEN a RETURN ERROR or REJECT is received:

CDMA-OTA

6-96

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

17-2 18-1

Execute "OTAF Recovery Procedures" task (see 5.C6.1).

18 WHEN timer (OTARTcx) expires: Execute "OTAF Recovery Procedures" task (see 5.C6.1). 19 ENDWAIT. 20 Indicate failure to invoking task. 21 Exit this task.

Signaling Procedures

6-97

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

5.C7.2 HLR Receiving an OTASPREQ INVOKE

When an HLR receives an OTASPREQ INVOKE from the OTAF with the ServiceIndicator parameter indicating either CDMA OTASP Service or CDMA OTAPA Service, it shall perform the following: 1 1-1 1-2 2 a a-1 a-2 b 3 3 3-1 3-2 3-2-1 3-2-1-1 3-2-2 3-2-2-1 3-2-2-2 3-2-2-2-1 3-2-2-2-2 3-2-2-3 3-2-2-4 IF the received mesage cannot be processed: Send a RETURN ERROR with the proper Error Code value (see the following table) to the requesting OTAF. Exit this task. ENDIF. IF the ServiceIndicator is CDMA OTAPA AND no permanent record exists which corresponds to the received MSID value: Send a RETURN ERROR with the Error Code of UnrecognizedMIN or UnrecognizedIMSI to the requesting OTAF. Exit this task. ENDIF. IF no permanent record exists which corresponds to the received MSMIN value: IF the ServiceIndicator parameter indicates CDMA OTASP Service: CASE ActionCode of: Generate Public Encryption Values: IF an OTASPCallEntry exists: Retrieve the network address of the AC. ELSE: Create OTASPCallEntry. IF OTASPCallEntry could not be created: Send a RETURN ERROR with the Error Code of SystemFailure to the requesting OTAF. Exit this task. ENDIF. Store network address of AC. (If there is a permanent record corresponding to the received MS_MSID value, and if there is an AC associated to that record, the address stored should be the address of that AC.) ENDIF. Generate A-key: IF an OTASPCallEntry exists: Retrieve the network address of the AC. ELSE: Include the OTASP_ResultCode UnrecognizedOTASPCallEntry. Exit this task. ENDIF. parameter set to

3-2-3 3-3 3-3-1 3-3-1-1 3-3-2 3-3-2-1 3-3-2-2 3-3-2-3 3-3-3

Send a RETURN RESULT to the requesting OTAF.

CDMA-OTA

6-98

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

3-4 3-4-1 3-4-1-1 3-4-2 3-4-2-1 3-4-2-2

Perform SSD Update Procedure: IF an OTASPCallEntry exists: Retrieve the network address of the AC. ELSE: Create OTASPCallEntry. IF OTASPCallEntry could not be created: Send a RETURN ERROR with the Error Code of SystemFailure to the requesting OTAF. Exit this task. ENDIF. Store network address of AC. (If there is a permanent record corresponding to the received MS_MSID value, and if there is an AC associated to that record, the address stored should be the address of that AC.) ENDIF. Perform Re-Authentication Procedure: IF an OTASPCallEntry exists: Retrieve the network address of the AC. ELSE: Include the OTASP_ResultCode UnrecognizedOTASPCallEntry. Create OTASPCallEntry. Send a RETURN RESULT to the requesting OTAF. IF OTASPCallEntry could not be created: Send a RETURN ERROR with the Error Code of SystemFailure to the requesting OTAF. Exit this task. Exit this task ENDIF. Store network address of AC. (If there is a permanent record corresponding to the received MS_MSID value, and if there is an AC associated to that record, the address stored should be the address of that AC). ENDIF. Commit A-key: IF an OTASPCallEntry exists: Retrieve the network address of the AC. ELSE: Include the OTASP_ResultCode UnrecognizedOTASPCallEntry. Exit this task. ENDIF. Release Resources: parameter set to parameter set to

3-4-2-2-1 3-4-2-2-2 3-4-2-3 3-4-2-4

3-4-3 3-5 3-5-1 3-5-1-1 3-5-2 3-5-2-1 3-5-2-1 3-5-2-2 3-5-2-2 3-5-2-2-1 3-5-2-2-2 3-5-2-3 3-5-2-3 3-5-2-4

3-5-3 3-6 3-6-1 3-6-1-1 3-6-2 3-6-2-1 3-6-2-2 3-6-2-3 3-6-3 3-7

Send a RETURN RESULT to the requesting OTAF.

Signaling Procedures

6-99

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

3-7-1 3-7-2 3-7-2-1 3-7-2-2 3-7-3 3-7-3-1 3-7-3-2 3-7-4 3-8 4 5 6 7 8 9 9-1 9-2 9-2-1 9-2-2 9-3 9-3-1 9-3-2 9-4 10-1 10-2 10-2-1 10-2-2 10-3 10-3-1 10-4 10-5 11-1 11-2 ENDIF.

Retrieve OTASPCallEntry. IF an OTASPCallEntry is found: Retrieve the network address of the AC. Delete the OTASPCallEntry. ELSE: Send a RETURN RESULT to the requesting OTAF. Exit this task. ENDIF. ENDCASE.

Relay all received parameters (for the OTASPRequest INVOKE to be sent to the AC). Send an OTASPREQ INVOKE to the appropriate AC. Start the OTASPRequest Timer Stop timer (OTARTcx), (x=s, l: depending on the ActionCode value). WAIT for an OTASPRequest response: WHEN a RETURN RESULT is received: Stop timer (OTARTcx). IF the message can be processed: Relay all received parameters (for the OTASPRequest RETURN RESULT to be sent to the requesting OTAF). Send a RETURN RESULT to the requesting OTAF. ELSE (the message cannot be processed): Sent a RETURN ERROR to the requesting OTAF with the Error Code indicating SystemFailure. Execute the "Local Recovery Procedures" task (see 3.5.1). ENDIF. Stop timer (OTARTcx). IF a RETURN ERROR is received: Relay the received Error Code. Send a RETURN ERROR to the requesting OTAF. ELSE: Send a RETURN ERROR to the requesting OTAF with the Error Code indicating SystemFailure. ENDIF. Execute the "Local Recovery Procedures" task (see 3.5.1). Send a RETURN ERROR to the requesting OTAF with the Error Code indicating SystemFailure. Execute the "Local Recovery Procedures" task (see 3.5.1).

10 WHEN a RETURN ERROR or REJECT is received:

11 WHEN timer (OTARTcx) expires:

12 ENDWAIT. 13 Exit this task.

CDMA-OTA

6-100

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Table 5.C7.2

HLR OTASPRequest Response

Problem Detection and Recommended Response from HLR to OTAF

PROBLEM DEFINITION RETURN ERROR Error Code

a a a a X X X X X X d,e a d,e c X X X f f f b,e a d,e

1

2

3

4

5

6

7

8

9

10

11

12

Notes

RETURN RESULT DenyAccess OTASP_ResultCode SignalingMessageEncryption Report SSDUpdateReport UniqueChallengeReport VoicePrivacyReport

X X X

f f f

Problem Detections: 1. The requested IS-41 MAP operation is recognized, but not supported, by the receiving HLR, or the requesting functional entity is not authorized. 2. A required HLR resource (e.g., internal memory record, HLR is fully occupied) is temporarily not available (e.g., congestion). 3. A required resource (e.g., data base access, functional entity) is not presently accessible due to a failure. Human intervention may be required for resolution. 4. A supplied parameter has an encoding problem (e.g., the supplied MobileIdentificationNumberparameter digit values do not meet the BCD specification). 5. A supplied parameter value is unrecognized or has nonstandard values (e.g., Not used). 6. An expected, or required, optional parameter was not received. 7. The supplied DenyAccess parameter indicates if the MS fails re-authentication or if there is a COUNT mismatch. 8. The supplied OTASP_ResultCode parameter identifies the reason for an unsuccessful procedure at the AC. 9. The supplied SignalingMessageEncryptionReport parameter provides more information on an unsuccessful attempt by the AC to initiate Signaling Message Encryption at the Serving MSC. 10. The supplied SSDUpdateReport parameter provides more information on an unsuccessful attempt by the AC to initiate SSD Update. 11. The supplied UniqueChallengeReport parameter provides more information on an unsuccessful attempt to perform Unique Challenge with the MS as part of the SSD Update procedure.

Signaling Procedures

6-101

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

12. The supplied VoicePrivacyReport parameter provides more information on an unsuccessful attempt by the AC to initiate Voice Privacy at the Serving MSC.

Notes: a. b. c. d. e. f.

This Error Code is not an appropriate HLR response to a OTASPRequest transaction. It is recommended that an HLR supports OTASPRequest transactions. Only RETURN RESULT operations needing clarification have been included. Include the Parameter Identifierin question as the FaultyParameter parameter. This response may have been originated by the AC. This response shall have been originated by the AC.

CDMA-OTA

6-102

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

5.C7.3 AC Receiving an OTASPREQ INVOKE

When an AC receives an OTASPRequest INVOKE from the HLR with the ServiceIndicator parameter indicating, either CDMA OTASP Service service or CDMA OTAPA Service, it shall perform the following: 1 1-1 1-2 2 3 4 4-1 4-1-1 4-1-2 4-1-2-1 4-1-2-2 4-1-3 4-2 4-3 4-3-1 4-4 4-4-1 4-4-2 4-4-3 4-5 4-6 4-7 4-7-1 4-7-2 4-7-3 4-7-4 4-7-5 4-7-6 4-7-7 4-8 ENDIF. IF one of the received A-key Protocol Versions is supported by the AC: Select and store the AKeyProtocolVersion parameter value that shall be used by the AC. ELSE: Include the OTASP_ResultCode UnsupportedAKeyProtocolVersion. Send a RETURN RESULT to the requesting HLR. Exit this task. ENDIF. Compute Base Station Partial Key value. IF Base Station Partial Key value was successfully computed: Store the ModulusValue BaseStationPartialKey. parameter value used for computing parameter set to IF the received mesage cannot be processed: Send a RETURN ERROR with the proper Error Code value (see the following table) to the requesting HLR. Exit this task. ENDIF. CASE ActionCode of: Generate Public Encryption Values: IF an OTASPCallEntry does not exist: Create OTASPCallEntry. IF OTASPCallEntry could not be created: Send a RETURN ERROR with the Error Code of SystemFailure to the requesting HLR. Exit this task. ENDIF.

Store the exponent value used for computing BaseStationPartialKey. Include the AKeyProtocolVersion parameter set to the protocol version value previously stored by the AC. Include the ModulusValue parameter set to the value used for computing BaseStationPartialKey. Include the PrimitiveValue parameter set to the value used for computing BaseStationPartialKey. Include the BaseStationPartialKey parameter set to the computed Base Station Partial Key value. Send a RETURN RESULT to the requesting HLR. ELSE:

Signaling Procedures

6-103

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4-8-1 4-8-2 4-8-3 4-9 4-10 5 5-1 5-2 5-2-1 5-2-2 5-2-3 5-3 5-4 5-5 5-5-1 5-5-2 5-6 5-6-1 5-6-2 5-6-3 5-7 5-8 6 6-1

Include the OTASP_ResultCode parameter set to ComputationFailure. Send a RETURN RESULT to the requesting HLR. Execute "Local Recovery Procedures" task (see 3.5.1). ENDIF. Exit this task. Retrieve OTASPCallEntry. IF an OTASPCallEntry does not exist: Include the OTASP_ResultCode UnrecognizedOTASPCallEntry. Send a RETURN RESULT to the requesting HLR. Exit this task. ENDIF. Compute A-key using received MobileStationPartialKey parameter value. IF A-key was successfully computed: Store the A-key in the OTASPCallEntry. Send an empty RETURN RESULT to the requesting HLR. ELSE: Include the OTASP_ResultCode ComputationFailure. parameter set to indicate parameter set to

Generate A-key:

Send a RETURN RESULT to the requesting HLR. Execute "Local Recovery Procedures" task (see 3.5.1). ENDIF. Exit this task.

Perform SSD Update Procedure: IF a permanent record exists which corresponds to the received MSMIN MobileStationMSID value (for CDMA OTASP) or the received MSID value (for CDMA OTAPA): IF an OTASPCallEntry exists AND IF the OTASPCallEntry contains an Akey: Retrieve the A-key from the OTASPCallEntry for use during SSD update. ELSE: Retrieve the A-key from the permanent record for use during SSD update. IF the ServiceIndicator parameter indicates CDMA OTASP Service AND IF an OTASPCallEntry does not exist: Create OTASPCallEntry containing a reference to the permanent record. IF an OTASPCallEntry could not be created: Send a RETURN ERROR with the Error Code of SystemFailure to the requesting HLR. Exit this task. ENDIF. ENDIF. ENDIF.

6-1-1 6-1-1-1 6-1-2 6-1-2-1 6-1-2-2 6-1-2-2-1 6-1-2-2-2 6-1-2-2-2-1 6-1-2-2-2-2 6-1-2-2-3 6-1-2-3 6-1-3

CDMA-OTA

6-104

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6-2 6-2-1 6-2-2 6-2-2-1 6-2-2-2 6-2-2-3 6-2-3 6-2-4 6-3 6-4 6-5 6-5-1 6-5-2 6-6 6-6-1 6-7 6-8 7 7-1

ELSE: Retrieve OTASPCallEntry. IF an OTASPCallEntry does not exist: Include the OTASP_ResultCode UnrecognizedOTASPCallEntry. Exit this task. ENDIF. Retrieve the A-key from the OTASPCallEntry for use during SSD update. ENDIF: Execute "AC Initiating AuthenticationDirective INVOKE" task (see 4.1.1) using all received parameters. IF the above task returned with a success indication: Relay all received parameters. Send a RETURN RESULT to the requesting HLR. ELSE: Send a RETURN ERROR to the requesting HLR with the Error Code indicating SystemFailure. ENDIF. Exit this task. Perform Re-Authentication Procedure: IF a permanent record exists which corresponds to the received MSMIN MobileStationMSID value (for CDMA OTASP) or the received MSID value (for CDMA OTAPA): IF an OTASPCallEntry exists AND IF the OTASPCallEntry contains an Akey: IF the OTASPCallEntry contains an SSD: Retrieve the SSD from the OTASPCallEntry for use during ReAuthentication. ELSE: Send a RETURN ERROR with the Error OperationSequenceProblem to the requesting HLR. Exit this task. ENDIF. ELSE: Retrieve the SSD from the permanent record for use during ReAuthentication. IF the ServiceIndicator parameter indicates CDMA OTASP Service AND IF an OTASPCallEntry does not exist: Create OTASPCallEntry containing a reference to the permanent record. IF an OTASPCallEntry could not be created: Send a RETURN ERROR with the Error Code of SystemFailure to the requesting HLR. Exit this task. Code of parameter set to

Send a RETURN RESULT to the requesting HLR.

7-1-1 7-1-1-1 7-1-1-1-1 7-1-1-2 7-1-1-2-1 7-1-1-2-2 7-1-1-3 7-1-2 7-1-2-1 7-1-2-2 7-1-2-2-1 7-1-2-2-2 7-1-2-2-2-1 7-1-2-2-2-2

Signaling Procedures

6-105

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

7-1-2-2-3 7-1-2-3 7-1-3 7-2 7-2-1 7-2-2 7-2-2-1 7-2-2-2 7-2-2-3 7-2-3 7-2-4 7-2-4-1 7-2-5 7-2-5-1 7-2-5-2 7-2-6 7-3 7-4 ENDIF. ELSE: ENDIF.

ENDIF. ENDIF.

Retrieve OTASPCallEntry. IF an OTASPCallEntry does not exist: Include the OTASP_ResultCode UnrecognizedOTASPCallEntry. Exit this task. ENDIF. IF OTASPCallEntry contains SSD: Retrieve the SSD from the OTASPCallEntry for use during ReAuthentication. ELSE: Send a RETURN ERROR with the Error OperationSequenceProblem to the requesting HLR. Exit this task. ENDIF. Execute the Authentication-Signature Generation procedure using received RandomVariable, ElectronicSerialNumber and AuthenticationData parameter values and using the retrieved SSD for the MS. IF the Authentication-Signature Generation procedure result and the received AuthenticationResponse parameter value match: IF a COUNT mismatch is relevant AND the stored count and the received CallHistoryCount parameter value do not significantly match: Include the DenyAccess parameter set to COUNT Mismatch. Send a RETURN RESULT to the requesting HLR. Exit this task. ENDIF. Execute "AC Initiating AuthenticationDirective INVOKE" task (see 4.1.1) using all received parameters. IF the above task was successful: Relay all received parameters. Send a RETURN RESULT to the requesting HLR. ELSE: Send a RETURN ERROR with the Error Code indicating SystemFailure to the requesting HLR. ENDIF. ELSE (AuthenticationResponse received does not match): Include the DenyAccess parameter set to AUTHR mismatch. Send a RETURN RESULT to the requesting HLR. ENDIF. Code of parameter set to

Send a RETURN RESULT to the requesting HLR.

7-5 7-5-1 7-5-1-1 7-5-1-2 7-5-1-3 7-5-2 7-5-3 7-5-4 7-5-4-1 7-5-4-2 7-5-5 7-5-5-1 7-5-6 7-6 7-6-1 7-6-2 7-7

CDMA-OTA

6-106

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

7-8 8 8-1 8-2 8-2-1 8-2-2 8-2-3 8-3 8-a 8-a-1 8-a-1-1 8-a-1-2 8-a-2 8-b 8-4 8-4-1

Exit this task. Commit A-key1: Retrieve OTASPCallEntry. IF OTASPCallEntry is not found: Include the OTASP_ResultCode UnrecognizedOTASPCallEntry. Send a RETURN RESULT to the requesting HLR. Exit this task. ENDIF. IF the OTASPCallEntry contains an A-key: IF the OTASPCallEntry does not contain valid SSD: Send a RETURN ERROR with the Error Code of OperationSequenceProblem to the requesting HLR. Exit this task. ENDIF. ENDIF. IF the received message contains a NEWMIN NewlyAssignedMSID parameter: Store the temporary A-key and SSD (if both are present) into a permanent record corresponding to the received NEWMIN NewlyAssignedMSID and ESN values (permanent record may previously exist or be created by this procedure). ELSE: Store the temporary A-key and SSD (if both are present) into a permanent record corresponding to the received MSMIN MobileStationMSID (for CDMA OTASP) or the received MSID value (for CDMA OTAPA) and ESN values (permanent record may previously exist or be created by this procedure). ENDIF. IF unable to permanently store the A-key and SSD (and possibly SSD): Include the Exit this task. ENDIF. Remove the A-key and, if present, the SSD from the OTASPCallEntry. Send a RETURN RESULT to the requesting HLR. Exit this task. IF an OTASPCallEntry is found: Delete the OTASPCallEntry. ENDIF. OTASP_ResultCode parameter set to Unable to Commit. Send a RETURN RESULT to the requesting HLR. parameter set to

8-5 8-5-1

8-6 8-7 8-7-1 8-7-2 8-7-3 8-8 8-9 8-10 8-11 9 9-1 9-1-1 9-2

1A-key

Release Resources:

generated during an OTASP or OTAPA session can be transferred to a permanent record at the AC using the following procedures. If system policy permits, the AC may remove the old record, if one exists.

Signaling Procedures

6-107

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

9-3 9-4 a a-1 a-1-1 a-2 a-3

Send a RETURN RESULT to the requesting HLR. Exit this task. Generate Authentication Signature: IF ServiceIndicator is set to OTAPA Service: SSD-A is XORed with the MS's A-key and is stored in XOREDSSD1 . ENDIF. Execute the Authentication-Signature Generation procedure using XOREDSSD, received ElectronicSerialNumber and MSID and using the received RANDBS for the MS. Include the AuthenticationResponseBaseStation parameter AuthenticationSignature value generated in above step. Send a RETURN RESULT to the requesting HLR. Exit this task. set to the

a-4 a-5 a-6

10 ENDCASE.

1

This variable is used to store the result of XORing the SSD-A with the MS' A-key.

CDMA-OTA

6-108

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Table 5.C7.3

AC OTASPRequest Response

Problem Detection and Recommended Response from AC to HLR

PROBLEM DEFINITION RETURN ERROR Error Code

a a a X X X X X X X d a d c X X X b a d e

1

2

3

4

5

6

7

8

9

1 0

1 1

1 2

1 3

Notes

RETURN RESULT DenyAccess OTASP_ResultCode SignalingMessageEncryption Report SSDUpdateReport UniqueChallengeReport VoicePrivacyReport

X X X

Problem Detections: 1. The requested IS-41 MAP operation is recognized, but not supported, by the receiving AC, or the requesting functional entity is not authorized. 2. A required AC resource (e.g., internal memory record, HLR is fully occupied) is temporarily not available (e.g., congestion). 3. A required resource (e.g., data base access, functional entity) is not presently accessible due to a failure. Human intervention may be required for resolution. 4. A supplied parameter has an encoding problem (e.g., the supplied MobileIdentificationNumberparameter digit values do not meet the BCD specification). 5. A supplied parameter value is unrecognized or has nonstandard values (e.g., Not used). 6. An expected, or required, optional parameter was not received. 7. The supplied DenyAccess parameter indicates if the MS fails re-authentication or if there is a COUNT mismatch. 8. The supplied OTASP_ResultCode parameter identifies the reason for an unsuccessful procedure at the AC. 9. The supplied SignalingMessageEncryptionReport parameter provides more information on an unsuccessful attempt by the AC to initiate Signaling Message Encryption at the Serving MSC. 10. The supplied SSDUpdateReport parameter provides more information on an unsuccessful attempt by the AC to initiate SSD Update. 11. The supplied UniqueChallengeReport parameter provides more information on an unsuccessful attempt to perform Unique Challenge with the MS as part of the SSD Update procedure.

Signaling Procedures

6-109

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

12. The supplied VoicePrivacyReport parameter provides more information on an unsuccessful attempt by the AC to initiate Voice Privacy at the Serving MSC. 13. The requested action cannot be performed or is not expected in the current state.

Notes: a. b. c. d. e.

This Error Code is not an appropriate AC response to a OTASPRequest transaction. It is recommended that an AC supports OTASPRequest transactions. Only RETURN RESULT operations needing clarification have been included. Include the Parameter Identifierin question as the FaultyParameter parameter. The requested action cannot be performed or is not expected in the current state.

CDMA-OTA

6-110

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

7 OPERATION TIMER VALUES

Table 63 Timer

···

Operation Timer Values (continued) Started when

···

Default (sec.)

···

Normally stopped when Action when timer expires

··· ···

OTARTcs OTASPRequest Timer

30

OTASPRequest OTASPRequest INVOKE is sent RETURN RESULT is with ACTCODE set received. to Generate A-key, Generate Public Encryption Key Values, or Release Resources. OTASPRequest OTASPRequest INVOKE is sent RETURN RESULT is with ACTCODE set received. to Perform SSD Update, Perform Re-Authentication, or Commit A-key.

··· ···

Execute recovery procedures.

OTARTcl OTASPRequest Timer

90

Execute recovery procedures.

···

···

···

SMTcs Short Message Delivery Timer SMTcm Short Message Delivery Timer SMTcl Short Message Delivery Timer

6

30

SMSDeliveryPoint ToPoint INVOKE is sent to the Serving MSC. SMSDeliveryPoint ToPoint INVOKE is sent to the Serving MSC.

SMSDeliveryPoint ToPoint RETURN RESULT is received. SMSDeliveryPoint ToPoint RETURN RESULT is received.

Execute recovery procedures. Execute recovery procedures. Execute recovery procedures.

300

SMSDeliveryPoint SMSDeliveryPoint ToPoint INVOKE is ToPoint RETURN sent to the Serving RESULT is received. MSC.

Signaling Procedures

6-111

CDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4T AUTOMATIC ROAMING OPERATIONS - TDMA

This section applies only to TDMA portion of the OTA enhancements for OTASP and OTAPA. It provides modifications to Section 4 of TIA/EIA-41.3-D "Automatic Roaming Operations". Figure CT shows all the operations (new and existing) that are recommended for TDMA portion of the OTA enhancements.

OTASP Data

BS MSC

ORREQ SMDPP SMSNOT OTAF

SMSNOT SMSREQ OTASPREQ

ASREPORT AUTHDIR BSCHALL OTASPREQ HLR AC

REGNOT

VLR ASREPORT AUTHDIR BSCHALL REGNOT SMSREQ SMSNOT ASREPORT AUTHDIR BSCHALL REGNOT SMSREQ SMSNOT

Figure CT

OTA Related TIA/EIA-41

Operations for TDMA

New operation scenarios for the following operations are included : 1. OriginationRequest (ORREQ) - existing operation 2. RegistrationNotification (REGNOT) - existing operation 3. SMSDeliveryPointToPoint (SMDPP) - existing operation 4. SMSNotification (SMSNOT) - existing operation 5. SMSRequest (SMSREQ) - existing operation 6. OTASPRequest (OTASPREQ) - new operation There are no new TDMA OTA related operation scenarios shown for the existing operations: ASREPORT, AUTHDIR and BSCHALL.

Automatic Roaming Operations

3-1

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.19

OriginationRequest

(TIA/EIA-41.3-D, page 3-86)

The OriginationRequest (ORREQ) operation is used to request call origination treatment on behalf of a registered MS. It is also used for delivering the Serving MSCs routing address to the Desired OTAF in support of OTASP. The following table lists the valid combinations of invoking and responding FEs. Table 19 FE Combinations for ORREQ INVOKING FE Case 1 Case 2 Serving MSC Serving MSC RESPONDING FE HLR OTAF

One of several possible results is returned: 1. 2. Notification that the origination request was successful with routing instructions. Notification that the origination request was unsuccessful with an (optional) indication of the treatment to provide the served MS.

TDMA-OTA

3-2

Automatic Roaming Operations

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.19.T1 Successful Origination Activation

This operation scenario describes the OriginationRequest operation used during an OTASP Activation origination access by either an unprogrammed or previously programmed MS. Implicit with an origination, a Serving MSC sends an ORREQ to the OTAF. This ORREQ includes the routing address of the MSC currently serving the MS.

Serving System MSC ORREQ [MSID, ESN, SMSADDR, DGTSDIAL, TRANSCAP, ORIGTRIG, SYSCAP] Desired OTAF

a

ORT

orreq [TERMLIST] b

Figure 4.19.T1 Successful Origination Activation a. Implicit with an OTASP activation related origination, the MSC sends an ORREQ to the OTAF, containing the following:

Parameters ESN MIN MSID SMSADDR SYSCAP ORIGTRIG DGTSDIAL TRANSCAP Usage MS's ESN. Activation_MIN or real MS. MIN supplied by Type R R R R R R R

Routing address of current Serving MSC. Authentication capabilities of serving system. Indicates the origination trigger responsible for the operation invocation. Digits, entered by user into served MS, which identify this to be a request for OTASP. Indicates the Serving MSC is capable of supporting the TERMLIST parameter.

Note 1: In TDMA, an unactivated mobile station assigns an Activation_MIN. This Activation_MIN is of the form NPA-NXX-xxxx, where NPA = 000, and the NXXxxxx is assigned from the lower digits of a decimal representation of the ESN. The MSC determines the address of the OTAF (e.g., based on the service provider specified by the {MCC + (SID or SOC)} or the DN in the origination *FC sequence). The MSC sends the ORREQ to this OTAF address. b. The OTAF returns an orreq with TerminationList to the MSC.

Parameters TERMLIST Usage Specifies originations are restricted to the CSC. Type R

Automatic Roaming Operations

3-3

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.26

RegistrationNotification

(TIA/EIA-41.3-D, page 3-118)

The RegistrationNotification (REGNOT) operation is used to report the location of an MS and, optionally, to (a) validate the MS or (b) validate the MS and obtain its profile information. It is also used for delivering the Serving MSC's routing address to the Desired OTAF in support of OTASP. The following table lists the valid combinations of invoking and responding FEs. Table 26 FE Combinations for REGNOT INVOKING FE Case 1 Case 2 Case 3 Serving (or Bordering) MSC Serving (or Bordering) VLR Serving (or Bordering) VLR RESPONDING FE Serving (or Bordering) VLR HLR OTAF

One of several possible results is returned: 1. 2. 3. 4. An indication that authorization is confirmed with an indication of the authorization duration (e.g., per call, eight hours, one day). Item 1 along with the MS's calling capabilities (i.e., profile information). Only the MS's calling capabilities. An indication that authorization is denied with reason for denial (e.g., due to an invalid serial number).

TDMA-OTA

3-4

Automatic Roaming Operations

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.26.T1 Activation Registration - Unprogrammed MS: Case 1

This operation scenario describes the RegistrationNotification operation used during an OTASP Activation Registration for an unprogrammed MS for the case where the registration is part of an origination. Implicit with the origination, the Serving MSC sends a REGNOT containing its SMS_Address to the OTAF.

Serving System MSC VLR REGNOT [MSID, ESN, SMSADDR, ServingSystemPointer, SystemInformation] a REGNOT [MSID, ESN, SMSADDR, ServingSystemPointer, SystemInformation] b OTAF

RNT

RNT

regnot [AUTHPER, MYTYPE, DIGITS(Destination), Profile] c

regnot [MYTYPE, DIGITS(Destination), Profile] d

Figure 4.26.T1 Activation Registration - Unprogrammed MS: Case 1

Automatic Roaming Operations

3-5

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

a.

Implicit with an OTASP activation related origination, the MSC sends a REGNOT to the VLR, containing the following:

Parameters ESN MIN MSID SMSADDR ServingSystemPointer: [MSCID] [PC_SSN] SystemInformation: [QUALCODE] [MYTYPE] [SYSACCTYPE] [SYSCAP] Usage MS's ESN. Activation_MIN supplied by the MS and used throughout this activation session (Note 1) Specifies the routing address for an MS-based SME for OATS delivery. Pointer to the Serving System: ID for the Serving MSC. Serving MSC's PC_SSN. Include if SS7 carriage services are used. Serving System specific parameters: Set to Validation and Profile. Specifies the vendor of the MSC. Specifies the system access is for an activation. Specifies the capabilities of the serving system. Type R R R R O O R R R O O

NOTE 1: In TDMA , an unactivated mobile station assigns an Activation_MIN. This Activation_MIN is of the form NPA-NXX-xxxx, where NPA = 000, and the NXXxxxx is assigned from the lower digits of a decimal representation of the ESN. NOTE 2: The ServingSystemPointer macro is required for unprogrammed MSs. b. The VLR forwards the REGNOT to the OTAF. Parameters same as in Step-a. NOTE 3: The MSC determines the address of the OTAF (e.g., based on the service provider specified by the {MCC + (SID or SOC)} or the DN in the origination *FC sequence). The MSC sends the REGNOT to this OTAF address, via the VLR. c. The OTAF returns a regnot to the VLR, containing the following:

Parameters AUTHPER MYTYPE Digits(Destination) Profile: [AUTHCAP] [ORIGIND] [ORIGTRIG] [TERMRES] Usage OTAF confirms the authorization period per call. Specifies the vendor of the OTAF. Specifies originations are restricted to the NPA-NXX-XXXX of the CSC. Subscriber's profile information: Indicates no authentication required. Specifies the MS can originate to a specified NPA-NXX-XXXX. Specifies if an OriginationRequest should be launched to obtain routing information. Specifies terminations are denied. Type R R R R R R R R

d.

The VLR forwards the regnot to the Serving MSC. Parameters same as in Step-c.

TDMA-OTA

3-6

Automatic Roaming Operations

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.26.T2 Activation Registration - Unprogrammed MS: Case 2

This operation scenario describes the RegistrationNotification operation used during an OTASP Activation Registration for unprogrammed MS, for the case where the registration is due to power-up. Upon power-up of the unactivated MS, the Serving MSC sends a REGNOT containing its SMS_Address to the OTAF.

Serving System MSC VLR REGNOT [MSID, ESN, SMSADDR, ServingSystemPointer, SystemInformation] a REGNOT [MSID, ESN, SMSADDR, ServingSystemPointer, SystemInformation] b OTAF

RNT

RNT

regnot [AUTHPER, MYTYPE, DIGITS(Destination), Profile] c

regnot [MYTYPE, DIGITS(Destination), Profile] d

Figure 4.26.T2 Activation Registration - Unprogrammed MS Case 2 a. b. Implicit with the power up of an unactivated MS, the MSC sends a REGNOT to the VLR, with parameters the same as 4.26.T1 Step-a. The VLR forwards the REGNOT to the OTAF, with the same parameters as in 4.26.T1 Step-b. NOTE 1: In order to route to the desired OTAF, the VLR uses a pre-determined OTAF Address. This is required since there is no *FC dialed, as the REGNOT is sent as part of power-up registration, and there exists an association between the OTAF and the serving MSC. c. d. The OTAF returns a regnot to the VLR, with parameters the same as 4.26.T1 Stepc. The VLR forwards the regnot with restricted digits to the Serving MSC with the same parameters as in 4.26.T1 Step-c.

Automatic Roaming Operations

3-7

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.32

SMSDeliveryPointToPoint

(TIA/EIA-41.3-D, page 3-143)

The SMSDeliveryPointToPoint (SMDPP) operation is a general purpose operation that is used to transfer a short message or a teleservice message or in general any other information or encapsulated data from one point to another point and report on the success or failure of that transfer. (For example, as used in TDMA Cellular Messaging Teleservice and TDMA Over-The-Air Activation Teleservice). The following table lists the valid combinations of invoking and responding FEs. Table 32 INVOKING FE Case 1 Case 2 SME MC FE Combinations for SMDPP RESPONDING FE MC or OTAF MC When Message Teleservice message origination Message Teleservice message transition from originating MC control to destination control Message Teleservice message Message origination to delivery delivery

Case 3 Case 4

MC or OTAF or SME SME

SME SME

The SMSDeliveryPointToPoint operation has two variations: 1. 2. Successful transfer of a short teleservice message to another point. Unsuccessful transfer of a short teleservice message to another point.

TDMA-OTA

3-8

Automatic Roaming Operations

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.32.T1 OATS or OPTS Message Sent from OTAF to Serving MSC

This operation scenario describes the use of the SMSDeliveryPointToPoint to send TDMA OATS or OPTS messages from the OTAF to the Serving MSC, which include: · · · · · · · · · · · ·

Desired OTAF

Configuration Data Request Public Encryption Values Key Result Download Request SOC Specific Request MS Specific Request NAM Commit Request CSC Challenge Response OATS Abort IRDB Download Extended IRDB Download Alpha Tag Download

Serving System MSC

SMDPP [MSID, ESN, SMSParameters] a

SMT

smdpp b

Figure 4.32.T1 OATS or OPTS Message Sent from OTAF to Serving MSC a. The OTAF sends an SMDPP with an OATS or OPTS message encapsulated within the SMS_BearerData parameter to the Serving MSC.

Automatic Roaming Operations

3-9

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Parameters MIN MSID

Usage MS's real MIN (previously supplied by the MS to the MSC), or Activation_MIN used for this OTASP session. MS's ESN. Set of SMS parameters: Encapsulation parameter for an air interface OATS or OPTS message. Teleservice Identifier set to the appropriate OATS or OPTS OTASP value. OTAF's address.

Type R

ESN SMSParameters: [SMS_BearerData] [SMS_TID] [SMS_OriginatingAddress]

R R R R R

NOTE 1: The Activation_MIN is used for unprogrammed MSs, and the real MIN MSID is used for MSs that have already been programmed. b. The Serving MSC returns an smdpp to the OTAF as an acknowledgement that the message was received by the MS (note: in TDMA, the smdpp is returned after an RData Accept is received by the Serving MSC).

TDMA-OTA

3-10

Automatic Roaming Operations

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.32.T2 OATS Message Sent from the Serving MSC to the OTAF

This operation scenario describes the use of the SMSDeliveryPointToPoint to send an MS originated OATS teleservice message from the Serving MSC to the OTAF. MS to OTAF TDMA · · · · · · · OATS messages include:

Configuration Data Response MS Encryption Values Key Result Download Response NAM Commit Response CSC Challenge Request OATS Abort

Desired OTAF

Serving System MSC

SMDPP [MSID, ESN, SMSParameters] a

SMT

smdpp b

Figure 4.32.T2 OATS Message Sent from the Serving MSC to the OTAF a. The Serving MSC sends an SMDPP with an OATS message (received from the MS) encapsulated within the SMS_BearerData parameter to the OTAF (note: the OTAF address for delivery of the SMDPP is supplied by the MS over the air interface). Parameters are the same as in 4.32.T1 Step-a, except for the SMS_OriginalAddress parameter which is not required. The OTAF returns an smdpp to the Serving MSC as an acknowledgement that the message was received. (Note: in TDMA, following the receipt of the smdpp, the Serving MSC sends an R-Data Accept (at Layer 3) to the MS to acknowledge the receipt of the OATS message at the OTAF).

b.

Automatic Roaming Operations

3-11

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.33

SMSNotification

(TIA/EIA-41.3-D, page 3-147)

The SMSNotification (SMSNOT) operation is used to report a change in an MS's ability to receive SMS teleservice messages based on the location or status of the MS. This message, at a minimum, is used to report the accessibility of an MS following a postponed SMSRequest or SMSDeliveryPointToPoint. This message may also be used to revoke delivery permission previously granted with either an SMSRequest or an SMSNotification. The following table lists the valid combinations of invoking and responding FEs. Table 33 INVOKING FE Case 1 Case 2 Case 3 HLR MSC VLR FE Combinations for SMSNOT RESPONDING FE MC or OTAF MC or OTAF or VLR HLR When To report a change in an MS's ability to receive SMS teleservice messages. To report a change in an MS's ability to receive SMS teleservice messages. To report a change in an MS's ability to receive teleservice messages.

The SMSNotification operation has two variations: 1. 2. Used to report MS-based SME availability. Used to report MS-based SME unavailability.

TDMA-OTA

3-12

Automatic Roaming Operations

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.33.1

Successful SMSNotification: MS-Based SME Availability Report

This scenario describes the successful use of the SMSNotification operation, conveying the MC Responding Entity the SMS_Address of an MS-based SME.

Invoking Entity FE Responding Entity MC FE SMSNOT [MSID, ESN, SMSADDR, SMS_TID] a

to

SNT

smsnot [ ] b

Figure 78 a.

Successful SMSNotification:

MS-Based SME Availability Report

The Invoking FE detects a change in an MS's status or location indicating the availability of an MS-based SME. The Invoking FE may send an SMSNOT to the responsible MC Responding FE. If the Invoking FE has a pending request for the address of an MS-based SME, it must respond.

Parameters MIN MSID ESN SMSADDR Usage Used to identify the MS. Used to identify the MS. Temporary routing address that can be used to deliver one or more short teleservice messages to the indicated MS. Teleservice Identifier set to the appropriate OATS or OPTS value. Type R R R

SMS_TID

R

b.

The MC Responding FE confirms the receipt of the address by returning an empty smsnot to the Invoking FE.

Automatic Roaming Operations

3-13

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.33.2

Successful SMSNotification: MS-Based SME Unavailability Report

This scenario describes the successful use of the SMSNotification operation, revoking a previously granted permission to send SMS teleservice messages.

Invoking Entity FE Responding Entity MC FE SMSNOT [MSID, ESN, SMSACCDEN] a

SNT

smsnot [ ] b

Figure 79 a.

Successful SMSNotification:

MS-Based SME Unavailability Report

The Invoking FE detects a change in an MS's status or location indicating the unavailability of an MS-based SME previously granted permission to send teleservice messages. The Invoking FE may send an SMSNOT to the responsible MC Responding FE.

Parameters MIN MSID ESN SMSACCDEN Usage Used to identify the MS. Used to identify the MS. Reason why messages cannot be delivered to the MS. Type R R R

b.

The MC Responding FE confirms the receipt of the status change by sending returning an empty smsnot to the Invoking FE.

TDMA-OTA

3-14

Automatic Roaming Operations

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.34

SMSRequest

(TIA/EIA-41.3-D, page 3-149)

The SMSRequest (SMSREQ) operation is used to request a roaming MS's temporary SMS routing address. The following table lists the valid combinations of invoking and responding FEs. Table 34 INVOKING FE Case 1 Case 2 Case 3 MC or OTAF HLR Serving VLR FE Combinations for SMSREQ RESPONDING FE HLR Serving VLR Serving MSC When MS's SMS routing address is required. HLR does not have current address. SMSREQ received by Serving VLR.

The SMSRequest operation has two variations: 1. 2. Successful address request, with address returned. Unsuccessful address request, with reason returned.

Automatic Roaming Operations

3-15

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.34.T1 Successful SMSRequest during OTASP: MS-Based SME

This operation scenario describes the use of the SMSRequest operation during an OTASP session, resulting in the return of the SMS_Address of an MS-based SME to the OTAF.

Destination Home System OTAF HLR Destination Serving System VLR MSC

SMSREQ [MSID, ESN, SMSNOTIND, SMS_TID]

a

SMSREQ [MSID, ESN, SMSNOTIND, SMS_TID] b

SMSREQ [MSID, ESN, SMSNOTIND, SMS_TID] c

SRT

SRT

SRT

smsreq [MIN, ESN, SMSADDR] d

smsreq [MIN, ESN, SMSADDR] e

smsreq [MIN, ESN, SMSADDR] f

Figure 4.34.T1 Successful SMSRequest during OTASP: MS-Based SME a. If the OTAF does not have the current network address of the indicated MS-based SME, it sends an SMSREQ toward the HLR (possibly using SCCP global title translation of the MIN MSID).

TDMA-OTA

3-16

Automatic Roaming Operations

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Parameters MIN MSID ESN SMS_TID

Usage MS's real MIN (previously supplied by the MS to the MSC). MS's ESN. Teleservice Identifier for OTASP. The HLR uses this if an OTA Ddelivery Ppending Fflag is set. Include to instruct the HLR to notify the OTAF when the MS becomes available.

Type R R R

SMSNOTIND

R

b.

If the HLR has the current address of the indicated MS-based SME, proceed to Step-f; otherwise, the HLR forwards the SMSREQ toward the VLR serving the addressed MSbased SME. Parameters are as in Step-a. The VLR forwards the SMSREQ toward the MSC serving the addressed MS-based SME. Parameters are the same as in Step-a. The Serving MSC returns an smsreq to the VLR indicating the current network address that can be associated with the indicated MS-based SME.

Parameters MSID ESN SMSADDR Usage MS's MSID. MS's ESN. Temporary routing address that can be used to deliver OATS or OPTS messages to the MS. Type R R R

c. d.

e. f.

The VLR forwards the smsreq to the requesting HLR. Parameters are the same as in Step-d. The HLR sends an smsreq to the requesting OTAF. Parameters are the same as in Step-d.

4.TT

OTASPRequest

The OTASPRequest (OTASPREQ) operation is used by the OTAF to request the AC to initiate service provisioning procedures and to optionally return appropriate resulting parameters. The following table lists the valid combinations of invoking and responding FEs. Table 4.TT FE Combinations for OTASPREQ

Automatic Roaming Operations

3-17

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

INVOKING FE Case 1 Case 2 OTAF HLR

RESPONDING FE HLR AC

When To initiate service provisioning procedures (at the AC). To convey requests from OTAF to initiate service provisioning procedures.

The OTASPRequest operation is used to accomplish the following: 1. To convey OTAF requests to initiate AC procedures.

TDMA-OTA

3-18

Automatic Roaming Operations

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.TT.1

OTAF Request to Initiate AC Procedures

This operation scenario describes the use of the OTASPRequest operation to initiate AC procedures.

OTAF

HLR

AC

OTASPREQ [MIN, ESN, ACTCODE, SRVIND, ServingSystemPointer, AKEYPV, NEWMSID] a

OTASPREQ [MIN, ESN, ACTCODE, SRVIND, ServingSystemPointer, AKEYPV, NEWMSID] b

OTART

OTART

otaspreq c

otaspreq d

Figure 4.TT.1 OTAF Request to Initiate AC Procedures a. The OTAF sends an OTASPREQ to the HLR with the ActionCode (ACTCODE) parameter requesting the AC to initiate certain procedures (e.g. the AC may be requested to generate public encryption values, generate the A-key, perform SSD updates or perform re-authentication, as indicated by particular values within the ACTCODE parameter).

Parameters MIN ESN ACTCODE ServingSystemPointer: [MSCID] [PC_SSN] AKEYPV NEWMIN NEWMSID SRVIND Usage Activation_MIN for this OTASP session. MS's ESN. Specifies the particular AC procedure to initiate. Pointer to the Serving System: ID for the Serving MSC. Serving MSC's PC_SSN. Include if SS7 carriage services are used. Contains the Electronic Key Exchange procedure protocol version. The MIN that will be assigned to the MS following the activation. Set to TDMA OTASP value. Type R R R RO RO RO O O O

NOTE: The ServingSystemPointer macro is required for unprogrammed MSs.

Automatic Roaming Operations

3-19

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

b. c.

The HLR forwards the OTASPREQ to the AC. Parameters are the same as in Step-a. The AC starts executing the procedure specified in the ACTCODE parameter. The AC returns an otaspreq to the HLR, indicating success and including the results of the particular procedure. On AC failure, the OTASP_ResultCode parameter should be returned in the otaspreq. The HLR forwards the otaspreq to OTAF. Parameters are the same as in Step-c.

d.

TDMA-OTA

3-20

Automatic Roaming Operations

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

5T OVER-THE-AIR SCENARIOS -TDMA (New for TIA/EIA-41-D, Chapter

3)

This section applies only to TDMA portion of the OTA enhancements for OTASP and OTAPA (also called OPTS - Over-the-Air Programming Teleservices). It provides modifications addition of new sections to Section 6 of ISTIA/EIA-41.3-DC "Voice Feature Scenarios", one for TDMA Over-The-Air Service Provisioning (OTASP) and the other for TDMA Over-The-Air Programming Teleservices (OPTS).

8

OVER-THE-AIR SERVICE PROVISIONING SCENARIOS

TDMA OVER-THE-AIR SERVICE PROVISIONING SCENARIOS

This section depicts interaction scenarios between OTASP. network entities relating to TDMA

8.TT

8.TT.1

Serving MSC Attachment to the OTAF: Origination Activation

This OTASP call scenario describes the use of the Origination Activation, implicit with an OTASP call origination, to attach the Serving MSC to the OTAF. This scenario is valid for both unprogrammed and pre-programmed MSs.

Voice Feature Scenarios

3-21

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Serving System MS MSC

Initial or Desired OTAF CSC

*FC + SEND a ORREQ [MSID, ESN, SMSADDR, ORIGTRIG, DGTSDIAL, TRANSCAP, SYSCAP] b

ORT

orreq [TERMLIST] c

Call extended to CSC d

Dialog between MS user and CSC Operator or VRU e

Information transfer [proprietary] f

Figure 8.TT.1 Serving MSC Attachment to a.

the

OTAF: Origination Activation

The Serving MSC recognizes the call to be an OTASP request from the OTASP Feature Code (*FC) received. Included in the Originate message from an unprogrammed mobile station is a MIN, which is formulated per TDMA. If the MIN received is from an unprogrammed MS, the MSC will use the 10-digit Activation_MIN for the remainder of the OTASP session. For a pre-programmed MS, the real MS MIN MSID is used during the OTASP session. Implicit with the call origination, the Serving MSC sends an ORREQ to the OTAF, with parameters and operations the same as 4.19.T1, Step-a. The OTAF returns an orreq to the MSC with the TerminationList which specifies the CSC routing information for this OTASP session with the same parameters and operations as in 4.19.T1 Step-b. The Serving MSC completes the call to the CSC. The MSC may supply the Activation_MIN in the Calling Number or Called Number, depending on signaling schemes. A call taker or a voice response unit at the CSC answers and begins a dialog with the user. The subscriber may, at the option of the service provider, verbally supply the MSs ESN to the call taker or VRU.

b. c.

d.

e.

TDMA-OTA

3-22

Voice Feature Scenarios

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

f.

The CSC informs the OTAF (in a proprietary manner) of the initial contact. The OTAF associates the received CSC information with the data stored from the ORREQ using either the CSC-supplied Activation_MIN or the MS's ESN.

Voice Feature Scenarios

3-23

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

8.TT.2

Serving MSC Attachment to the OTAF: Origination Registration

This scenario describes the use of the activation registration, implicit with an activation call origination, to attach the Serving MSC to the OTAF. This scenario applies only for an unactivated MS that does not have a real MIN.

Serving System MS MSC VLR

Initial or Desired OTAF CSC

*FC + SEND a REGNOT [MIN, ESN, SMSADDR, SystemInformation, ServingSystemPointer] b REGNOT [MIN, ESN, SMSADDR, SystemInformation, ServingSystemPointer] c

RNT RNT

regnot [MYTYPE, DIGITS(Destination), Profile] d

regnot [MYTYPE, DIGITS(Destination), Profile]

e

Call extended to CSC f

Dialog between MS user and CSC Operator or VRU

g

Information transfer [proprietary] h

Figure 8.TT.2 Serving MSC Attachment to

the

OTAF: Origination Registration

TDMA-OTA

3-24

Voice Feature Scenarios

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

a.

The Serving MSC recognizes the call to be an OTASP request from the OTASP Feature Code (*FC) sequence received. Included in the Originate message from the mobile station is a MIN, which is formulated per TDMA. The MSC uses the 10-digit Activation_MIN for the remainder of the OTASP session. The MSC determines the address of the OTAF (e.g., based on the service provider specified by the {MCC + (SID or SOC)} or the DN in the origination *FC sequence). Implicit with the call origination, the Serving MSC sends a REGNOT to the VLR, with parameters the same as 4.26.T1 Step-a. The VLR forwards the REGNOT to the OTAF. Parameters are the same as in 4.26.T1 Step-a. The OTAF returns a regnot to the VLR with the Digits(Destination) and Profile information restricting the unactivated MS from making any calls except to the CSC, with the same parameters as in 4.26.T1 Step-c. The VLR forwards the regnot to the Serving MSC with the same parameters as in 4.26.T1 Step-c. The Serving MSC receives the regnot, and completes the call to the CSC. The MSC may supply the Activation_MIN in the Calling Number or Called Number, depending on signaling schemes. A call taker or a voice response unit at the CSC answers and begins a dialog with the user. The subscriber may, at the option of the service provider, verbally supply the MSs ESN to the call taker or VRU. The CSC informs the OTAF (in a proprietary manner) of the initial contact. The OTAF associates the received CSC information with the data stored from the REGNOT using either the CSC-supplied Activation_MIN or the MS's ESN.

b.

c. d.

e. f.

g.

h.

Voice Feature Scenarios

3-25

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

8.TT.3

Serving MSC Attachment to the OTAF: Power-up Registration

This scenario describes an option for the use of the activation registration, implicit with a power-up, to attach the Serving MSC to the OTAF. This scenario applies only for an unactivated MS that does not have a real MIN.

Serving System MS MSC VLR

Initial or Desired OTAF CSC

Registration Order a REGNOT [MIN, ESN, SMSADDR, SystemInformation, ServingSystemPointer] b REGNOT [MIN, ESN, SMSADDR, SystemInformation, ServingSystemPointer] c

RNT RNT

regnot [MYTYPE, DIGITS(Destination), Profile] d

regnot [MYTYPE, DIGITS(Destination), Profile]

e

*FC + SEND f

Dialog between MS user and CSC Operator or VRU

g

Information transfer [proprietary] h

Figure 8.TT.3 Serving MSC Attachment to the OTAF: Power-up Registration a. The Serving MSC recognizes a Registration Order from the MS, implicit with powerup. Included in the power-up Registration message from the mobile station is a MIN, which is formulated per TDMA. The MSC uses the 10-digit Activation_MIN throughout the remainder of the OTASP session.

TDMA-OTA

3-26

Voice Feature Scenarios

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

b. c.

The Serving MSC sends a REGNOT to the VLR, with parameters the same as 4.26.T1 Step-a. The VLR forwards the REGNOT to the OTAF, with the same parameters as in 4.26.T1 Step-a. NOTE 1: In order to route to the desired OTAF, the VLR uses a pre-determined OTAF Address. This is required since there is no *FC dialed, as the REGNOT is sent as part of power-up registration, and there exists an association between the OTAF and the serving MSC.

d.

The OTAF returns a regnot to the VLR with the Digits(Destination) and Profile information restricting the unactivated MS from making any calls except to the CSC, with the parameters the same as in 4.26.T1 Step-c. The VLR forwards the regnot to the Serving MSC with the parameters the same as in 4.26.T1 Step-c. At some later point in time, the MS originates an activation-related call, by dialing the appropriate *FC sequence. The Serving MSC completes the call to the CSC. The MSC may supply the Activation_MIN in the Calling Number or Called Number, depending on signaling schemes. NOTE 2: The *FC sequence maps to the pre-determined OTAF (previously mentioned in NOTE 1) in this scenario.

e. f.

g.

A call taker or a voice response unit at the CSC answers and begins a dialog with the user. The subscriber may, at the option of the service provider, verbally supply the MSs ESN to the call taker or VRU. The CSC informs the OTAF (in a proprietary manner) of the initial contact. The OTAF associates the received CSC information with the data stored from the REGNOT using either the CSC-supplied Activation_MIN or the MS's ESN.

h.

Voice Feature Scenarios

3-27

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

8.TT.4

Serving MSC Attachment to the OTAF: Deferred Initial

This scenario describes an option for the use of the activation registration to attach the Serving MSC to the OTAF. Initial contact to the CSC is made via a landline phone (or phone other than the MS to be programmed), and the service provider completes provisioning during this landline call. OTASP data is transferred to the OTAF, and delivered to the MS when the subscriber powers up the mobile. A Registration Notification is sent to the OTAF either as part of the power-up, or the subscriber may be required to initiate a call to the CSC (or VRU) to initiate a registration implicit with call origination. This scenario is valid only for an unactivated MS that has not been previously programmed with a MIN.

Serving System MS MSC VLR

Initial or Desired OTAF CSC

Information transfer [proprietary]

a

Registration Order b REGNOT [MIN, ESN, SMSADDR, SystemInformation, ServingSystemPointer] c REGNOT [MIN, ESN, SMSADDR, SystemInformation, ServingSystemPointer] d

RNT

RNT regnot [MYTYPE, DIGITS(Destination), Profile]

e

regnot [MYTYPE, DIGITS(Destination), Profile] f

Figure 8.TT.4 Serving MSC Attachment to the OTAF: Deferred Initial a. The subscriber and CSC operator complete a dialog via a landline phone. After the completion of the call, the CSC sends the OTASP information to the OTAF in a proprietary manner. At some later point in time, the subscriber powers on the MS. As part of the power-up, a Registration Order is sent to the MSC. Alternatively, the subscriber may have been instructed to initiate a call (using the OTASP feature code) to the CSC or VRU thus causing an implicit call-origination registration. The Serving MSC recognizes a Registration Order from the MS. Included in this message from the MS is a MIN,

b.

TDMA-OTA

3-28

Voice Feature Scenarios

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

which is formulated per TDMA. The MSC recognizes that the MIN is for an unprogrammed mobile, and uses the 10-digit Activation_MIN throughout the remainder of the OTASP session. c. d. e. The Serving MSC sends a REGNOT to the VLR, with parameters the same as 4.26.T1 Step-a. The VLR forwards the REGNOT to the OTAF, with parameters the same as in 4.26.T1 Step-a. The OTAF returns a regnot to the VLR with the Digits(Destination) and Profile information restricting the unactivated MS from making any calls except to the CSC, with parameters the same as 4.26.T1 Step-c. The VLR forwards the regnot to the Serving MSC with parameters the same as in 4.26.T1 Step-c.

f.

Voice Feature Scenarios

3-29

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

8.TT.5

Serving MSC Attachment to the OTAF: Reprogramming

This scenario describes the use of the activation registration to attach the Serving MSC to the OTAF. This scenario is valid only for a previously activated MS that is undergoing an OTASP reprogramming procedure. The MS has a valid MIN MSID and existing subscription (i.e., an HLR record exists).

Serving System MS MSC HLR Home System OTAF CSC

*FC + SEND a

Dialog between MS user and CSC Operator or VRU

b

Information transfer [proprietary]

c

SMSREQ [ESN, MSID, SMSNOTIND, SMS_TID]

d

SRT

smsreq [MIN, ESN, SMSADDR] e

Figure 8.TT.5 Serving MSC Attachment to the OTAF: Reprogramming a. The Serving MSC recognizes the call to be an OTASP request from the OTASP Feature Code (*FC) sequence received. The MSC recognizes that the MS has a valid MIN MSID, and routes the voice call to the CSC. The MS subscriber and CSC operator begin a dialog. The CSC informs the OTAF (in a proprietary manner) of the initial contact. Included in the information transfer may be the MS's ESN and real MIN MSID, and an indication that this is a reprogramming of an MS that has an existing HLR record. The OTAF sends an SMSREQ to the HLR associated with the MIN MSID supplied by the CSC. The SMS_TID corresponding to OTASP is included in the SMSREQ. Parameters are the same as in 4.34.T1, Step-a. If the HLR has a network address for the MS-based SME, the HLR returns an smsreq to the OTAF with the SMS_Address corresponding to the Serving MSC. Parameters are the same as in 4.34.T1, Step-d.

b. c.

d.

e.

TDMA-OTA

3-30

Voice Feature Scenarios

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

8.TT.6

Deferred OTASP Reprogramming

This scenario describes the case of a deferred OTASP message delivery to the MS due to the MS not being active at initial attempt, or the OTASP session being interrupted (e.g., MS battery drains or user powers down MS), and the HLR has been notified that the MS has been de-registered2 . An example would be of an existing subscriber using a landline phone to initiate contact with the CSC. Programming information is sent in a proprietary manner to the OTAF prior to the MS being powered on. This programming information is stored in the OTAF until the MS becomes available. This scenario is valid for a previously activated MS that is undergoing an OTASP reprogramming procedure. The MS has a valid MIN MSID and existing subscription (i.e., an HLR record exists).

Serving System MS MSC HLR Home System OTAF CSC

Information transfer [proprietary] SMSREQ [MSID, ESN, SMSNOTIND, SMS_TID]

a

b

SRT

smsreq [SMSACCDEN] c

Registration Order d REGNOT e

RNT

regnot f

SMSNOT [ESN, MSID, SMSADDR, SMS_TID]

g

SNT

smsnot h

Delivery Pending Flag set

Delivery Pending Flag clear

Figure 8.TT.6 Deferred OTASP Reprogramming

2

If however the HLR was not notified of de-registration, it would return a SMSADDR parameter in Step-c, indicating the MS's latest known location (serving MSC). The OTAF may re-start the OTASP session but this may again result in non-success. The OTAF may re-try; but this is outside the scope of this standard; it is left to OTAF internal algorithms.

Voice Feature Scenarios

3-31

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

a.

The MS subscriber contacts the CSC. The CSC passes reprogramming information to the OTAF in a proprietary manner, included in this is an indication that this is a reprogramming of an existing MS. The OTAF sends an SMSREQ to the HLR associated with the MIN MSID (possibly using SCCP global title translation), with parameters the same as in 4.34.T1, Step-a. Since the MS is currently unavailable, the HLR returns an SMS_AccessDeniedReason parameter in an smsreq to the OTAF, and sets an OTA Delivery Pending Flag delivery pending flag.

Parameters SMSACCDEN Usage SMS_AccessDeniedReason Type R

b. c.

d. e. f. g.

The MS sends (at some later point in time) a registration order on the air interface. The MSC, via the VLR, forwards a REGNOT to the HLR associated with the MIN MSID using standard TIA/EIA-41 registration procedures. The HLR registers the MS, and returns a regnot to the MSC. The HLR now has a network address for the MS-based SME, the HLR sends an SMSNOT to the OTAF with the SMS_Address corresponding to the Serving MSC, with parameters the same as 4.33.T1, Step-a. The OTAF returns an smsnot to the HLR confirming receipt of the SMS_Address. The HLR clears the OTA Delivery Pending Flag delivery pending flag.

h.

TDMA-OTA

3-32

Voice Feature Scenarios

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

8.TT.7 Serving MSC Attachment to OTAF: Unknown Subscription Case 1

This scenario describes the use of an activation registration for attaching the Serving MSC to the OTAF for the case where the MS is programmed with NAM information (including a MIN MSID), and the subscriber's record for that NAM information is unknown (i.e. HLR records no longer exist in the network). The subscriber calls the CSC using the MS by dialing the OTASP feature code.

Serving System MSC VLR HLR Home System OTAF CSC

REGNOT [MSID, ESN, SMSADDR, SystemInformation, ServingSystemPointer] a REGNOT [MSID, ESN, SMSADDR, SystemInformation, ServingSystemPointer] b

RNT

RNT

regnot [MYTYPE, AUTHDEN] c

regnot [MYTYPE, AUTHDEN] d

Figure 8.TT.7 a.

Serving MSC Attachment to OTAF: Unknown Subscription Case 1 Either implicit with an OTASP activation related origination or power-up, the MSC sends a REGNOT to the VLR, containing its SMS_Address, with parameters the same as 4.26.T1 Step-a. The VLR forwards the REGNOT to the HLR associated with the MIN MSID, with parameters the same as 4.26.T1 Step-a. The HLR returns a regnot to the VLR containing an Authorization Denied.

Parameters MYTYPE AUTHDEN Usage Indicates an HLR Specifies that the MIN MSID is no longer valid at the HLR. Type R R

b. c.

d.

The VLR forwards the regnot to the Serving MSC, with parameters the same as Step-c. (Note: upon determining that authorization was denied, the MS could revert to activation as if it were un-programmed; see 8.TT.2 or 8.TT.3).

Voice Feature Scenarios

3-33

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

8.TT.8 Serving MSC Attachment to OTAF: Unknown Subscription Case 2

This scenario describes the use of an activation registration for attaching the Serving MSC to the OTAF for the case where the MS is programmed with NAM information (including a MIN MSID), but the subscriber's record for that NAM information is unknown (i.e. HLR records no longer exist in the network). Initially, the subscriber calls the CSC from a landline phone and OATS data is transferred to the OTAF. At some later point, the subscriber powers on the MS and initiates an OTASP session by dialing the appropriate feature code. Registration to the HLR associated with the previously programmed MIN MSID is denied (see 8.TT.7). Upon determining the authorization was denied, the MS could revert to activation as if it were un-programmed; see 8.TT.1 or 8.TT.2.

8.TT.9

OTAF Request to Initiate A-key Generation

This scenario describes the use of the SMDPP and OTASPREQ operations to initiate the Akey generation process, as requested by the OTAF.

TDMA-OTA

3-34

Voice Feature Scenarios

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Serving System MS MSC OTAF

Home System HLR AC

OTASPREQ [MSID, ESN, ACTCODE, SRVIND, ServingSystemPointer, AKEYPV, NEWMSID] OTASPREQ [MSID, ESN, ACTCODE, SRVIND, ServingSystemPointer, AKEYPV, NEWMSID]

a b c

OTART t otaspreq [AKEYPV, MODVAL, PRIMVAL, BSKEY]

otaspreq [AKEYPV, MODVAL, PRIMVAL, BSKEY] SMDPP [SMS_BearerData, SMS_TID, MSID, ESN, SMS_OA] e d

OTART t

Public Encryption Values ACK

smdpp [ ]

f

SMT

g h i

MS Encryption Values

SMDPP [MSID, ESN, SMS_BearerData , SMS_TID] j

SMT

smdpp [ ] k l OTASPREQ [MSID, ESN, ACTCODE, AKEYPV, SRVIND, NEWMSID, MSKEY] m OTASPREQ [MSID, ESN, ACTCODE, AKEYPV, SRVIND, NEWMSID, MSKEY] n o p SMDPP [MSID, ESN, SMS_BearerData, SMS_TID, SMS_OA] q

ACK

OTARTt OTART t otaspreq [OTASPRC]

otaspreq [OTASPRC]

OATS Key Result

r

ACK

smdpp [ ]

SMT

s t u

OATS Key Result

SMDPP [MSID, ESN, SMS_BearerData, SMS_TID] v

SMT smdpp [ ] ACK

w x

Figure 8.TT.9 OTAF Request to Initiate A-key Generation

Voice Feature Scenarios

3-35

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

a.

The OTAF determines that the A-key has to be generated at the MS. The OTAF sends an OTASPREQ to the HLR requesting the generation of public encryption values.

Parameters MIN MSID Usage MS's real MIN (previously supplied by the MS to the MSC), or Activation_MIN used for this OTASP session. MS's ESN. Requests the AC to compute the public encryption values and to return results to the OTAF. Set to TDMA OTASP value. Contains the Electronic Key Exchange procedure protocol version. The MIN MSID that will be assigned to the MS following the activation. Pointer to the Serving System: ID for the Serving MSC. Serving MSC's PC_SSN. Include if SS7 carriage services are used. Type R

ESN ACTCODE

R R

SRVIND AKEYPV NEWMIN NEWMSID ServingSystemPointer: [MSCID] [PC_SSN]

R R O O O O

NOTE: The ServingSystemPointer macro is required for unprogrammed MSs. b. c. The HLR forwards the OTASPREQ to the AC. Parameters are the same as in Step-a. The AC computes the modulus, primitive, and BSPartialKey, and sends these values to the HLR in an otaspreq.

Parameters AKEYPV MODVAL PRIMVAL BSKEY Usage Contains the Electronic Key Exchange procedure protocol version. Modulus Value (N). Primitive Value (G). Partial Key computed by the AC. Type R R R R

d. e.

The HLR forwards the otaspreq to the OTAF. Parameters are the same as in Stepc. The OTAF encapsulates an air-interface message (OATS Public Encryption Values) containing the modulus, primitive, and BSPartialKey, in SMS_BearerData and forwards it in an SMDPP to the MSC.

TDMA-OTA

3-36

Voice Feature Scenarios

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Parameters MIN MSID

Usage MS's real MIN (previously supplied by the MS to the MSC), or Activation_MIN used for this OTASP session. MS's ESN. Contains encapsulated OATS Public Encryption Values message. Set to OATS teleservice value. Set to the OTAF's address.

Type R

ESN SMS_BearerData SMS_TID SMS_OA

R R R R

f. g. h. i. j.

The Serving MSC sends the OATS Public Encryption Values to the MS over the airinterface. The Serving MSC receives a layer 3 acknowledgment from the MS. The Serving MSC sends an empty smdpp to the OTAF acknowledging the delivery of the Public Encryption Values message. The MS generates MSPartialKey and transmits it in an air-interface message (OATS MS Encryption Values) to the Serving MSC. The Serving MSC encapsulates in SMS_BearerData the air-interface message containing MSPartialKey, and forwards it in an SMDPP to the OTAF.

Parameters MIN MSID Usage MS's real MIN (previously supplied by the MS to the MSC), or Activation_MIN used for this OTASP session. MS's ESN. Contains encapsulated OATS MS Encryption Values message. Set to OATS teleservice value. Type R

ESN SMS_BearerData SMS_TID

R R R

k. l. m.

The OTAF obtains the OATS MS Encryption Values from the SMS_BearerData in the SMDPP, and returns an empty smdpp to the MSC. The serving MSC sends a layer 3 acknowledgement to the MS. The OTAF sends an OTASPREQ to the HLR containing the MSPartialKey, and an ACTCODE to compute the A-key using the supplied MSPartialKey and stored values for the modulus and primitive.

Voice Feature Scenarios

3-37

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Parameters MIN MSID

Usage MS's real MIN (previously supplied by the MS to the MSC), or Activation_MIN used for this OTASP session. MS's ESN. Request the AC to compute an A-key using the value of the MSPartialKey. Contains the Electronic Key Exchange procedure protocol version. MSPartialKey. Set to TDMA OTASP value. The MIN MSID that will be assigned to the MS following the activation.

Type R

ESN ACTCODE

R R

AKEYPV MSKEY SRVIND NEWMIN NEWMSID

R R R O

n. o.

The HLR forwards the OTASPREQ to the AC. Parameters are the same as in Step-l. The AC computes the A-key using the supplied MSPartialKey and stored values, and sends an OTASP_ResultCode (indicating successful A-key generation) to the HLR in otaspreq.

Parameters OTASPRC Usage Result of the A-key generation. Type R

p. q.

The HLR forwards the otaspreq to the OTAF. Parameters are the same as in Stepn. The OTAF encapsulates, in SMS_BearerData, an air-interface message (OATS Key Result) containing the result of the A-key generation, and forwards it in an SMDPP to the Serving MSC.

Parameters MIN MSID Usage MS's real MIN (previously supplied by the MS to the MSC), or Activation_MIN used for this OTASP session. MS's ESN. Contains encapsulated OATS Key Result message. Set to OATS teleservice value. Set to the OTAF's address. Type R

ESN SMS_BearerData SMS_TID SMS_OA

R R R R

r. s. t.

The Serving MSC sends the OATS Key Result message to the MS over the airinterface. The Serving MSC receives a layer 3 acknowledgment from the MS. The Serving MSC sends an empty smdpp to the appropriate OTAF (by using the address information for the OTAF, returned by the MS in the TeleserviceServerAddress Information Element in the R-DATA ACK message) acknowledging the delivery of the Key Result message. The MS sends an air-interface OATS Key Result message to the Serving MSC indicating it successfully computed the A-key.

u.

TDMA-OTA

3-38

Voice Feature Scenarios

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

v. w. x.

The Serving MSC encapsulates the Key Result message in SMS_BearerData, and sends it in an SMDPP to the OTAF, with parameters the same as in Step-p j. The OTAF receives the OATS Key Result message, and acknowledges receipt by sending an empty smdpp to the Serving MSC. The Serving MSC sends a layer 3 acknowledgment to the MS.

Voice Feature Scenarios

3-39

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

8.TT.10 OTAF Request to Perform SSD Update 8.TT.10a SSD Update when SSD is Not Shared

This scenario describes the use of OTASPRequest, AuthenticationDirective, BaseStationChallenge, and the AuthenticationStatusReport operations to perform the SSD Update procedure for the MS for the case where SSD is not shared between the AC and the VLR, as requested by the OTAF.

TDMA-OTA

3-40

Voice Feature Scenarios

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Serving System MS MSC VLR OTAF

Home System HLR AC

a b

OTASPREQ [MSID, ESN, ACTCODE, SRVIND, ServingSystemPointer, NEWMSID] OTASPREQ [MSID, ESN, ACTCODE, SRVIND, ServingSystemPointer, NEWMSID] AUTHDIR [MSID, ESN, AUTHU, RANDSSD, RANDU, SRVIND] AUTHDIR [MSID, ESN, AUTHU, RANDSSD, RANDU, SRVIND]

c d

AUTHDIR [MSID, ESN, AUTHU, RANDSSD, RANDU, SRVIND] e authdir [ ]

ADT

authdir [ ]

ADT

ADT

f g authdir [ ] h i j k

SSD Update Order BS Challenge Order

BSCHALL [MSID, ESN, RANDBS] BSCHALL [MSID, ESN, RANDBS] BSCHALL [MSID, ESN, RANDBS]

l m n o p

BSCT ASRRT

BSCT

bschall [AUTHBS]

bschall [AUTHBS] BSCT

bschall [AUTHBS]

BS Challenge Response SSD Update Response Unique Challenge Order Unique Challenge Response

OTART

tl

OTART

tl

q r

ASRRT

s t

ASREPORT [MSID, ESN, SYSCAP, SSDURPT, UCHALRPT, SRVIND] ASREPORT [MSID, ESN, SYSCAP, SSDURPT, UCHALRPT, SRVIND]

u v

ASREPORT [MSID, ESN, SYSCAP, SSDURPT, UCHALRPT, SRVIND] w

ASRT

ASRT

asreport [ ]

asreport [ ] ASRT x y

asreport [ ] otaspreq [SSDURPT, UCHALRPT]

z aa otaspreq [SSDURPT, UCHALRPT] bb

Voice Feature Scenarios

3-41

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Figure 8.TT.10a a.

SSD Update when SSD is not Shared

The OTAF determines that the SSD for the MS is to be updated. The OTAF sends an OTASPREQ to the HLR indicating in the ActionCode (ACTCODE) parameter that the SSD update procedure is to be performed for the MS.

Parameters MIN MSID Usage MS's real MIN (previously supplied by the MS to the MSC), or Activation_MIN used for this OTASP session. MS's ESN. Request the AC to initiate the SSD Update procedure. Set to TDMA OTASP value. Pointer to the Serving System: ID for the Serving MSC. Serving MSC's PC_SSN. Include if SS7 carriage services are used. The MIN MSID that will be assigned1 to the MS following the activation. Type R

ESN ACTCODE SRVIND ServingSystemPointer: [MSCID] [PC_SSN] NEWMIN NEWMSID

R R R RO RO RO O

NOTE: The ServingSystemPointer macro is required for unprogrammed MSs. b. c. The HLR forwards the OTASPREQ to the AC with the same parameters as in Step-a. SSD Update Procedure is executed at the AC to produce a new value of the SSD using the private A-key of the MS, ESN and a Random Number (RANDSSD) generated by the AC. Note: the AC must retain both the old and new values of the SSD until informed by the VLR of the outcome of the updating procedure. The AC chooses a Unique Random Variable (RANDU) and executes Auth_Signature Procedure using the new SSD-A, ESN, and MIN MSID associated with the MS to produce an Authentication Response for Unique Challenge (AUTHU). Note: for unprogrammed MSs, the MIN MSID to be used in computing AUTHU is the MIN formulated from the ESN, as defined in TDMA . An AUTHDIR is sent from the AC to the HLR associated with the MS.

1This

event occurs outside the scope of this Interim Standard.

TDMA-OTA

3-42

Voice Feature Scenarios

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Parameters MIN MSID

Usage MS's real MIN (previously supplied by the MS to the MSC), or Activation_MIN used for this OTASP session. MS's ESN. Authentication Response for the Unique Challenge. Random Variable to be used in the SSD Update procedure. Random Variable to be used in the Unique Challenge. Set to TDMA OTASP value.

Type R

ESN AUTHU RANDSSD RANDU SRVIND

R R R R R

d. e. f. g. h. i.

The HLR forwards the AUTHDIR to the current Serving VLR with the same parameters as in Step-c. The Serving VLR forwards the AUTHDIR to the Serving MSC with the same parameters as in Step-c. The Serving MSC returns an empty authdir to the Serving VLR to indicate that the directive has been accepted. The Serving VLR forwards the authdir to the HLR. The HLR forwards the authdir to the AC. The Serving MSC sends an air interface SSD Update Order to the MS using the value of RANDSSD provided by the AC. The message may be sent over the control channel or over a voice or traffic channel. The MS executes the SSD Update Procedure to produce a new value of SSD using the value of RANDSSD provided in the SSD Update order, ESN and A-key. The MS selects a Random Number (RANDBS) and sends a Base Station Challenge order to the Serving MSC including the value of RANDBS. The MS then executes the Auth_Signature Procedure to produce an Authentication Result (AUTHBS) using the new value of SSD-A, ESN, MIN1 and the Random Number (RANDBS). Note: for an unprogrammed MS, the Activation_MIN should be used when computing AUTHBS.

j.

k.

The Serving MSC sends a Base Station Challenge (BSCHALL) to the Serving VLR to request a response to the BSCHALL order received from the MS.

Parameters MIN MSID Usage MS's real MIN (previously supplied by the MS to the MSC), or Activation_MIN used for this OTASP session. MS's ESN. Random Variable to be used in the Base Station Challenge. Type R

ESN RANDBS

R R

l. m.

The Serving VLR forwards the BSCHALL to the HLR with the same parameters as in Step-k. The HLR forwards the BSCHALL to the AC with the same parameters as in Step-k.

Voice Feature Scenarios

3-43

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

n.

The AC executes the Auth_Signature Procedure to produce an Authentication Result (AUTHBS) using the new value of SSD-A, ESN, MIN1 for the MS and the Random Number (RANDBS) provided in the BSCHALL. Note: for an unprogrammed MS, the Activation_MIN should be used when computing AUTHBS. The AUTHBS value is returned to the HLR in the bschall.

Parameters AUTHBS Usage Authentication response to the Base Station Challenge. Type R

o. p. q. r.

The HLR forwards the bschall to the Serving VLR with the same parameters as in Step-n. The Serving VLR forwards the bschall to the Serving MSC with the same parameters as in Step-n. The Serving MSC passes the AC's computed value of AUTHBS to the MS in an air interface Base Station Challenge Response message. If the AUTHBS result provided by the AC matches the value computed by the MS, the MS stores the new SSD value for use in future executions of the Auth_Signature Procedure and sends an SSD Update Confirmation message to the Serving MSC. The Serving MSC sends a Unique Challenge Order to the MS using the RANDU provided in the AUTHDIR in Step-c. The MS executes the Auth_Signature Procedure using RANDU and the SSD-A currently stored, ESN, and MIN MSID to produce an Authentication Response for Unique Challenge (AUTHU) which is then sent to the Serving MSC. The Serving MSC compares the value of AUTHU provided by the AC (in Step-c) in the AUTHDIR with that received from the MS.

s. t.

u.

The Serving MSC sends an ASREPORT to the Serving VLR indicating the success or failure of the SSD Update and the Unique Challenge.

Parameters MIN MSID Usage MS's real MIN (previously supplied by the MS to the MSC), or Activation_MIN used for this OTASP session. MS's ESN System Capabilities (Serving system). Outcome of the SSD Update procedure. Set to TDMA OTASP value. Outcome of the Unique Challenge. Type R

ESN SYSCAP SSDURPT SRVIND UCHALRPT

R R R R R

v. w. x.

The Serving VLR forwards the ASREPORT to the HLR with the same parameters as in Step-u. The HLR forwards the ASREPORT to the AC with the same parameters as in Step-u. The AC stores the new SSD value for use in future executions of the Auth_Signature Procedure for the MS. The AC sends an empty asreport to the HLR indicating that service is to be provided to the MS.

TDMA-OTA

3-44

Voice Feature Scenarios

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

y. z. aa.

The HLR forwards the asreport to the Serving VLR. The Serving VLR forwards the asreport to the Serving MSC. The AC sends an otaspreq to the HLR indicating that the SSD Update procedure was successfully concluded.

Parameters SSDURPT UCHALRPT Usage Outcome of the SSD Update procedure. Outcome of the Unique Challenge. Type R R

bb. The HLR forwards the otaspreq to the OTAF with the same parameters as in Stepaa.

Voice Feature Scenarios

3-45

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

8.TT.10b SSD Update when SSD is Shared

This scenario describes the use of OTASPRequest, AuthenticationDirective, BaseStationChallenge, and the AuthenticationStatusReport operations to perform the SSD Update process for the MS for the case where SSD is shared between the AC and the VLR, as requested by the OTAF.

TDMA-OTA

3-46

Voice Feature Scenarios

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Serving System MS MSC VLR OTAF

Home System HLR AC

OTASPREQ [MSID, ESN, ACTCODE, SRVIND, ServingSystemPointer, NEWMSID] a OTASPREQ [MSID, ESN, ACTCODE, SRVIND, ServingSystemPointer, NEWMSID] b AUTHDIR [MSID, ESN, RANDSSD, SSD, SRVIND] c AUTHDIR [MSID, ESN, RANDSSD, SSD, SRVIND] d AUTHDIR [MSID, ESN, AUTHU, RANDSSD, RANDU, SRVIND, SSD] e authdir [ ]

ADT

authdir [ ]

ADT

ADT

f g authdir [ ] h i

ASRRT SSD Update Order [RANDSSD] BS Challenge Order [RANDBS]

BSCHALL [MSID, ESN, RANDBS]

j k

BSCT

bschall [AUTHBS]

OTART

tl

OTART

tl

l m

BS Challenge Response [AUTHBS] SSD Update Response Unique Challenge Order Unique Challenge Response

ASREPORT [MSID, ESN, SYSCAP, SSDURPT, UCHALRPT, SRVIND] ASREPORT [MSID, ESN, SYSCAP, SSDURPT, UCHALRPT, SRVIND] r ASREPORT [MSID, ESN, SYSCAP, SSDURPT, UCHALRPT, SRVIND] s t asreport [ SSD] asreport [ ] v otaspreq [SSDURPT, UCHALRPT] otaspreq [SSDURPT, UCHALRPT] x w u

ASRRT

n o p q

ASRT

ASRT

asreport [ SSD]

ASRT

Figure 8.TT.10b

SSD Update when SSD is Shared

Voice Feature Scenarios

3-47

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

a.

The OTAF determines that SSD for the MS is to be updated. The OTAF sends an OTASPREQ to the HLR indicating in the ActionCode (ACTCODE) parameter that the SSD update procedure is to be performed for the MS. Parameters are the same as in 8.TT.10a Step-a. The HLR forwards the OTASPREQ to the AC with the same parameters as in Step-a. SSD Update Procedure is executed at the AC to produce a new value of the SSD using the private A-key of the MS, ESN and a Random Number (RANDSSD) generated by the AC. Note the AC must retain both the old and new values of the SSD until informed by the VLR of the outcome of the updating procedure. An AUTHDIR is sent from the AC to the HLR associated with the MS.

Parameters ESN MIN MSID Usage MS's ESN. MS's real MIN (previously supplied by the MS to the MSC), or Activation_MIN used for this OTASP session. Random Variable to be used in the SSD Update procedure. Set to TDMA OTASP value. SSD-A and SSD-B for the MS. Type R R

b. c.

RANDSSD SRVIND SSD

R R R

d. e.

The HLR forwards the AUTHDIR to the current Serving VLR with the same parameters as in Step-c. The Serving VLR chooses a Unique Random Variable (RANDU) and executes the Auth_Signature Procedure using the pending values of SSD-A, ESN, MIN1, and MIN2 associated with the MS to produce a Unique Authentication Response (AUTHU). Note that the VLR must use the correct MIN MSID value (i.e. the MIN that is currently in the MS). The Serving VLR forwards the AUTHDIR to the Serving MSC with the following parameters:

Parameters ESN MIN MSID Usage MS's ESN. MS's real MIN (previously supplied by the MS to the MSC), or Activation_MIN used for this OTASP session. Authentication Response for the Unique Challenge. Random Variable to be used in the SSD Update procedure. Random Variable to be used in the Unique Challenge. Set to TDMA OTASP value. SSD-A and SSD-B for the MS. Type R R

AUTHU RANDSSD RANDU SRVIND SSD

R R R R R

f. g. h.

The Serving MSC returns an empty authdir to the Serving VLR to indicate that the directive has been accepted. The Serving VLR forwards the authdir to the HLR. The HLR forwards the authdir to the AC.

TDMA-OTA

3-48

Voice Feature Scenarios

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

i.

The Serving MSC sends an air interface SSD Update Order to the MS using the value of RANDSSD provided by the AC. The message may be sent over the control channel or over a voice or traffic channel. The MS executes the SSD Update Procedure to produce a new value of SSD using the value of RANDSSD provided in the SSD Update order, ESN and A-key. The MS selects a Random Number (RANDBS) and sends a Base Station Challenge order to the Serving MSC including the value of RANDBS. The MS then executes the Auth_Signature Procedure to produce an Authentication Result (AUTHBS) using the new value of SSD-A, ESN, MIN1 and the Random Number (RANDBS). Note: for an unprogrammed MS, the Activation_MIN should be used when computing AUTHBS.

j.

k.

The Serving MSC sends a Base Station Challenge (BSCHALL) to the Serving VLR to request a response to the BSCHALL order received from the MS.

Parameters ESN MIN MSID Usage MS's ESN. MS's real MIN (previously supplied by the MS to the MSC), or Activation_MIN used for this OTASP session. Random Variable to be used in the Base Station Challenge. Type R R

RANDBS

R

l.

The VLR executes the Auth_Signature Procedure to produce an Authentication Result (AUTHBS) using the new value of SSD-A, ESN, MIN1 for the MS and the Random Number (RANDBS) provided in the BSCHALL. Note: for an unprogrammed MS, the Activation_MIN should be used when computing AUTHBS. The AUTHBS value is returned to the MSC in the bschall.

Parameters AUTHBS Usage Authentication response to the Base Station Challenge. Type R

m. n.

The Serving MSC passes the VLR's computed value of AUTHBS to the MS in an air interface Base Station Challenge Response message. If the AUTHBS result provided by the VLR matches the value computed by the MS, the MS stores the new SSD value for use in future executions of the Auth_Signature Procedure and sends an SSD Update Confirmation message to the Serving MSC. The Serving MSC sends a Unique Challenge Order to the MS using the RANDU provided in the AUTHDIR in Step-e. The MS executes the Auth_Signature Procedure using RANDU and the SSD-A currently stored, the ESN, and the MIN MSID in the MS, to produce an Authentication Response for Unique Challenge (AUTHU) which is then sent to the Serving MSC. The Serving MSC compares the value of AUTHU provided by the VLR (in Step-c) in the AUTHDIR with that received from the MS.

o. p.

q.

The Serving MSC sends an ASREPORT to the Serving VLR indicating the success or failure of the SSD Update and the Unique Challenge.

Voice Feature Scenarios

3-49

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Parameters ESN MIN MSID

Usage MS's ESN MS's real MIN (previously supplied by the MS to the MSC), or Activation_MIN used for this OTASP session. Set to TDMA OTASP value. Outcome of the SSD Update procedure. System Capabilities (Serving system). Outcome of the Unique Challenge.

Type R R

SRVIND SSDURPT SYSCAP UCHALRPT

R R R R

r. s. t.

The Serving VLR forwards the ASREPORT to the HLR with the same parameters as in Step-q. The HLR forwards the ASREPORT to the AC with the same parameters as in Step-q. The AC stores the new SSD value for use in future executions of the Auth_Signature Procedure for the MS. The AC sends an asreport, containing the SSD to the HLR indicating that service is to be provided to the MS. The HLR forwards the asreport to the Serving VLR, which stores the received SSD. The Serving VLR sends an empty asreport to the Serving MSC. The AC sends an otaspreq to the HLR indicating that the SSD Update procedure was successfully concluded.

Parameters SSDURPT UCHALRPT Usage Outcome of the SSD Update procedure. Outcome of the Unique Challenge. Type R R

u. v. w.

x.

The HLR forwards the otaspreq to the OTAF with the same parameters as in Stepw.

TDMA-OTA

3-50

Voice Feature Scenarios

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

8.TT.11 OTAF Request to Perform Re-Authentication

This scenario describes the use of AuthenticationRequest operations to perform MS reauthentication for the purpose of computing and sending encryption parameters to the Serving MSC, as requested by the OTAF. The SMEKEY and VPMASK are used to invoke message encryption and voice privacy, respectively, on the air-interface.

Serving System MS MSC VLR OTAF Home System HLR AC

OTASPREQ [MSID, ESN, ACTCODE, SRVIND, ServingSystemPointer, NEWMSID] OTASPREQ [MSID, ESN, ACTCODE, SRVIND, ServingSystemPointer, NEWMSID] AUTHDIR [AUTHRA, RANDRA, VPMASK, SMEKEY, SRVIND] AUTHDIR [AUTHRA, RANDRA, VPMASK, SMEKEY, SRVIND] AUTHDIR [AUTHRA, RANDRA, VPMASK, SMEKEY, SRVIND] authdir [ ] ADT authdir [ ] a b c d

ADT

ADT

e f g

ASRRT Re-Authenticate [RANDRA] Order Re-Authentication Confirmation [AUTHRA] Response StatusRequest [VPmode, MEMode] Order ACK

ASREPORT [VPRPT, SMERPT, RARPT, SRVIND] ASREPORT [VPRPT, SMERPT, RARPT, SRVIND]

authdir [ ]

h i j

OTARTtl

OTARTtl ASRRT

k l m n

ASRT

ASREPORT [VPRPT, SMERPT, RARPT, SRVIND] asreport [ ] ASRT ASRT asreport [ ]

o p q

asreport [ ] otaspreq [ VPRPT, SMERPT] otaspreq [ VPRPT, SMERPT]

r s t

Figure 8.TT.11 OTAF Request to Perform Re-Authentication

Voice Feature Scenarios

3-51

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

a.

The OTAF determines that signaling message encryption and or voice privacy is to be invoked on the air interface. It sends an OTASPREQ message to the HLR, with the ACTCODE set to Perform Reauthentication.

Parameters MIN MSID Usage MS's real MIN (previously supplied by the MS to the MSC), or Activation_MIN used for this OTASP session. MS's ESN. Request the AC to initiate re-authentication. Pointer to the Serving System: ID for the Serving MSC. Serving MSC's PC_SSN. Include if SS7 carriage services are used. The MIN MSID that will be assigned to the MS following the activation. Set to TDMA OTASP value. Type R

ESN ACTCODE ServingSystemPointer: [MSCID] [PC_SSN] NEWMIN NEWMSID SRVIND

R R RO O O O OR

NOTE: The ServingSystemPointer macro is required for unprogrammed MSs. b. c. The HLR receives the OTASPREQ for the Re-authenticate and forwards it to the AC with the same parameters as in Step-a. The AC generates a random number for re-authentication, RANDRA. The AC also computes the expected authentication response, AUTHRA, from the RANDRA, ESN, MIN1, and SSD-A. Note: for an unprogrammed MS, the MIN to be used in computing AUTHBS AUTHRA is the MIN formulated using NPA = 000 and the decimal representation of the ESN, as defined in TDMA . The AC sends the RANDRA and AUTHRA to the HLR in an AUTHDIR.

Parameters MIN MSID Usage MS's real MIN (previously supplied by the MS to the MSC), or Activation_MIN used for this OTASP session. MS's ESN. Random Variable for re-authentication. Authentication result for re-authentication Signaling Message Encryption key Voice Privacy mask Set to TDMA OTASP value. Type R

ESN RANDRA AUTHRA SMEKEY VPMASK SRVIND

R R R R R OR

d. e. f. g. h.

The HLR forwards the AUTHDIR to the VLR with the same parameters as in Step-c. The VLR forwards the AUTHDIR to the MSC with the same parameters as in Step-c. The MSC receives the AUTHDIR, and sends an empty authdir to the VLR. The VLR forwards the authdir to the HLR. The HLR forwards the authdir to the AC. The AC awaits an Authentication Status Report from the MSC.

TDMA-OTA

3-52

Voice Feature Scenarios

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

i. j.

The MSC encapsulates the RANDRA on an air-interface Re-Authenticate Order, and sends it to the MS. The MS receives the Re-Authenticate Order and computes an authentication response AUTHRA from the received RANDRA, the ESN, MIN MSID, and SSD-A. NOTE: for an unprogrammed MS, the MIN to be used in computing AUTHBS AUTHRA is the MIN formulated using NPA = 000 and the decimal representation of the ESN, as defined in TDMA. The MS sends a Re-Authenticate Order Confirmation Response to the MSC containing the AUTHRA. The MSC compares the MS-generated AUTHRA, received from the MS, with the AUTHRA received from the AC in Step-e.

k.

If the AUTHRA comparison succeeds, the MSC sends a TDMA air-interface StatusRequest message to the MS with the Message Encryption Mode A set to 1, and the Service Privacy Mode A set to 1. The MS replies to the MSC with an Acknowledgment message. Based on the result of the comparison, the MSC sends an ASREPORT to the VLR with the result of the re-authentication procedure. Also included in the ASREPORT are the results of the message encryption and voice privacy procedures.

Parameters MIN Usage MS's real MIN (previously supplied by the MS to the MSC), or Activation_MIN used for this OTASP session. MS's ESN. Result of the re-authentication procedure. Result of the message encryption procedure. Result of the voice privacy procedure. Set to TDMA OTASP value. Type R

l. m.

ESN RARPT SMERPT VPRPT SRVIND

R R R R R

n. o. p. q. r. s.

The VLR forwards the ASREPORT to the HLR with the same parameters as in Stepm. The HLR forwards the ASREPORT to the AC with the same parameters as in Step-m. The AC returns an empty asreport to the HLR acknowledging receipt of the report. The HLR forwards the asreport to the VLR. The VLR forwards the asreport to the MSC. As a result of receiving the ASREPORT in Step-o, the AC sends an otaspreq to the HLR indicating the re-authentication procedure has been successfully completed. Parameters are the same as in Step-m, with the exception of the RARPT and SRVIND parameter. The HLR forwards the otaspreq to the OTAF. Parameters are the same as in Steps.

t.

Voice Feature Scenarios

3-53

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

8.TT.12 AC Request to Commit A-key

This scenario describes the use of the OTASPREQ operation to request the AC to commit the previously allocated temporary authentication key to the permanent subscriber database.

OTAF

HLR

AC

OTASPREQ [MSID, ESN, ACTCODE, NEWMSID, SRVIND]

a

OTASPREQ [MSID, ESN, ACTCODE, NEWMSID, SRVIND]

b

OTART tl

OTART tl

otaspreq [ ] c

otaspreq [ ]

d

Figure 8.TT.12 AC Request to Commit a.

A-key

The OTAF sends an OTASPREQ to the HLR with the ActionCode (ACTCODE) parameter set to request the AC to commit the A-key.

Parameters MIN MSID Usage MS's real MIN (previously supplied by the MS to the MSC), or Activation_MIN used for this OTASP session. MS's ESN. Request the AC to commit the A-key. The MIN MSID that will be assigned to the MS following the activation. Set to TDMA OTASP value. Type R

ESN ACTCODE NEWMIN NEWMSID SRVIND

R R R R

b. c. d.

The HLR forwards the OTASPREQ to the AC. The AC acknowledges the action to the HLR via an empty otaspreq. The HLR forwards the otaspreq to the OTAF.

TDMA-OTA

3-54

Voice Feature Scenarios

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

8.TT.13 AC Request to Release A-key Resources

This scenario describes the use of the OTASPREQ operation to request the AC to release a previously allocated temporary authentication key.

OTAF

HLR

AC

OTASPREQ [MSID, ESN, ACTCODE, SRVIND] a

OTASPREQ [MSID, ESN, ACTCODE, SRVIND] b

OTARTx

OTART x

otaspreq [ ] c

otaspreq [ ] d

Figure 8.TT.13 AC Request to Release A-key Resources a. The OTAF sends an OTASPREQ to the HLR with the ActionCode (ACTCODE) parameter set to request the AC to release the A-key.

Parameters MIN MSID Usage MS's real MIN (previously supplied by the MS to the MSC), or Activation_MIN used for this OTASP session. MS's ESN. Request the AC to release A-key Resources. Set to TDMA OTASP value. Type R

ESN ACTCODE SRVIND

R R R

b. c. d.

The HLR forwards the OTASPREQ to the AC. The AC acknowledges the action to the HLR via an empty otaspreq. The HLR forwards the otaspreq to the OTAF.

Voice Feature Scenarios

3-55

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

9

OVER-THE-AIR PARAMETER ADMINISTRATION SCENARIOS

TDMA OVER-THE-AIR PROGRAMMING TELESERVICE SCENARIOS

This section depicts interaction scenarios between network entities relating to TDMA Over-the-Air Programming Teleservice transactions (OPTS).

9.TT

9.TT.1

Successful OPTS Download to an Available Mobile Station

This scenario describes the successful OPTS download to an available MS.

Serving System Home System

MS

MSC

VLR

HLR

OTAF

SMSREQ [MSID, ESN, SMS_TID] a

Example Initiation

smsreq [ SMSACCDEN]

SRT

b

MS Registration SMSNOT [MSID, ESN, SMSADDR, SMS_TID]

c d e

SNT

smsnot [ ]

SMDPP [MSID, SMS_BearerData(OPTS Data), SMS_TID, SMS_OA]

SMS delivers

f g

SMS accept

SMT

h smdpp i

OTA Delivery Pending Flag clear

OTA Delivery Pending Flag set

Figure 9.TT.1 Successful OPTS Download to an Available Mobile Station

TDMA-OTA

3-56

Voice Feature Scenarios

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

a. b.

An OPTSession is initiated via proprietary means. Steps a, b, c and d are one example scenario for OPTS initiation; other proprietary scenarios are not precluded. OPTS initiation may result, either via an SMSREQ or other means, in an OTA Delivery pending flag (ODPF) being set in the HLR for those mobile stations which will be programmed over-the-air with OPTS data. MS registration process occurs. The HLR, upon processing of the OTA Delivery Pending Flag for OPTS, identifies that it has a valid SMS_ADDRESS for the MSID, and sends an SMSNOT to the OTAF. The HLR clears the OPF.

Parameters MSID ESN SMS_TID SMSADDR Usage MS's MIN. MS's ESN. Specifies the teleservice identifier for the OPTS teleservice. Specifies the routing address for an MS-based SME for OPTS delivery. Type R R R R

c. d.

e.

The OTAF receives the SMSNOT, and identifies from the SMS_TID that this is an OPTS request for an IRDB download. The OTAF returns an empty smsnot. Steps f through j represent the standard delivery of OPTS data to the mobile station.

f.

The OTAF generates an OPTS message with the appropriate IRDB data, and encapsulates it in the SMS_BearerData of an SMDPP INVOKE. The OTAF sends the SMDPP INVOKE to the Serving MSC, with the following parameters:

Parameters MSID ESN SMS_TID SMS_BearerData SMS_OA Usage MS's MIN. MS's ESN. Specifies the teleservice identifier for the OPTS teleservice. OPTS data. Set to the OTAF's address. Type R R R R R

g. h. i.

The Serving MSC encapsulates the SMS_BearerData containing the OPTS message into an IS-136 R-Data, and sends the R-Data to the mobile station. The mobile station receives the R-Data, processes the data, and sends an R-Data Accept to the Serving MSC. The Serving MSC receives the R-Data Accept and sends an smdpp to the OTAF. The OTAF receives the smdpp, completing the transaction.

Voice Feature Scenarios

3-57

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

9.TT.2

Successful OPTS Download to an Initially Unavailable MS

This scenario describes the successful OPTS download to an initally unavailable Mobile Station.

Serving System Home System

MS

MSC

VLR

HLR

OTAF

SMSREQ [MSID, ESN, SMS_TID] a

Example Initiation

smsreq [Postponed]

SRT

b

MS Registers with the HLR; SMSADDR is supplied SMSNOT [MSID, ESN, SMSADDR, SMS_TID]

c d e f g

SNT

smsnot [ ]

SMDPP [MSID, SMS_BearerData(OPTS Data), SMS_TID, SMS_OA]

SMS delivers SMS accept

SMT

h smdpp i

OTA Delivery Pending Flag clear

OTA Delivery Pending Flag set

Figure 9.TT.2 Successful OPTS Download to an Initially Unavailable MS

a-d. An OPTS session is initiated via proprietary means (one example scenario is shown). e. The OTAF receives the SMSNOT INVOKE, and identifies from the SMS_TID that this is an OPTS request for an IRDB download. The OTAF returns an empty smsnot RETURN RESULT to the HLR. The OTAF generates an OPTS message with the appropriate IRDB data, and encapsulates it in the SMS_BearerData of an SMDPP INVOKE. The OTAF sends the SMDPP INVOKE to the Serving MSC, with the following parameters:

f.

TDMA-OTA

3-58

Voice Feature Scenarios

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Parameters MSID ESN SMS_TID SMS_BearerData SMS_OA

Usage MS's MIN. MS's ESN. Specifies the teleservice identifier for the OPTS teleservice. OPTS Data Set to the OTAF's address.

Type R R R R R

g. h. i.

The Serving MSC encapsulates the SMS_BearerData containing the OPTS message into an IS-136 R-Data, and sends the R-Data to the mobile station. The mobile station receives the R-Data, processes the data, and sends an R-Data Accept to the Serving MSC. The Serving MSC receives the R-Data Accept and sends an smdpp RETURN RESULT to the OTAF. The OTAF receives the smdpp RETURN RESULT, completing the transaction.

Voice Feature Scenarios

3-59

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

9.TT.3

Unsuccessful OPTS

This scenario describes the unsuccessful OPTS.

Serving System Home System

MS

MSC

VLR

HLR

OTAF

SMSREQ [MSID, ESN, SMS_TID] a

Example Initiation

smsreq

SRT

b

SMSNOT [MSID, ESN, SMSADDR, SMS_TID]

c d e f g

SNT

smsnot [ ]

SMDPP [MSID, SMS_BearerData(OPTS Data), SMS_TID, SMS_OA]

SMS delivers

SMT

SMS reject

smdpp [SMS_CauseCode] SMSREQ [MSID, ESN, SMS_TID] i smsreq

h

SRT

j k l

MS Registers with the HLR; SMSADDR is supplied SMSNOT [MSID, ESN, SMSADDR, SMS_TID]

OTA Delivery Pending Flag clear

OTA Delivery Pending Flag set

Figure 9.TT.3 Unsuccessful OPTS

a-d. An OPTS session is initiated via proprietary means. e. The OTAF generates an OPTS message with the appropriate IRDB data, and encapsulates it in the SMS_BearerData of an SMDPP INVOKE. The OTAF sends the SMDPP INVOKE to the Serving MSC, with the following parameters:

TDMA-OTA

3-60

Voice Feature Scenarios

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Parameters MSID ESN SMS_TID SMS_BearerData SMS_OA

Usage MS's MIN. MS's ESN. Specifies the teleservice identifier for the OPTS teleservice. OPTS Data Set to the OTAF's address.

Type R R R R R

f. g. h.

The Serving MSC encapsulates the SMS_BearerData containing the OPTS message into an IS-136 R-Data, and sends the R-Data to the mobile station. The mobile station receives the R-Data, processes the data, and sends an R-Data Reject to the Serving MSC with an appropriate cause value. The Serving MSC either receives the R-Data Reject, or identifies that the MS did not respond to the SPACH Notification, and sends an smdpp RETURN RESULT to the teleservice server containing an SMS_CauseCode. The OTAF receives the smdpp return result, and sends an SMSREQ to the HLR to either obtain updated address information, or to set an OPF in the HLR for later delivery.

Parameters MSID ESN SMSNOTIND SMS_TID Usage MS's MIN. MS's ESN. Set to value 1, "Notify When Available". Specifies the teleservice identifier for the OPTS teleservice. Type R R R R

i.

j. k. l.

The HLR receives the SMSREQ, and sets an OPF. smsreq to the OTAF.

The HLR returns an empty and the HLR is

At some later time, the MS registers using normal procedures, supplied with SMS_ADDRESS information.

The HLR, through processing of the OPF, sends an SMSNOT to the OTAF. The procedure proceeds as per the scenario "Successful OPTS Download to an Available Mobile Station, 9.TT.1".

Voice Feature Scenarios

3-61

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6T SIGNALING PROTOCOLS - TDMA

This section applies only to TDMA portion of the OTA enhancements for OTASP and OTAPA. It provides modifications to TIA/EIA-41.5-D "Signaling Protocols".

6T.1

6T.1.1

OPERATIONS

General

6.4.1.2

Operation Specifiers (TIA/EIA-41.5-D, page 5-24) The following table lists the TIA/EIA-41 MAP Operation Specifiers. Table 8

Operation Name H RedirectionRequest ··· SMSRequest OTASPRequest Other Values Reserved Reserved for Protocol Extension 1 1 1 0 ··· 0 0 X 1 0 0 X 1 1 1 X 1 1 1 X 0 0 1 X 0 1 0 X 0 1 0 X 0 1 0 X 0 G 0 F 0 E 1

TIA/EIA-41 MAP Operation Specifiers (concluded)

Operation Specifier D 1 C 0 B 0 A 0 Decimal 24 ··· 55 56 ··· 224 ··· 1 1 1 255

through 1 1

6.4.2

Operation Definitions (TIA/EIA-41.5-D, page 5-27) The following table summarizes the operations defined for the TIA/EIA-41 MAP: Table 10 Summary of MAP Operations (concluded)

Reference 6.4.2.32 ··· 6.4.2.51 6.4.2.TT

Operation QualificationDirective ··· UnsolicitedResponse OTASPRequest

(6.4.2.CC)

Signaling Protocols

5-1

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6T.1.2

6.4.2.1

Modifications to Existing Operations

AuthenticationDirective

(TIA/EIA-41.5-D, page 5-29)

The AuthenticationDirective operation is used to request modification of an MS's authentication parameters. The AuthenticationDirective operation is initiated with a TCAP INVOKE (LAST). This is carried by a TCAP QUERY WITH PERMISSION package. The Parameter Set is encoded as follows: Table 11 AuthenticationDirective INVOKE Parameters

Timer: ADT Type M M Reference 6.3.2.1 6.3.2.1 Notes

AuthenticationDirective INVOKE Parameters Field Identifier Length Contents ElectronicSerialNumber MobileIdentificationNumber MSID AuthenticationAlgorithmVersion AuthenticationResponseReauthentication AuthenticationResponseUniqueChallenge CallHistoryCount DenyAccess LocationAreaID RandomVariableReauthentication RandomVariableSSD RandomVariableUniqueChallenge SenderIdentificationNumber ServiceIndicator SharedSecretData SignalingMessageEncryptionKey SSDNotShared UpdateCount VoicePrivacyMask M M O O O O O O O O O O O O O O O O Value SET [NATIONAL 18] variable octets

6.5.2.63 6.5.2.81 6.5.2.7 6.5.2.mT 6.5.2.12 6.5.2.18 6.5.2.54 6.5.2.77 6.5.2.uT 6.5.2.103 6.5.2.104 6.5.2.116 6.5.2.wB 6.5.2.119 6.5.2.120 6.5.2.141 6.5.2.163 6.5.2.166 a j b c d e j f b g l c k h i k

Notes: a. b. c. d. May be included if SharedSecretData parameter is included. Include if the MSC-V shall initiate a Unique Challenge to the MS. Include if the SystemCapabilities include CAVE Execution and AC administration policies allow distribution of the SSD. Include if release of system resources allocated for this access may be initiated by the MSC. This may include disconnection of any call in progress.

TDMA-OTA

5-2

Signaling Protocols

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

e. f. g. h. i. j. k. l.

May be included from VLR to MSC-V. Usage from the HLR or AC is not defined. Include if the MSC-V shall initiate an SSD update to the MS. Include to identify the functional entity sending this message. Include if the SSD at the VLR shall be discarded. Include if the MSC-V shall initiate a COUNT Update to the MS. Include if the MSC-V shall initiate Reauthentication of the MS. Include to transport Encryption Parameters to the MSC-V. Include May be included for TDMA OTASP.

Signaling Protocols

5-3

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6.4.2.5

AuthenticationStatusReport

(TIA/EIA-41.5-D, page 5-36)

The AuthenticationStatusReport operation is used to report on the outcome of an authentication operation initiated by the AC or VLR if SSD is shared. The AuthenticationStatusReport operation is initiated with a TCAP INVOKE (LAST). This is carried by a TCAP QUERY WITH PERMISSION package. The Parameter Set is encoded as follows: Table 19 AuthenticationStatusReport INVOKE Parameters

Timer: ASRT Type M M Reference 6.3.2.1 6.3.2.1 Notes

AuthenticationStatusReport INVOKE Parameters Field Identifier Length Contents ElectronicSerialNumber MobileIdentificationNumber MSID SystemCapabilities (Serving) CountUpdateReport ReauthenticationReport SenderIdentificationNumber ServiceIndicator SignalingMessageEncryptionReport SSDUpdateReport UniqueChallengeReport VoicePrivacyReport M M M O O O O O O O O Value SET [NATIONAL 18] variable octets

6.5.2.63 6.5.2.81 6.5.2.146 6.5.2.52 6.5.2.vT 6.5.2.116 6.5.2.wB 6.5.2.xB 6.5.2.142 6.5.2.162 6.5.2.zB a e b h f c d g

Notes: a. b. c. d. e. f. g. h. Include if report related to COUNT Update. Include to identify the functional entity sending the message. Include if report related to SSD Update. Include if report related to Unique Challenge. Include if report related to Reauthentication. Include if report related to Signaling Message Encryption. Include if report related to Voice Privacy. Include for TDMA OTASP.

TDMA-OTA

5-4

Signaling Protocols

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6.4.2.30

OriginationRequest(TIA/EIA-41.5-D, page 5-81) The OriginationRequest operation is used to request call origination treatment on behalf of a registered MS. It is also used in OTASP, where it is initiated in the MSC and sent to the OTAF resulting from an MS OTASP origination being received by the MSC. This OTASP origination may be initiated from either an unprogrammed or preprogrammed MS. The OriginationRequest operation is initiated with a TCAP INVOKE (LAST). This is carried by a TCAP QUERY WITH PERMISSION package. The Parameter Set is encoded as follows: Table 68 OriginationRequest INVOKE Parameters

Timer: ORT Type M M Reference 6.3.2.1 6.3.2.1 Notes

OriginationRequest INVOKE Parameters Field Identifier Length Contents BillingID (originating) Digits (Dialed) ElectronicSerialNumber MobileIdentificationNumber MSID MSCID (Originating MSC) OriginationTriggers TransactionCapability CallingPartyNumberDigits1 CallingPartyNumberDigits2 CallingPartySubaddress MobileDirectoryNumber MSCIdentificationNumber OneTimeFeatureIndicator PC_SSN (Originating MSC) SenderIdentificationNumber SMS_Address SystemCapabilities M M M M M M M O O O O O O O O O O Value SET [NATIONAL 18] variable octets

6.5.2.16 6.5.2.58 6.5.2.63 6.5.2.81 6.5.2.82 6.5.2.90 6.5.2.160 6.5.2.21 6.5.2.22 6.5.2.25 6.5.2.80 6.5.2.83 6.5.2.88 6.5.2.93 6.5.2.116 6.5.2.123 6.5.2.146 a a a b c d e f g h

Notes: a. b. c. d. e. f. Include if applicable. Include if available for recording purposes (see DMH). Include to identify the MSC initiating the message. Include if any OneTimeFeatureIndicator status bits are set (i.e., have value of 1). Include if SS7 may be used for subsequent call redirection. Include to identify intermediate message sender if different from the MSCIdentificationNumber.

Signaling Protocols

5-5

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

g. h.

Include if routing of teleservice message is applicable. Include if the system is capable of authentication, voice privacy and signaling message encryption.

TDMA-OTA

5-6

Signaling Protocols

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6.4.2.37

RegistrationNotification

(TIA/EIA-41.5-D, page 5-94)

The RegistrationNotification operation is used to report the location of an MS and, optionally, to (a) validate the MS or (b) validate the MS and obtain its profile information. It is also used for delivering the Serving MSC's routing address to the Desired OTAF in support of OTASP. The RegistrationNotification operation is initiated with a TCAP INVOKE (LAST). This is carried by a TCAP QUERY WITH PERMISSION package. The Parameter Set is encoded as follows: Table 82 RegistrationNotification INVOKE Parameters

Timer: RNT Type M M Reference 6.3.2.1 6.3.2.1 Notes

RegistrationNotification INVOKE Parameters Field Identifier Length Contents ElectronicSerialNumber MobileIdentificationNumber MSID MSCID (Serving MSC) QualificationInformationCode SystemMyTypeCode (Serving MSC or VLR) AvailabilityType BorderCellAccess ControlChannelData ExtendedMSCID (VLR) LocationAreaID PC_SSN (Serving MSC or VLR) ReceivedSignalQuality ReportType SenderIdentificationNumber SMS_Address SMS_MessageWaitingIndicator SystemAccessData SystemAccessType SystemCapabilities TerminalType TransactionCapability M M M M M O O O O O O O O O O O O O O O O Value SET [NATIONAL 18] variable octets

6.5.2.63 6.5.2.81 6.5.2.82 6.5.2.99 6.5.2.147 6.5.2.15 6.5.2.17 6.5.2.51 6.5.2.64 6.5.2.77 6.5.2.93 6.5.2.106 6.5.2.112 6.5.2.116 6.5.2.123 6.5.2.129 6.5.2.144 6.5.2.145 6.5.2.146 6.5.2.154 6.5.2.160 a b b c d e b f g h i b j k j j

Notes: a. b. c. Include when MS is predictably unavailable for Call Delivery (e.g., slotted mode or sleep mode). Include if access occurred in a border cell (based on internal algorithms). Included by VLR if its MSCID is different than the MSC's MSCID.

Signaling Protocols

5-7

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

d. e. f.

May be included from MSC to VLR. Include to override lower layer addressing. Include if authentication parameters were requested by the Serving MSC (AUTH=1 in the Overhead Message Train) but were not received from the MS for the system access. Include to identify message sender. Include to indicate that the Serving MSC supports Short Message Service teleservice message delivery (e.g., CMT, OATS, etc). Include if the MS was previously registered with this VLR, the MS is registering to a new serving MSC that does not support SMS, and an SMS message is pending delivery in the previous serving system. This is only used between a VLR and an HLR. Include on IS-41-C and later. Include if the system is authentication capable (including voice channel authentication only systems where all flags are zero).

g. h. i.

j. k.

TDMA-OTA

5-8

Signaling Protocols

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6.4.2.44

SMSNotification(TIA/EIA-41.5-D, page 5-108) The SMSNotification operation is used to report a change in an MS's ability to receive SMS messages based on the location or status of the MS. This message, at a minimum, is used to report the accessibility of an MS following a postponed SMSRequest or SMSDeliveryPointToPoint. This message may also be used to revoke delivery permission previously granted with either an SMSRequest or an SMSNotification. The SMSNotification operation is initiated with a TCAP INVOKE (LAST). This is carried by a TCAP QUERY WITH PERMISSION package. The Parameter Set is encoded as follows: Table 96 SMSNotification INVOKE Parameters

Timer: SNT Type M M Reference 6.3.2.1 6.3.2.1 Notes

SMSNotification INVOKE Parameters Field Identifier Length Contents ElectronicSerialNumber MobileIdentificationNumber MSID SMS_AccessDeniedReason SMS_Address SMS_TeleserviceIdentifier M M O O O 6.5.2.63 6.5.2.81 Value SET [NATIONAL 18] variable octets

6.5.2.122 6.5.2.123 6.5.2.137

a a, b c

Notes: a. b. c. These parameters are mutually exclusive; however, one must be present. Included to indicate the temporary routing address of an MS-based SME. Include if the notification is issued by the HLR independent of a postponed (previous) SMSRequest to initiate a SMS teleservice on an MS.

The SMSNotification operation success is reported with a TCAP RETURN RESULT (LAST). This is carried by a TCAP RESPONSE package. The Parameter Set is encoded as follows: Table 97 SMSNotification RETURN RESULT Parameters

SMSNotification RETURN RESULT Parameters Field Identifier Length Contents Value SET [NATIONAL 18] zero octets Type M M Reference 6.3.2.2 6.3.2.2 Notes

Signaling Protocols

5-9

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6.4.2.45

SMSRequest(TIA/EIA-41.5-D, page 5-109) The SMSRequest operation is used to request an MS's current SMS routing address with a default to request notification when the MS becomes available if the MS is not currently available. The SMSRequest operation is initiated with a TCAP INVOKE (LAST). This is carried by a TCAP QUERY WITH PERMISSION package. The Parameter Set is encoded as follows: Table 98 SMSRequest INVOKE Parameters

Timer: SRT Value SET [NATIONAL 18] variable octets Type M M Reference 6.3.2.1 6.3.2.1 Notes

SMSRequest INVOKE Parameters Field Identifier Length Contents MobileIdentificationNumber MSID ElectronicSerialNumber SMS_NotificationIndicator SMS_TeleserviceIdentifier M O O O 6.5.2.81

6.5.2.63 6.5.2.130 6.5.2.137

a b c

Notes: a. b. c. Include if known. Include to specify notification requirements. If not included, implies notification shall be sent when MS becomes available (default). Include if applicable. Include to identify the teleservice for which the request is being made. [Editor's note: This parm is already present in TIA/EIA-41 whereas this was introduced in IS-725 Rev 0]

TDMA-OTA

5-10

Signaling Protocols

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

The SMSRequest operation success is reported with a TCAP RETURN RESULT (LAST). This is carried by a TCAP RESPONSE package. The Parameter Set is encoded as follows: Table 99 SMSRequest RETURN RESULT Parameters

SMSRequest RETURN RESULT Parameters Field Identifier Length Contents ElectronicSerialNumber SMS_AccessDeniedReason SMS_Address SMS_CauseCode O O O O 6.5.2.63 6.5.2.122 6.5.2.123 6.5.2.125 a b, c c, d e Value SET [NATIONAL 18] variable octets Type M M Reference 6.3.2.2 6.3.2.2 Notes

Notes: a. b. c. d. e. Include if not received in SMSRequest INVOKE and SMS delivery is allowed. Include if delivery of SMS messages is denied or deferred. These parameters are mutually exclusive. Include if routing of SMS messages is applicable. Include to specify the failure cause for this request (e.g, if a request is sent to an HLR or MSC that does not support the specified teleservice).

Signaling Protocols

5-11

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6T.1.3

6.4.2.TT

New Operations

OTASPRequest The OTASPRequest (OTASPREQ) operation is used by the OTAF to request the initiation of certain AC procedures (such as A-key Generation, SSD Update and Commit or Release a temporary A-key, etc), and to also return certain parameters. The OTASPRequest operation is initiated with a TCAP INVOKE (LAST). This is carried by a TCAP QUERY WITH PERMISSION package. The Parameter Set is encoded as follows: Table 6.4.2.TTxOTASPRequest INVOKE Parameters

OTASPRequest INVOKE Parameters Field Identifier Length Contents ActionCode AKeyProtocolVersion ElectronicSerialNumber MobileIdentificationNumber MSID MobileStationPartialKey MSCID (Serving MSC) NewlyAssignedMIN NewlyAssignedMSID PC_SSN ServiceIndicator O O O O O O O O O 6.5.2.2 6.5.2.lB 6.5.2.63 6.5.2.81 6.5.2.pB 6.5.2.82 6.5.2.rB 6.5.2.93 6.5.2.wB a b c c, d e f g f h Value SET [NATIONAL 18] variable octets Type M M Timer: OTARTt Reference 6.4.1.2 6.4.1.1 Notes

Notes: a. b. c. d. e. f. Include to specify what action is to be performed as a result of this operation. Include to specify the A-key protocol version supported if the action code indicates an A-key operation. Include. The MIN MSID parameter contains either the MS generated Activation_MIN, or the MS's real MIN or IMSI, as applicable. Include if the MS partial key is being supplied to the AC. Include to specify the address of the MSC if the initiation of an AC procedure (as specified by the ACTCODE) is being requested. For MSCIDs, the HLR may translate the MSCID into the appropriate (SS7, X.25, etc) address variant. In the case where one VLR serves multiple MSCs, the HLR will include this address in the message being forwarded toward the MSC (from the AC). The HLR will use this address to route to the VLR. The VLR will use this address to route to the appropriate MSC. The VLR need not include this address in the message to the MSC.

TDMA-OTA

5-12

Signaling Protocols

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

g h.

Include to specify the MIN MSID that will be assigned to the MS, as a result of this OTASP session, if the MIN parameter contains an activation MIN. Include to identify TDMA OTASP service.

The OTASPRequest operation success is reported with a TCAP RETURN RESULT (LAST). This is carried by a TCAP RESPONSE package. The Parameter Set is encoded as follows: Table 6.4.2.TTyOTASPRequest RETURN RESULT Parameters

OTASPRequest RETURN RESULT Parameters Field Identifier Length Contents AKeyProtocolVersion BaseStationPartialKey ModulusValue OTASP_ResultCode PrimitiveValue SignalingMessageEncryptionReport SSDUpdateReport UniqueChallengeReport VoicePrivacyReport O O O O O O O O O 6.5.2.lB 6.5.2.nB 6.5.2.qB 6.5.2.sB 6.5.2.tB 6.5.2.xB 6.5.2.142 6.5.2.162 6.5.2.zB a d d b d c c c c Value SET [NATIONAL 18] variable octets Type M M Reference 6.4.1.2 6.4.1.1 Notes

Notes: a. b. c. d. Included to specify which authentication key protocol version and revisions were used in the generation of public encryption values. Include if the OTASP result code is known. Include to convey the values received by the AC in the AuthenticationStatusReport INVOKE during the SSD update and re-authentication procedures.. Include if the public encryption values are known.

Signaling Protocols

5-13

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6T.2

6T.2.1

Parameters

GENERAL

6.5.1.2

Parameter Identifiers (TIA/EIA-41.5-D, page 5-119)

NOTE SEE SECTION 6C.2.1 FOR THE LIST OF PARAMETER IDENTIFIERS.

Table TTT A-key Generation Parameter Names - TIA/EIA-41

and TDMA

TIA/EIA-41 Parameter Name

TDMA Information Element

ModulusValue (MODVAL) Public Key Value PrimitiveValue (PRIMVAL) Primitive MobileStationPartialKey (MSKEY) MS Encryption Value BaseStationPartialKey (BSKEY) Network Secret Key Value AKeyProtocolVersion (AKEYPV) A-key Transfer Protocol Version

6T.2.2

Modifications to Existing Parameters

Existing parameters that are common to CDMA and TDMA portions of the OTA enhancements for OTASP and OTAPA are shown in the following table. These parameters are defined in Section 6c.2.2 in the CDMA portion of this Interim Standard. Table 6T.2.2

Parameter Name ActionCode MobileIdentificationNumber SMS_AccessDeniedReason SMS_CauseCode SMS_TerminationRestrictions SystemAccessType

Existing Parameters Common to CDMA & TDMA

Reference § 6.5.2.2 (TIA/EIA-41.5-D, p 5129) § 6.5.2.81 (TIA/EIA-41.5-D, p 5213) § 6.5.2.122 (TIA/EIA-41.5-D, p 5-256) § 6.5.2.125 (TIA/EIA-41.5-D, p 5-262) § 6.5.2.138 (TIA/EIA-41.5-D, p 5-285) § 6.5.2.145 (TIA/EIA-41.5-D, p 5-296)

TDMA-OTA

5-14

Signaling Protocols

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

TransactionCapability

§ 6.5.2.160 (TIA/EIA-41.5-D, p 5-315)

Existing parameters that have been modified uniquely for TDMA are defined below.

NOTE None Identified in this category.

6.5.2.137 SMS_TeleserviceIdentifier

(TIA/EIA-41.5-D, page 5-283)

The SMS_TeleserviceIdentifier parameter indicates the teleservice for which the SMS message applies.

Field Identifier Length Contents H MSB G F E D C B A octet 1 LSB 2 Notes Value SMS_TeleserviceIdentifier IMPLICIT OCTET STRING variable octets Type M M Reference 6.5.1.2 6.5.1.1 Notes

SMS Teleservice Identifier ···

n

a

Figure 154 SMS_TeleserviceIdentifier parameter Notes: a. Ignore extra octets, if received. Send only defined (or significant) octets.

Signaling Protocols

5-15

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Table 175 SMS_Teleservice Identifier values SMS Teleservice Identifier (octets 1 and 2)

0 1 2 through 4095 4096 4097 4098 4099 4100 through 32512 32513 32514 32515 32516 32517 Not used. Reserved for maintenance.

Reserved for assignment by TIA/EIA-41.

AMPS Extended Protocol Enhanced Services [AMPS]. CDMA Cellular Paging Teleservice [CDMA]. CDMA Cellular Messaging Teleservice [CDMA]. CDMA Voice Mail Notification [CDMA].

Reserved for assignment by TIA/EIA-41.

TDMA Cellular Messaging Teleservice [TDMA]. TDMA Cellular Paging Teleservice (CPT-136) [TDMA]. TDMA Over-the-Air Activation Teleservice (OATS) [TDMA]. TDMA Over-the-Air Programming Teleservice (OPTS) [TDMA]. TDMA General UDP Transport Service (GUTS) [TDMA]. Reserved for assignment by this Standard for TDMA MS-based SMEs.

32514 32518 through 32639 32575 32576 32577 32578 32579 32580 32581

Reserved. TDMA Segmented Cellular Messaging Teleservice.. [TDMA]. TDMA Segmented Cellular Paging Teleservice. [TDMA]. TDMA Segmented Over-the-Air Activation Teleservice (OATS). [TDMA]. TDMA Segmented Over-the-Air Programming Teleservice (OPTS). [TDMA]. TDMA Segmented General UDP Transport Service (GUTS). [TDMA].

TDMA-OTA

5-16

Signaling Protocols

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Table 175 SMS_Teleservice Identifier values (Concluded)

32582 through 32639 32640 through 32767 32703 Reserved for assignment by this Standard for Segmented teleservices for TDMA MS-based SMEs. Reserved for carrier specific teleservices for TDMA MS-based SMEs. These teleservices may be assigned by carriers. No mechanism is defined for resolving conflicts between individual carriers. Originating supplementary services may be supported only with bilateral agreements. Reserved for segmented carrier specific teleservices for TDMA MS-based SMEs. These teleservices may be assigned by carriers. No mechanism is defined for resolving conflicts between individual carriers. Originating supplementary services may be supported only with bilateral agreements.

32704 through 32767

32768 through 49151

Reserved for node specific teleservices. These teleservices may be assigned freely by any node operator. Use of these identifiers must be negotiated between the message originator and destination. Only supplementary services not requiring teleservice parameters may be supported. Reserved for carrier specific teleservices. These teleservices may be assigned by carriers. No mechanism is defined for resolving conflicts between individual carriers. Originating supplementary services may be supported only with bilateral agreements.

49152 through 65535

Signaling Protocols

5-17

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6T.2.3

New Parameters

New parameters that are common to CDMA and TDMA OTASP are shown in the following table. These parameters are defined in Section 6c.2.3 in the CDMA OTASP portion of this Interim Standard. Table 6T.2.3a New Parameters Common to CDMA & TDMA OTASP

Parameter Name AKeyProtocolVersion BaseStationPartialKey MobileStationPartialKey ModulusValue NewlyAssignedMIN OTASPResultCode PrimitiveValue ServiceIndicator SignalingMessageEncryptionRepor t VoicePrivacyReport NewlyAssignedIMSI NewlyAssignedMSID Reference § 6.5.2.lB § 6.5.2.nB § 6.5.2.pB § 6.5.2.qB § 6.5.2.rB § 6.5.2.sB § 6.5.2.tB § 6.5.2.wB § 6.5.2.xB § 6.5.2.zB § 6.5.2.acB § 6.5.2.aeB

New parameters that are unique to TDMA OTASP are defined below. Table 6T.2.3b Existing Parameters unique

Parameter Name AuthenticationResponseReauthenticati on RandomVariableReauthentication ReauthenticationReport Reference § 6.5.2.mT § 6.5.2.uT § 6.5.2.vT

to TDMA

TDMA-OTA

5-18

Signaling Protocols

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6.5.2.mT AuthenticationResponseReauthentication The AuthenticationResponseReauthentication (AUTHRA) parameter contains the 18-bit authentication response generated by an MS for reauthentication. It is computed by the Auth_Signature procedure using the SSD of the MS and a RandomVariableReauthentication (RANDRA) chosen by the AC.

Field Identifier Value AuthenticationResponseReauthentication IMPLICIT OCTET STRING 3 octets Type M Reference 6.5.1.2 Notes

Length Contents H G

M

6.5.1.1

F

E Reserved

D

C

B MSB

A

octet 1 2

Notes a

Authentication Response Reauthentication LSB

3

Figure mT AuthenticationResponseReauthentication parameter Notes: a. Reserved bits shall be ignored on receipt and set to zero on sending.

Signaling Protocols

5-19

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6.5.2.uT

RandomVariableReauthentication The RandomVariableReauthentication (RANDRA) parameter contains the 32-bit random number that is used as input to the Auth_Signature algorithm for MS Reauthentication. The random number is chosen by the AC.

Field Identifier Value RandomVariableReauthenticatio n IMPLICIT OCTET STRING 4 octets Type M Reference 6.5.1.2 Notes

Length Contents H MSB G

M

6.5.1.1

F

E

D

C

B

A

octet 1

Notes

Random Variable Reauthentication

2 3 LSB 4

Figure uT RandomVariableReauthentication parameter

TDMA-OTA

5-20

Signaling Protocols

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6.5.2.vT

ReauthenticationReport The ReauthenticationReport (RARPT) parameter indicates the outcome of the Reauthentication procedure initiated by the AC.

Field Identifier Length Contents H G F E D C B A octet 1 Notes Value ReauthenticationReport IMPLICIT OCTET STRING 1 octet Type M M Reference 6.5.1.2 6.5.1.1 Notes

Reauthentication Report

Figure vT ReauthenticationReport parameter Table vT Reauthentication Report (octet 1)

Bits H G F E D C B A 0 0 0 0 0 0 1 1 1 0 0 0 0 0 0 0 0 0 0 0 0 ··· 1 0 1 1 1 1 0 0 ··· 1 1 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 1 0 1 0 0 1 1 0 0 0 1 0 1 0 1 Value 0 1 2 3 4 5 through 223 224 É through 255 Meaning Not used. Reauthentication not attempted. Reauthentication no response. Reauthentication successful. Reauthentication failed. Reserved. Treat the same Reauthentication not attempted. as value 1,

ReauthenticationReport value

1 1 0 0 1 1

Reserved for IS-41 protocol extension. If unknown, treat the same as value 1, Reauthentication not attempted.

Signaling Protocols

5-21

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

7T SIGNALING PROCEDURES - TDMA

This section applies only to TDMA portion of the OTA enhancements for OTASP and OTAPA. It provides modifications to TIA/EIA-41.6-D "Signaling Procedures".

3.2

3.2.3

ORIGINATION CALL TASKS

MSC Analyze MS Dialed Number (TIA/EIA-41.6-D, page 6-15)

Upon demand the Anchor MSC shall do the following: 1 1-1 2 2-1 3 3-1 4 5 5-1 5-1-1 5-a 5-a-1 5-a-2 5-a-3 5-a-4 5-2 5-2-1 5-3 5-3-1 5-4 6 IF flash privileges are suspended (by the in the OneTimeFeatureIndicator parameter e.g., Call Transfer, Call Waiting, Three-Way Calling): Include the TransactionCapability parameter with the number of multiple terminations set to 0. ELSEIF Call Transfer, Three-Way Calling or similar feature is being invoked: Include the TransactionCapability parameter with the number of multiple terminations set to 1. ELSE: Include the TransactionCapability parameter with the number of multiple terminations set appropriately. ENDIF. IF the MS dialed a locally allowed number (e.g., 9-1-1, *-9-1-1, N11, *N11, OTASP Feature Code): IF the MS dialed number is only routed locally, for instance, for numbers used for access to local emergency service providers: Process the dialed number locally routing the PreferredLanguageIndicator to set the PointOfReturn. call with the

ELSEIF the MS dialed the OTASP Feature Code and the MSC determines an OriginationRequest needs to be issued to the OTAF: Include the OriginationTriggers parameter set to Star or Pound. Include the SMS_Address parameter set to the MSC's SMS Address. Include the SystemCapability parameter. Execute the "MSC Initiating an Origination Request" task (see 4.31.1) to set the PointOfReturn. ELSEIF the OriginationTriggers matches the *, # or the count of the dialed number digits: Execute the "MSC Initiating an Origination Request" task (see 4.31.1) to set the PointOfReturn. ELSE: Process the dialed Service Code locally routing the call with the PreferredLanguageIndicator to set the PointOfReturn. ENDIF. ELSEIF the OriginationTriggers All trigger is on:

Signaling Procedures

6-1

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

6-1 6-2 6-2-1 6-2-1-1 6-2-2 6-3 7 7-1 7-1-1 7-1-1-1 7-1-1-2

Execute the "MSC Initiating an Origination Request" task (see 4.31.1) to set the PointOfReturn. IF a Digits (Dialed) parameter is received: IF the type of the Digits is . Process the dialed number locally to set the PointOfReturn. ENDIF. ENDIF. ELSEIF the first digit was a star (`*') digit: IF the second digit was a star (`*') digit: IF the OriginationTriggers is set for double star codes: Execute the "MSC Initiating an Origination Request" task (see 4.31.1) to set the PointOfReturn. IF a Digits (Dialed) parameter is received: IF the type of the Digits is : Process the dialed number as a local feature code to set the PointOfReturn. ENDIF. ENDIF. ELSE: Process the dialed number as a local feature code or local service code to set the PointOfReturn. ENDIF. ELSE (only a single star was dialed): IF the OriginationTriggers is set for single star codes: Execute the "MSC Initiating an Origination Request" task (see 4.31.1) to set the PointOfReturn. ELSE: Execute a "MSC Detecting Feature Request" (see 4.14.1) to set the PointOfReturn. ENDIF. IF a Digits (Dialed) parameter is received: IF the type of the Digits is . Process the dialed number as a local feature code to set the PointOfReturn. ENDIF. ENDIF. ENDIF. ELSEIF the first digit was a pound (`#') digit: IF the second digit was a pound (`#') digit: IF the OriginationTriggers is set for double pound codes: Execute the "MSC Initiating an Origination Request" task (see 4.31.1) to set the PointOfReturn. IF a Digits (Dialed) parameter is received: IF the type of the Digits is :

7-1-1-2-1 7-1-1-2-1-1 7-1-1-2-2 7-1-1-3 7-1-2 7-1-2-1 7-1-3 7-2 7-2-1 7-2-1-1 7-2-2 7-2-2-1 7-2-3 7-2-4 7-2-4-1 7-2-4-1-1 7-2-4-2 7-2-5 7-3 8 8-1 8-1-1 8-1-1-1 8-1-1-2 8-1-1-2-1

TDMA-OTA

6-2

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

8-1-1-2-1-1 8-1-1-2-2 8-1-1-3 8-1-2 8-1-2-1 8-1-3 8-2 8-2-1 8-2-1-1 8-2-1-2 8-2-1-2-1 8-2-1-2-1-1 8-2-1-2-2 8-2-1-3 8-2-2 8-2-2-1 8-2-3 8-3 9

Process the dialed number as a local feature code to set the PointOfReturn. ENDIF. ENDIF. ELSE (the double pound trigger is not set): Process the dialed number as a local feature code to set the PointOfReturn. ENDIF.

ELSE (only a single pound was dialed): IF the OriginationTriggers is set for single pound codes: Execute the "MSC Initiating an Origination Request" task (see 4.31.1) to set the PointOfReturn. IF a Digits (Dialed) parameter is received: IF the type of the Digits is . Process the dialed number as a local feature code to set the PointOfReturn. ENDIF. ENDIF. ELSE (the pound trigger is not set): Process the dialed number as a local feature code to set the PointOfReturn. ENDIF. ENDIF. ELSEIF the OriginationTriggers Revertive Call trigger is on AND the dialed number is the MS's mobile directory number (or MIN if the mobile directory number is not available): Execute the "MSC Initiating an Origination Request" task (see 4.31.1) to set the PointOfReturn. IF a Digits (Dialed) parameter is received: IF the type of the Digits is . Process the dialed number locally to set the PointOfReturn. ENDIF. ENDIF.

9-1 9-2 9-2-1 9-2-1-1 9-2-2 9-3

10 ELSEIF any of OriginationTriggers Count triggers are on AND the number of digits dialed equals the corresponding count trigger: 10-1 10-2 10-2-1 10-2-1-1 10-2-2 10-3 ENDIF. Execute the "MSC Initiating an Origination Request" task (see 4.31.1) to set the PointOfReturn. IF a Digits (Dialed) parameter is received: IF the type of the Digits is . Process the dialed number locally to set the PointOfReturn. ENDIF.

11 ELSEIF any of OriginationTriggers Local, , , , , or , triggers are on AND the call type matches the corresponding trigger:

Signaling Procedures

6-3

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

11-1 11-2 11-2-1

Execute the "MSC Initiating an Origination Request" task (see 4.31.1) to set the PointOfReturn. IF a Digits (Dialed) parameter is received: IF the type of the Digits is : Process the dialed number locally to set the PointOfReturn. ENDIF. ENDIF.

11-2-1-1 11-2-2 11-3

12 ELSEIF the any unknown OriginationTriggers are on (e.g., reserved bits set to 1 or extra octets with any bit set to 1): 12-1 12-2 12-2-1 12-2-1-1 12-2-2 12-3 13-1 ENDIF. Execute the "MSC SPINI Originating Call Invocation" task (see 5.21.3) to set the PointOfReturn. Execute the "MSC Initiating an Origination Request" task (see 4.31.1) to set the PointOfReturn. IF a Digits (Dialed) parameter is received: IF the type of the Digits is : Process the dialed number locally to set the PointOfReturn. ENDIF.

13 ELSEIF the call type matches an active trigger in the SPINITriggers parameter:

14 ELSEIF the any unknown SPINITriggers are on (e.g., reserved bits set to 1 or extra octets with any bit set to 1): 14-1 Execute the "MSC SPINI Originating Call Invocation" task (see 5.21.3) to set the PointOfReturn.

15 ELSEIF the MS is permitted to dial only a specific 10-digit number in the service profile (i.e., the MS has hot line activated): 15-1 15-2 16-1 16-2 Set the dialed number to the 10-digit number in the service profile. Set the PointOfReturn to Directory Number. Execute "Apply Access Denial Treatment" task (see 3.4.5). Exit this task._

16 ELSEIF the MS is restricted from originating any call:

17 ELSEIF the subscriber shall be authorized on a per call basis OR IF authorization is due: 17-1 17-2 17-2-1 17-2-2 17-3 18-1 18 ELSE: GOTO AuthorizedSubscriberOrigination. 19 ENDIF. AuthorizedSubscriberOrigination: 20 IF the call is on hold and PointOfReturn is ToneTermination: 20-1 Reconnect the current call. Execute the "MSC Initiating a Qualification Request" task (see 4.33.1). IF the call is not authorized (AuthorizationDenied or OriginationIndicator is Origination denied): Execute "Apply Access Denial Treatment" task (see 3.4.5). Exit this task. ENDIF.

TDMA-OTA

6-4

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

21 ENDIF. 22 IF the AnnouncementList parameter is received: 22-1 Execute the "Play All Announcements in the AnnouncementList" task (see 3.2.5). 23 ENDIF. 24 IF the dialed or destination number is a potential mobile directory number: 24-1 24-2 Include TerminationAccessType parameter set to indicate . Execute the "MSC Initiating a Location Request" task (see 4.28.1) to set the PointOfReturn. Set the PointOfReturn to PSTNTermination.

25 ELSE: 25-1 26 ENDIF. 27 IF the AnnouncementList parameter is received: 27-1 Execute the "Play All Announcements in the AnnouncementList" task (see 3.2.5). 28 ENDIF. 29 Execute the "MSC Routing Points of Return" task (see 3.2.6) to process the PointOfReturn. 30 Return to the calling task.

Signaling Procedures

6-5

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.1

4.1.1

AUTHENTICATION DIRECTIVE

AC Initiation of an Authentication Directive

(TIA/EIA-41.6-D, page 6-42)

When an AC determines that the authentication parameters associated with an MS must be changed, it shall start the authentication directive process. For example, the authentication parameters may be changed due to AC administrative procedures, when an authentication abnormality is detected, upon request from an OTAF during OTASP, or periodically. The AC shall perform the following: 1 2 a a-1 Include the ElectronicSerialNumber parameter set to identify the MS. Include the MobileIdentificationNumber MSID parameter set to identify the MS. IF a Re-authentication shall be initiated: Select a RandomVariableReauthentication (RANDRA) and execute the Authentication Signature Procedure using the value of the MS's SharedSecretData (SSD) recorded in the AC's database to produce an AuthenticationResponseReauthentication (AUTHRA). Include the RandomVariableReauthentication (RANDRA) AuthenticationResponseReauthentication (AUTHRA) parameters. Mark the MS pending re-authentication. GOTO SendAuthdirAndWaitForResponse. ENDIF. IF SharedSecretData (SSD) presently shared with the VLR shall be discarded: Include the SSDNotShared (NOSSD) parameter. ENDIF. IF an SSD update shall be initiated: Select a RandomVariableSSD (RANDSSD) and execute CAVE using the value of the MS's A-key recorded in the AC's database to produce a pending SSD. Include the RandomVariableSSD (RANDSSD) parameter. Mark the MS pending SSD update. IF AC administrative procedures indicate that the pending SSD shall be shared with the VLR for the SSD update operation: IF the VLR's SystemCapabilities (SYSCAP) indicates that the VLR is able to execute the algorithm: Include the SharedSecretData (SSD) parameter set to the pending SSD value. IF the AuthenticationAlgorithmVersion (AAV) parameter for this MS is different than the default value: Include the AuthenticationAlgorithmVersion (AAV) parameter. ENDIF. ENDIF. ELSE (the SharedSecretData (SSD) is not to be shared): and

a-2 a-3 a-4 b 3 3-1 4 5 5-1 5-2 5-3 5-4 5-4-1 5-4-1-1 5-4-1-2

5-4-1-2-1 5-4-1-3 5-4-2 5-5

TDMA-OTA

6-6

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

5-5-1

Select a RandomVariableUniqueChallenge (RANDU) and execute CAVE using the value of the pending SSD to produce an AuthenticationResponseUniqueChallenge (AUTHU). Include the RandomVariableUniqueChallenge (RANDU) AuthenticationResponseUniqueChallenge (AUTHU) parameters. Mark the MS pending Unique Challenge. ENDIF. and

5-5-2 5-5-3 5-6 6 6-1 6-1-1 6-1-1-1 6-1-1-2 6-1-1-2-1 6-1-1-3 6-1-2 6-2 6-3 6-3-1

ELSE (SSD update not initiated): IF the SharedSecretData (SSD) shall be shared with the VLR: IF the VLR's SystemCapabilities (SYSCAP) indicates the VLR is capable of executing the algorithm: Include the SharedSecretData (SSD) and CallHistoryCount (COUNT) parameters. IF the AuthenticationAlgorithmVersion (AAV) parameter for this MS is different than the default value. Include the AuthenticationAlgorithmVersion (AAV) parameter. ENDIF. ENDIF. ENDIF. IF a Unique Challenge shall be initiated: Select a RandomVariableUniqueChallenge (RANDU) and execute CAVE using the value of the MS's SharedSecretData (SSD) recorded in the AC's database to produce an AuthenticationResponseUniqueChallenge (AUTHU). Include the RandomVariableUniqueChallenge (RANDU) AuthenticationResponseUniqueChallenge (AUTHU) parameters. Mark the MS pending Unique Challenge. ENDIF. ENDIF. IF a COUNT update shall be initiated: Include the UpdateCount (UPDCOUNT) parameter. Mark the MS pending COUNT update. ENDIF. and

6-3-2 6-3-3 6-4 7 8 8-1 8-2 9

SendAuthdirAndWaitForResponse: 10 Send an AuthenticationDirective INVOKE to the HLR associated with the MS. 11 Start the Authentication Directive Timer (ADT). 12 WAIT for an Authentication Directive response: 13 WHEN a RETURN RESULT is received: 13-1 13-2 13-2-1 13-2-1-1 13-2-2 13-2-3 Stop timer (ADT). IF the message can be processed: IF the CallHistoryCount (COUNT) parameter is received: Store the received CallHistoryCount (COUNT) value. ENDIF. IF the MS is marked pending SSD update, OR IF the MS is marked pending Unique Challenge, OR IF the MS is marked pending COUNT updateOR if the MS is marked pending re-authentication.:

Signaling Procedures

6-7

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

13-2-3-1 13-2-4 13-2-5 13-3 13-3-1 13-3-1-1 13-3-1-1-1 13-3-1-2 13-3-2 13-3-3 13-3-4 13-3-5 13-4 14-1 14-2 14-2-1 14-2-1-1 14-2-2 14-3 14-4 14-5 14-6 15-1 15-1-1 15-1-1-1 15-1-2 15-2 15-3 15-4 15-5 ENDIF. ENDIF.

Execute the "AC Awaiting AuthenticationStatusReport INVOKE" task (see 4.5.4). ENDIF. Exit this task.

ELSE (the message cannot be processed): IF the MS is marked pending SSD update: IF the MS's pending SSD is stored in the AC's database: Remove the pending SSD from the AC's database. ENDIF. ENDIF. Clear all the MS's pending operation flags. Execute the "Local Recovery Procedures" task (see 3.5.1). Return to the invoking process. ENDIF. Stop timer (ADT). IF the MS is marked pending SSD update: IF the MS's pending SSD is stored in the AC's database: Remove the pending SSD from the AC's database. ENDIF. Clear all the MS's pending operation flags. Execute the "Local Recovery Procedures" task (see 3.5.1). Return to the invoking process. IF the MS is marked pending SSD update: IF the MS's pending SSD is stored in the AC's database: Remove the pending SSD from the AC's database. ENDIF. Clear all the MS's pending operation flags. Execute the "Local Recovery Procedures" task (see 3.5.1). Return to the invoking process.

14 WHEN a RETURN ERROR or REJECT is received:

15 WHEN timer (ADT) expires:

16 ENDWAIT.

TDMA-OTA

6-8

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.1.6

MSC Receiving Authentication Parameters

(TIA/EIA-41.6-D, page 6-53)

When an MSC receives authentication parameters, the Serving MSC shall perform the following for the specified MS: 1 1-1 1-1-1 1-2 1-3 2 a a-1 a-2 a-2-1 a-2-2 a-2-3 a-3 a-4 IF the DenyAccess parameter is received: IF the indicated MS is involved in a call or service operation anchored by this MSC: The Serving MSC may optionally discontinue the call or service operation currently in progress. ENDIF. Return to the calling task. ENDIF. IF the RandomVariableReauthentication (RANDRA) parameter is received: Send a Re-authenticate order to the MS RandomVariableReauthentication (RANDRA) value. IF the MS does not respond to the Re-authenticate order: Include the ReauthenticationReport authentication no response. Return to the invoking process. ENDIF. IF the AuthenticationResponseReauthentication (AUTHRA) response from the MS is not equal to the AuthenticationResponseReauthentication (AUTHRA) value received from the VLR: Include the ReauthenticationReport authentication failed. Return to the invoking process. ELSE (Re-authenticate sucessful): Send a StatusRequest message to the MS with VPMODE and MEMODE set to 1. Include the ReauthenticationReport authentication successful. Return to the invoking process. ENDIF. ENDIF. IF the RandomVariableSSD (RANDSSD) parameter is received (an SSD update is requested): IF the MS is involved in a call and has been handed off to another MSC: Include the SSDUpdateReport parameter set to indicate . Execute the "MSC Initiating an Authentication Status Report" task (see 4.5.1). Return to the invoking process. ELSEIF the SSD update cannot be attempted: parameter set to indicate Reparameter set to indicate Reparameter set to indicate Reusing the received

Execute the "MSC Initiating an Authentication Status Report" task (see 4.5.1).

a-4-1 a-4-2 a-4-3 a-5 a-5-1 a-5-2 a-5-3 a-5-4 a-6 b 3 3-1 3-1-1 3-1-2 3-1-3 3-2

Execute the "MSC Initiating an Authentication Status Report" task (see 4.5.1).

Execute the "MSC Initiating an Authentication Status Report" task (see 4.5.1).

Signaling Procedures

6-9

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

3-2-1 3-2-2 3-2-3 3-3 3-3-1 3-3-2 3-3-2-1 3-3-2-2 3-3-2-3 3-3-3 3-3-3-1

Include the SSDUpdateReport parameter set to indicate . Execute the "MSC Initiating an Authentication Status Report" task (see 4.5.1). Return to the invoking process. ELSE (SSD update can be attempted): Send an SSD update order to the MS using the RandomVariableSSD (RANDSSD) value received. IF a Base Station Challenge order is not received from the MS: Include the SSDUpdateReport parameter set to indicate . Execute the "MSC Initiating an Authentication Status Report" task (see 4.5.1). Return to the invoking process. ELSE (Base Station Challenge order is received from the MS): Execute the "MSC Initiating a Base Station Challenge" task (see 4.6.1) using the value of RandomVariableBaseStation (RANDBS) provided by the MS. IF the SSD update fails, the MSC shall: Include the SSDUpdateReport parameter set to indicate . Execute the "MSC Initiating an Authentication Status Report" task (see 4.5.1). Return to the invoking process. ELSE (SSD update successful): (Continue this task.) ENDIF. ENDIF. ENDIF.

3-3-3-2 3-3-3-2-1 3-3-3-2-2 3-3-3-2-3 3-3-3-3 3-3-3-3-1 3-3-3-4 3-3-4 3-4 4 5 ENDIF.

IF the RandomVariableUniqueChallenge (RANDU) and AuthenticationResponseUniqueChallenge (AUTHU) parameters are received (a Unique Challenge is requested): IF the MS is involved in a call and has been handed off to another MSC: Include the RandomVariableUniqueChallenge (RANDU) and AuthenticationResponseUniqueChallenge (AUTHU) parameters received. Execute the "MSC Initiating an Authentication Directive Forward" task (see 4.2.1). IF the Unique Challenge was not attempted: Include the UniqueChallengeReport parameter set to indicate . IF an SSD update was performed: Include the SSDUpdateReport parameter set to indicate . ENDIF. Execute the "MSC Initiating an Authentication Status Report" (see 4.5.1) task. Return to the invoking process. ELSEIF there was no response to the Unique Challenge: Include the UniqueChallengeReport parameter set to indicate .

5-1 5-1-1 5-1-2 5-1-3 5-1-3-1 5-1-3-2

5-1-3-2-1 5-1-3-3 5-1-3-4 5-1-3-5 5-1-4 5-1-4-1

TDMA-OTA

6-10

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

5-1-4-2 5-1-4-2-1 5-1-4-3 5-1-4-4 5-1-4-5 5-1-5 5-1-5-1 5-1-5-2 5-1-5-2-1 5-1-5-3 5-1-5-4 5-1-5-5 5-1-6 5-1-6-1 5-1-7 5-2 5-2-1 5-2-2 5-2-2-1 5-2-3 5-2-4 5-2-5 5-3 5-3-1 5-3-2 5-3-2-1 5-3-2-2 5-3-2-2-1 5-3-2-3 5-3-2-4 5-3-2-5 5-3-3 5-3-4

IF an SSD update was performed: Include the SSDUpdateReport parameter set to indicate . ENDIF. Execute the "MSC Initiating an Authentication Status Report" (see 4.5.1) task. Return to the invoking process. ELSEIF the Unique Challenge failed: Include the UniqueChallengeReport parameter set to indicate . IF an SSD update was performed: Include the SSDUpdateReport parameter set to indicate . ENDIF. Execute the "MSC Initiating an Authentication Status Report" (see 4.5.1) task. Return to the invoking process. ELSE (Unique Challenge successful): (Continue this task.) ENDIF. ELSEIF the Unique Challenge cannot be attempted: Include the UniqueChallengeReport parameter set to indicate . IF an SSD update was performed: Include the SSDUpdateReport parameter set to indicate . ENDIF. Execute the "MSC Initiating an Authentication Status Report" (see 4.5.1) task. Return to the invoking process. ELSE (Unique Challenge can be attempted): Send a Unique Challenge order to the MS RandomVariableUniqueChallenge (RANDU) value received. IF the MS does not respond to the Unique Challenge Order: Include the UniqueChallengeReport parameter set to indicate . IF an SSD update was performed: Include the SSDUpdateReport parameter set to indicate . ENDIF. Execute the "MSC Initiating an Authentication Status Report" (see 4.5.1) task. Return to the invoking process. ENDIF. IF the AuthenticationResponseUniqueChallenge (AUTHU) response from the MS is not equal to the AuthenticationResponseUniqueChallenge (AUTHU) value received from the VLR: Include the UniqueChallengeReport parameter set to indicate . IF an SSD update was performed: Include the SSDUpdateReport parameter set to indicate . ENDIF. using the

5-3-4-1 5-3-4-2 5-3-4-2-1 5-3-4-3

Signaling Procedures

6-11

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

5-3-4-4 5-3-4-5 5-3-5 5-3-5-1 5-3-6 5-4 6 7 7-1 7-1-1 7-1-2 7-1-2-1 7-1-3 7-1-4 7-1-4-1 7-1-5 7-1-6 7-1-7 7-2 7-2-1 7-2-2 7-2-2-1 7-2-3 7-2-4 7-2-4-1 7-2-5 7-2-6 7-2-7 7-3 7-3-1 7-3-2 7-3-2-1 7-3-2-2 7-3-2-2-1 7-3-2-3 7-3-2-4 7-3-2-4-1 7-3-2-5 7-3-2-6 7-3-2-7 ENDIF. ENDIF.

Execute the "MSC Initiating an Authentication Status Report" (see 4.5.1) task. Return to the invoking process. ELSE (Unique Challenge successful): (Continue this task.) ENDIF.

IF a COUNT update is requested by the VLR: IF the MS is involved in a call and has been handed off to another MSC: Include the CountUpdateReport parameter set to indicate . IF an SSD update was performed: Include the SSDUpdateReport parameter set to indicate . ENDIF. IF a Unique Challenge was performed: Include the UniqueChallengeReport parameter set to indicate . ENDIF. Execute the "MSC Initiating an Authentication Status Report" task (see 4.5.1). Return to the invoking process. ELSEIF the COUNT update cannot be attempted: Include the CountUpdateReport parameter set to indicate . IF an SSD update was performed: Include the SSDUpdateReport parameter set to indicate . ENDIF. IF a Unique Challenge was performed: Include the UniqueChallengeReport parameter set to indicate . ENDIF. Execute the "MSC Initiating an Authentication Status Report" task (see 4.5.1). Return to the invoking process. ELSE (COUNT update can be attempted): Send a Parameter Update order to the MS. IF the MS does not respond to the Parameter Update order: Include the CountUpdateReport parameter set to indicate . IF an SSD update was performed: Include the SSDUpdateReport parameter set to indicate . ENDIF. IF a Unique Challenge was performed: Include the UniqueChallengeReport parameter set to indicate . ENDIF. Execute the "MSC Initiating an Authentication Status Report" task (see 4.5.1). Return to the invoking process.

TDMA-OTA

6-12

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

7-3-3 7-3-3-1 7-3-4 7-4 8 9 9-1 9-1-1 9-2 9-3 9-3-1 9-4 9-5 9-5-1 9-6 9-7 9-8 10-1 ENDIF.

ELSE (COUNT update successful): (Continue this task.) ENDIF. ENDIF.

IF an SSD update was performed OR IF a Unique Challenge was performed OR IF a COUNT update was performed: IF an SSD update was performed: Include the SSDUpdateReport parameter set to indicate . ENDIF. IF a Unique Challenge was performed: Include the UniqueChallengeReport parameter set to indicate . ENDIF. IF a COUNT update was performed: Include the CountUpdateReport parameter set to indicate . ENDIF. Execute the "MSC Initiating an Authentication Status Report" task (see 4.5.1). Return to the invoking process. Return to the invoking process.

10 ELSE: 11 ENDIF.

Signaling Procedures

6-13

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.5

4.5.1

AUTHENTICATION STATUS REPORT

MSC Initiating an Authentication Status Report

(TIA/EIA-41.6-D, page 6-92)

When an MSC determines that an Authentication Status Report is necessary to report the outcome of authentication operations requested by the VLR, it shall perform the following: 1 1-1 2 3 3-1 4 5 5-1 6 a a-1 IF the outcome of an SSD update shall be reported: Include the SSDUpdateReport parameter set to the value indicated by the calling task. ENDIF. IF the outcome of a Unique Challenge shall be reported: Include the UniqueChallengeReport parameter set to the value indicated by the calling task. ENDIF. IF the outcome of a COUNT update shall be reported: Include the CountUpdateReport parameter set to the value indicated by the calling task. ENDIF. IF the outcomes of Reauthentication, Voice Privacy and Signaling Message Encryption Enable shall be reported: Include the ReauthenticationReport, VoicePrivacyReport SignalingMessageEncryptionReport and ServiceIndicator parameters set to the values indicated by the calling task. ENDIF. Include the SenderIdentificationNumber set to the identification number of the sending functional entity. Include the SystemCapabilities (SYSCAP) parameter indicating whether authentication parameters were requested for this system access. Send an AuthenticationStatusReport INVOKE to the MSC's associated VLR.

b 7 8 9

10 Start the Authentication Status Report Timer (ASRT). 11 WAIT for an Authentication Status Report response: 12 WHEN a RETURN RESULT is received: 12-1 12-2 12-2-1 12-2-2 12-3 12-3-1 12-3-2 12-4 13-1 Stop timer (ASRT). IF the message can be processed: Execute the "MSC Receiving Authentication Parameters" task (see 4.1.6) using the parameters received. Return to the invoking process. ELSE (the message cannot be processed): Execute the "Local Recovery Procedures" task (see 3.5.1). Return to the invoking process. ENDIF. Stop timer (ASRT).

13 WHEN a RETURN ERROR or REJECT is received:

TDMA-OTA

6-14

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

13-2 13-3 14-1 14-2

Execute the "Local Recovery Procedures" task (see 3.5.1). Return to the invoking process. Execute the "Local Recovery Procedures" task (see 3.5.1). Return to the invoking process.

14 WHEN timer (ASRT) expires:

15 ENDWAIT.

Signaling Procedures

6-15

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.5.4

AC Awaiting AuthenticationStatusReport INVOKE

100)

(TIA/EIA-41.6-D, page 6-

When an AC requests the VLR to perform authentication operations that require the VLR to report the outcome, the AC shall perform the following: 1 2 3 3-1 3-2 3-2-1 3-2-2 3-2-2-1 3-2-3 3-2-4 3-2-4-1 3-2-5 3-2-6 3-2-6-1 3-2-7 3-2-8 3-2-8-1 3-2-9 3-2-10 3-2-10-1 3-2-11 3-2-12 3-2-12-1 Start the Authentication Status Report Response Timer (ASRRT). WAIT for an AuthenticationStatusReport INVOKE: WHEN an AuthenticationStatusReport INVOKE is received: Stop timer (ASRRT). IF the received message can be processed: Clear all the MS's pending operation flags. IF the INVOKE reports that SSD updating has been successful: Update the AC's database to indicate that the pending SharedSecretData (SSD) value is now the value used by the MS. ENDIF. IF the INVOKE reports that COUNT updating has been successful: Increment the value of COUNT in the AC's database. ENDIF. IF an authentication or re-authentication ENDIF. IF local administrative procedures request that service shall be denied: Include the DenyAccess parameter: ENDIF. IF SharedSecretData (SSD) presently shared with the VLR shall be discarded: Include the SSDNotShared (NOSSD) parameter. ENDIF. IF an SSD update shall be initiated: Select a RandomVariableSSD (RANDSSD) and execute CAVE using the value of the MS's A-key recorded in the AC's database to produce a pending SharedSecretData (SSD). Include the RandomVariableSSD (RANDSSD) parameter. Mark the MS pending SSD update. IF AC administrative procedures indicate that the pending SharedSecretData (SSD) shall be shared with the VLR for the SSD update operation: IF the VLR's SystemCapabilities indicates that the VLR is able to execute the algorithm: Include the SharedSecretData (SSD) parameter set to the pending SSD value. IF the AuthenticationAlgorithmVersion (AAV) parameter is received: Store the AuthenticationAlgorithmVersion (AAV) value. failure has been detected: Execute recovery procedures according to the AC's internal algorithm.

3-2-12-2 3-2-12-3 3-2-12-4

3-2-12-4-1 3-2-12-4-1-1 3-2-12-4-1-2 3-2-12-4-1-2-1

TDMA-OTA

6-16

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

3-2-12-4-1-3 3-2-12-4-2 3-2-12-5 3-2-12-5-1

ENDIF. ENDIF. ELSE (pending SharedSecretData (SSD) is not to be shared: Select a RandomVariableUniqueChallenge (RANDU) and execute CAVE using the value of the pending SSD to produce an AuthenticationResponseUniqueChallenge (AUTHU). Include the RandomVariableUniqueChallenge (RANDU) and AuthenticationResponseUniqueChallenge (AUTHU) parameters. Mark the MS pending Unique Challenge. ENDIF.

3-2-12-5-2 3-2-12-5-3 3-2-12-6 3-2-13 3-2-13-1 3-2-13-1-1 3-2-13-1-1-1 3-2-13-1-1-2 3-2-13-1-1-2-1 3-2-13-1-1-3 3-2-13-1-2 3-2-13-2 3-2-13-3 3-2-13-3-1

ELSE (SSD update not initiated): IF the SharedSecretData (SSD) shall be shared with the VLR: IF the VLR's SystemCapabilities indicates the VLR is capable of executing the algorithm: Include the SharedSecretData (SSD) and CallHistoryCount (COUNT) parameters. IF the AuthenticationAlgorithmVersion (AAV) parameter is received: Store the AuthenticationAlgorithmVersion (AAV) value. ENDIF. ENDIF. ENDIF. IF a Unique Challenge shall be initiated: Select a RandomVariableUniqueChallenge (RANDU) and execute CAVE using the value of the MS's SharedSecretData (SSD) recorded in the AC's database to produce an AuthenticationResponseUniqueChallenge (AUTHU). Include the RandomVariableUniqueChallenge (RANDU) and AuthenticationResponseUniqueChallenge (AUTHU) parameters. Mark the MS pending Unique Challenge. ENDIF. ENDIF. IF a COUNT update shall be initiated: Include the UpdateCount (UPDCOUNT) parameter. Mark the MS pending COUNT update. ENDIF. Send an AuthenticationStatusReport RETURN RESULT to the requesting HLR. IF the MS is marked pending SSD update, OR IF the MS is marked pending Unique Challenge, OR IF the MS is marked pending COUNT update: Execute the "AC Awaiting AuthenticationStatusReport INVOKE" task (see 4.5.4). ENDIF. Exit this task. ELSE (the message cannot be processed):

3-2-13-3-2 3-2-13-3-3 3-2-13-4 3-2-14 3-2-15 3-2-15-1 3-2-15-2 3-2-16 3-2-17 3-2-18 3-2-18-1 3-2-19 3-2-20 3-3

Signaling Procedures

6-17

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

3-3-1 3-3-2 3-3-2-1 3-3-3 3-3-4 3-3-5 3-3-6 3-4 4 4-1 4-1-1 4-2 4-3 4-4 5 6

Send a RETURN ERROR to the requesting HLR. IF the MS is marked pending SSD update: Remove the pending SharedSecretData (SSD) from the AC's database. ENDIF. Clear all the MS's pending operation flags. Execute the "Local Recovery Procedures" task (see 3.5.1). Exit this task. ENDIF.

WHEN timer (ASRRT) expires: IF the MS is marked pending SSD update: Remove the pending SharedSecretData (SSD) from the AC's database. ENDIF. Clear all the MS's pending operation flags. Execute the "Local Recovery Procedures" task (see 3.5.1). ENDWAIT. Exit this task.

TDMA-OTA

6-18

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.31 ORIGINATION REQUEST

4.31.1 MSC Initiating an Origination Request

(TIA/EIA-41.6-D, page 6-201)

When the MSC determines that the HLR must perform digit analysis (for other than a feature code) or the OTAF must supply CSC routing information, it shall perform the following: 1 2 3 4 5 6 7 8 a a-1 b b-1 c 9 Include the BillingID (Originating) parameter set to the billing identifier for the call assigned by the current Originating MSC. Include the Digits (Dialed) parameter set to the digits received from the MS. Include the ElectronicSerialNumber parameter set to identify the originating MS. Include the MobileIdentificationNumber MSID parameter set to identify the originating MS. Include the MSCID parameter set to the identity of the Originating MSC. Include the OriginationTriggers parameter set to identify the triggering event. Include the TransactionCapability parameter set to identify the current capabilities. Send a OriginationRequest INVOKE to the MS's associated HLR. IF this is an OTASP call origination: Send a OriginationRequest INVOKE to the OTAF associated with the service provisioning session. ELSE Send an OriginationRequest INVOKE to the MS's associated HLR. ENDIF. Start the Origination Request Timer (ORT).

10 WAIT for Origination Request response: 11 WHEN a RETURN RESULT is received: 11-1 11-2 11-2-1 11-2-1-1 11-2-1-1-1 11-2-1-2 11-2-1-3 11-2-1-3-1 11-2-1-3-1-1 11-2-1-3-1-2 11-2-1-3-2 11-2-1-4 Stop timer (ORT). IF the message can be processed: IF the incoming call is still connected: IF the AnnouncementList parameter is received: Execute the "Play All Announcements in the AnnouncementList" task (see 3.2.5). ENDIF. IF the AccessDeniedReason parameter is received and it can be acted upon: IF AnnouncementList parameter is not received: Apply the treatment appropriate AccessDeniedReason value. Return to the calling task. ENDIF. ELSEIF no TerminationList parameter or ActionCode parameter is received (an error condition?): to the returned

Signaling Procedures

6-19

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

11-2-1-4-1 11-2-1-4-2 11-2-1-5 11-2-1-6 11-2-1-6-1 11-2-1-7 11-2-1-8 11-2-1-8-1 11-2-1-9 11-2-2 11-3 11-3-1 11-4 12-1 12-2 12-3 12-4 13-1 14-1 14-2 14-3 15-1 15-2 ENDIF.

Execute the "Apply Access Denial Treatment" task (see 3.4.5). Return to the calling task. ENDIF. IF the TerminationList parameter is received: Execute the "MSC Routing Points Of Return" task (see 3.2.6). ENDIF. IF the ActionCode parameter is received: Execute the "MSC ActionCode Processing" task (see 3.2.9). ENDIF.

ELSE (the message cannot be processed): Execute "Local Recovery Procedures" task (see 3.5.1). ENDIF. Stop timer (ORT). Execute the "MSC Remote User Interaction" task (see 4.39.2). Start the Origination Request Timer (ORT). Remain in this state. Remain in this state (to handle possible call abandons). Stop timer (ORT). Execute "Local Recovery Procedures" task (see 3.5.1). Provide an unsuccessful indication to the MS. Execute "Local Recovery Procedures" task (see 3.5.1). Provide an unsuccessful indication to the MS.

12 WHEN a RemoteUserInteractionDirective INVOKE is received:

13 WHEN the MS disconnects: 14 WHEN a RETURN ERROR or REJECT is received:

15 WHEN timer (ORT) expires:

16 ENDWAIT. 17 Return to the calling task.

TDMA-OTA

6-20

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.31.T1 OTAF Receiving an Origination Request

When an OTAF receives an OriginationRequest INVOKE, it shall perform the following: 1 1-1 1-1-1 1-1-2 IF the received message can be processed and the requested information can be made available for the indicated MS: IF MS is authorized for over-the-air service provisioning on this OTAF: Update the current VLR location of the MS, ElectronicSerialNumber and the SMS_Address of the MS. recording the

IF the TransactionCapability indicates the MSC-S is capable of supporting the TerminationList parameter: 1-1-2-1 Include any CSC Routing information in the TerminationList parameter. 1-1-3 ELSE: 1-1-3-1 Include the CSC Routing information in the DigitsDialed parameter. 1-1-4 ENDIF. 1-2 ELSE (the MS is not authorized for over-the-air service provisioning on this OTAF): 1-2-1 1-2-3 1-3 1-4 1-5 2 2-1 3 4 Include the ActionCode parameter set to Disconnect Call. Include the AnnouncementList parameter if appropriate. ENDIF. Send a RETURN RESULT. Exit this task. ELSE (the received message cannot be processed or the information requested cannot be made available): Send a RETURN ERROR with a proper Error Code value (see the following table) to the requesting MSC. ENDIF. Exit this task.

Signaling Procedures

6-21

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Table 4.31.T1 OTAF OriginationRequest Response Problem Detection and Recommended Response from OTAF to MSC

PROBLEM DEFINITION RETURN ERROR Error Code

a a a a X X X X X X d a d c b a d

1

2

3

4

5

6

Notes

RETURN RESULT

Problem Detections: 1. The requested IS-41 MAP operation is recognized, but not supported, by the receiving OTAF, or the requesting functional entity is not authorized. 2. A required OTAF resource (e.g., internal memory record, OTAF is fully occupied) is temporarily not available (e.g., congestion). 3. A required resource (e.g., data base access, functional entity) is not presently accessible due to a failure. Human intervention may be required for resolution. 4. A supplied parameter has an encoding problem (e.g., the supplied MobileIdentificationNumberparameter digit values do not meet the BCD specification). 5. A supplied parameter value is unrecognized or has nonstandard values (e.g., Not Used). 6. An expected, or required, optional parameter was not received.

Notes: a. b. c. d.

This Error Code is not an appropriate OTAF response to a OriginationRequest transaction. It is recommended that an OTAF supports OriginaionRequest transactions. Only RETURN RESULT operations needing clarification have been included. Include the Parameter Identifier in question as the FaultyParameter parameter.

TDMA-OTA

6-22

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.38 REGISTRATION NOTIFICATION

4.38.1 MSC Initiating MS Registration

(TIA/EIA-41.6-D, page 6-233)

When an MSC determines that a roaming Mobile Station (MS) is now within its service area (through autonomous registration, call origination, call termination (e.g., a page response following a call to the roamer access number), or other mechanism, except for detection by a call handoff), this new Serving MSC shall start the registration notification process by doing the following: 1 2 3 Include the QualificationInformationCode parameter set according to the information needed from the VLR. Include the SystemAccessType parameter set to the type of access performed by the MS (for e.g., Autonomous Registration, SMS Page Response, OTASP). IF the access occurred in a border cell:

............ 28 Exit this task.

Signaling Procedures

6-23

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.38.2 VLR Receiving RegistrationNotification INVOKE

235)

(TIA/EIA-41.6-D, page 6-

When a VLR receives a RegistrationNotification INVOKE, it shall perform the following: 1 1-1 1-2 2 3 IF the received message cannot be processed: Send a RETURN ERROR with a proper Error Code value (see the following table) to the requesting MSC. Exit this task. ENDIF. IF the MS is not allowed to register (e.g., the MS is on a negative list or registration attempts for the MS from same MSCID and LocationAreaID have failed in the recent past or the request is within a denied authorization period): Include the AuthorizationDenied parameter set to . Include the SystemMyTypeCode parameter set to the VLR's manufacturer. Send a RETURN RESULT to the requesting MSC. Exit this task. ENDIF.

3-1 3-2 3-3 3-4 4

(The MS is allowed to register.) a IF the SystemAccessType parameter indicates OTASP: a-1 GOTO Register the MS. b ENDIF. 5 5-1 5-1-1 5-1-1-1 5-1-1-2 5-1-1-2-1 IF the SystemAccessType parameter indicates :1 IF the VLR detects a multiple access situation (e.g., due to unavailability of SignalQuality data): IF this registration is not the most desirable access: Include the AuthorizationDenied parameter set to . IF available: Include the ReceivedSignalQuality, ControlChannelData and SystemAccessData parameters set according to the values received with the best RegistrationNotification INVOKE for this access. ENDIF. Include the SystemMyTypeCode manufacturer. Exit this task. ENDIF. ENDIF. ENDIF. parameter set to the VLR's

5-1-1-3 5-1-1-4 5-1-1-5 5-1-1-6 5-1-2 5-2 6

Send a RETURN RESULT to the requesting MSC.

(The registration is acceptable according to the VLR's data.)

1The

VLR may mark the time at which the message was received as described in informative Annex F.

TDMA-OTA

6-24

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

7 7-1 8 9 9-1

IF the ReceivedSignalQuality, ControlChannelData and SystemAccessData parameters are received: Record them. ENDIF. IF the LocationAreaID parameter was received: Record the location area identifier. (Note changes for below.)

10 ENDIF. 11 Record the received MSCID as the identity of the MSC currently serving the MS. (Note changes for below.) 12 IF the MS has registered with an MSC within the domain of the VLR: 12-1 12-1-1 12-1-2 12-1-2-1 12-1-2-2 12-1-3 12-2 12-3 12-3-1 12-3-1-1 12-3-2 12-4 12-4-1 12-4-1-1 12-4-2 12-5 12-6 12-6-1 12-7 12-7-1 12-8 12-8-1 12-9 12-9-1 12-10 ENDIF. (The MS has not changed its active or inactive state.) IF the MS has changed Market IDs and the GeographicAuthorization parameter indicates that it was : GOTO Register the MS. ELSEIF the MS has changed MSCs and the GeographicAuthorization parameter indicates that it was : GOTO Register the MS. ELSEIF the MS has changed location areas within an MSC and the GeographicAuthorization parameter indicates that it was : GOTO Register the MS. ELSEIF the MS has changed cells within an GeographicAuthorization parameter indicates that it was : GOTO Register the MS. ENDIF. (The MS is geographically authorized.) MSC and the ENDIF. IF the AvailabilityType parameter is received: IF the MS is in the active state: GOTO Register the MS. ENDIF. ELSE (the AvailabilityType parameter is not received): IF the MS is in the inactive state: GOTO Register the MS. ENDIF. IF the MSC currently serving the MS is not the MSC previously registered with the VLR: Execute the "VLR Initiating Registration Cancellation" task (see 4.37.3). IF the SMS_MessageWaitingIndicator parameter was received with the RegistrationCancellation RETURN RESULT: Relay the SMS_MessageWaitingIndicator parameter RegistrationNotification INVOKE to be sent to the HLR). GOTO Register the MS. ENDIF. (for the

Signaling Procedures

6-25

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

12-11 12-11-1

IF an SMS_Address parameter is received: IF the SMS_Address is different than the current SMS temporary routing address: GOTO Register the MS. ENDIF. ELSE: IF an SMS temporary routing address exists: Clear the SMS temporary routing address. GOTO Register the MS (to report loss of SMS capability). ENDIF. ENDIF. IF the information requested by the QualificationInformationCode is available: IF the QualificationInformationCode indicates ENDIF. IF the QualificationInformationCode indicates ENDIF. Send a RETURN RESULT to the requesting MSC. Exit this task. ENDIF. or : Include the AuthorizationPeriod parameter set appropriately. or : Execute the "Loading of Profile Parameters" task (see 3.1.3).

12-11-1-1 12-11-2 12-12 12-12-1 12-12-1-1 12-12-1-2 12-12-2 12-13 12-14 12-14-1 12-14-1-1 12-14-2 12-14-3 12-14-3-1 12-14-4 12-14-5 12-14-6 12-15 13 ENDIF.

Register the MS: 14 IF the AvailabilityType parameter was received: 14-1 15-1 Set the MS's state to inactive. Set the MS's state to active. 15 ELSE: 16 ENDIF. 17 IF the SMS_Address is received: 17-1 18-1 Optionally store it as the SMS temporary routing address. Clear the SMS temporary routing address. 18 ELSE: 19 ENDIF. 20 IF available: 20-1 Relay the received BorderCellAccess, SignalQuality, ControlChannelData and SystemAccessType parameters.

21 ENDIF. 22 Relay any parameters received in the RegistrationNotification INVOKE including the MSCID. 23 IF the Serving MSC identity is not equal to the VLR's ID information: 23-1 Include the ExtendedMSCID (Serving) parameter set to the identity of the VLR._ 24 ENDIF.

TDMA-OTA

6-26

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

25 Include the SenderIdentificationNumber set to the identification number of the VLR. 26 IF the VLR is sending the message to an SS7 network: 26-1 Include the PC_SSN parameter with the Type field set to fields set to the VLR's point code and subsystem number. and the PC and SSN

27 ENDIF. c IF this is an over-the-air service provisioning registration for an unprogrammed MS as determined from the parameters list: c-1 IF the OTAF address is specified in the parameters list: c-1-1 The VLR shall send a RegistrationNotification INVOKE to the OTAF address as specified in the parameters list. c-2 ELSE: c-2-1 The VLR may create a record for the MS. c-2-2 The VLR shall send a RETURN RESULT to the MSC. c-2-3 Exit this task. c-3 ENDIF. d ELSE: d-1 Send a RegistrationNotification INVOKE to the HLR associated with the MS. e ENDIF. 28 Send a RegistrationNotification INVOKE to the HLR associated with the MS. 29 Start the Registration Notification Timer (RNT). 30 WAIT for a Registration Notification response: 31 WHEN a RETURN RESULT is received: 31-1 31-2 31-2-1 31-2-1-1 31-2-1-2 31-2-1-3 31-2-1-4 31-2-1-4-1 31-2-1-5 31-2-1-6 31-2-1-6-1 31-2-1-7 31-2-1-7-1 Stop timer (RNT). IF the message can be processed: IF the AuthorizationDenied parameter was received: Relay the received AuthorizationDenied parameter and other received parameters. Include the SystemMyTypeCode manufacturer. IF a record exists for the MS: Clear the subscriber's profile. ENDIF. IF the AuthorizationDenied parameter indicated : Remove the record of the MS. (Future registration attempts will be allowed.) ELSE: The VLR may create a record in its internal data structures to indicate Authorization Denied for the indicated MS to prevent repetitive Registration Notification attempts. IF the DeniedAuthorizationPeriod parameter is received: Record the denied authorization period to prevent repetitive RegistrationNotification attempts. ELSE: parameter set to the VLR's

Send a RETURN RESULT to the requesting MSC.

31-2-1-7-2 31-2-1-7-2-1 31-2-1-7-3

Signaling Procedures

6-27

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

31-2-1-7-3-1

Record the denied authorization period according to the results of internal algorithms to prevent repetitive RegistrationNotification attempts. ENDIF. ENDIF. Exit this task.

31-2-1-7-3 31-2-1-8 31-2-1-9 31-2-2 31-2-3 31-2-3-1 31-2-4 31-2-5 31-2-6 31-2-7 31-2-7-1 31-2-8 31-2-9 31-2-10 31-2-11 31-3 31-3-1 31-4 32-1 32-2 32-3 32-3-1 32-3-1-1 32-3-2 32-3-2-1 32-3-3 32-4 32-4-1 32-5 32-5-1 32-6 32-7 33-1 :

ENDIF. IF no record exists for the indicated MS: Create a record. ENDIF. Update validation and restriction information. Optionally update the indicated MS's service profile information. IF the SMS Delivery Pending Flag is set for this MS: Include the SMS_MessageWaitingIndicator parameter. ENDIF. Optionally include stored service profile parameters. Relay any received parameters from the HLR. Send a RETURN RESULT to the requesting MSC. ELSE (the message cannot be processed): Execute "Local Recovery Procedures" task (see 3.5.1). ENDIF. Stop timer (RNT). CASE Error Code OF: : IF the parameter was originated from the initiating functional entity: Send a RETURN ERROR with Error Code . ELSE: Send a RETURN ERROR with Error Code . ENDIF. Send a RETURN ERROR with Error Code . DEFAULT: Send a RETURN ERROR with Error Code . ENDCASE. Execute "Local Recovery Procedures" task (see 3.5.1). Execute "Local Recovery Procedures" task (see 3.5.1).

32 WHEN a RETURN ERROR OR REJECT is received:

33 WHEN timer (RNT) expires: 34 ENDWAIT. 35 Exit this task.

TDMA-OTA

6-28

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.38.T1 OTAF Receiving RegistrationNotification INVOKE

When an OTAF receives a RegistrationNotification INVOKE for an over-the-air service provisioning session, it shall perform the following: 1 1-1 1-1-1 1-1-2 1-1-3 1-1-4 1-1-5 1-1-6 1-1-a 1-2 1-2 1-2-1 1-2-2 1-2-2-1 1-2-3 1-3 1-4 1-5 2 3 ENDIF. Include the SystemMyTypeCode parameter set to the OTAF's manufacturer. Send a RETURN RESULT to the requesting VLR. ENDIF. Exit this task. IF the received message can be processed and the requested information can be made available for the indicated MS: IF the MS is authorized for over-the-air service provisioning on this MSC: Update the current VLR location ElectronicSerialNumber of the MS. of the MS, recording the

Include the AuthenticationCapability parameter set appropriately. Include the OriginationIndicator parameter set appropriately. Include the OriginationTriggers parameter set appropriately. Include the RestrictionDigits parameter set appropriately. Include the TerminationRestrictions parameter set appropriately. Include the AuthorizationPeriod parameter set appropriately. ENDIF. ELSEIF (the MS is not authorized for over-the-air service provisioning on this MSC): Include the AuthorizationDenied parameter set to the proper value (see the following table): IF applicable: Include the DeniedAuthorizationPeriod parameter set appropriately. ENDIF.

Signaling Procedures

6-29

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Table 4.38.T1 OTAF RegistrationNotification Response Problem Detection and Recommended Response from OTAF to VLR

PROBLEM DEFINITION RETURN ERROR Error Code

X X X X X X X X X X d a d c b a d

1

2

3

4

5

6

7

8

9

10 Notes

RETURN RESULT

Problem Detections: 1. The requested IS-41 MAP operation is recognized, but not supported, by the receiving OTAF, or the requesting functional entity is not authorized. 2. A required OTAF resource (e.g., internal memory record, HLR is fully occupied) is temporarily not available (e.g., congestion). 3. A required resource (e.g., data base access, functional entity) is not presently accessible due to a failure. Human intervention may be required for resolution. 4. A supplied parameter has an encoding problem (e.g., the supplied MobileIdentificationNumberparameter digit values do not meet the BCD specification). 5. A supplied parameter value is unrecognized or has nonstandard values (e.g., Not Used). 6. The supplied MobileIdentificationNumber or NewlyAssignedMIN is not in the OTAF's range of MINs or directory numbers (suspect routing error). 7. An expected, or required, optional parameter (e.g., PC_SSN) was not received. 8. The supplied MobileIdentificationNumber or NewlyAssignedMIN parameter is within the range of the OTAF, but the MIN/NEWMIN is not presently assigned to a subscriber. 9. The supplied MobileIdentificationNumber or NewlyAssignedMIN parameter is within the range of the OTAF, but the supplied ElectronicSerialNumber parameter is not valid for the MIN's or NEWMIN's record. 10. The OTAF has another OTASP session in-progress for the supplied MobileIdentificationNumber parameter. Notes: a. b. c. d.

This Error Code is not an appropriate OTAF response to a OTASPRequest transaction. It is recommended that an OTAF supports OTASPRequest transactions. Only RETURN RESULT operations needing clarification have been included. Include the Parameter Identifier in question as the FaultyParameter parameter.

TDMA-OTA

6-30

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.46 SMS DELIVERY POINT-TO-POINT

4.46.T1 OTAF Receiving SMSDeliveryPointToPoint

Upon receipt of a SMSDeliveryPointToPoint INVOKE, the OTAF shall do the following: 1 IF the message cannot be processed: 1-1 Include the SMS_CauseCode parameter with the appropriate value. 1-2 Send a RETURN RESULT. 1-3 Exit this task. 2 ENDIF. 3 IF the MobileIdentificationNumber MSID parameter is included: 3-1 Set the MIN MSID to the received MobileIdentificationNumber MSID parameter 4 ELSE: 4-1 Include the SMS_CauseCode parameter set to Missing Mandatory Parameter. 4-2 4-3 5 6 6-1 7 7-1 7-2 7-3 8 9 9-1 10-1 10-2 10-3 Send a RETURN RESULT. Exit this task. ENDIF. IF the ElectronicSerialNumber parameter is included: Set the ESN to the received ElectronicSerialNumber parameter. ELSE: Include the SMS_CauseCode parameter set to Missing Mandatory Parameter. Send a RETURN RESULT. Exit this task. ENDIF. IF the SMS_BearerData parameter is included: Set the bearer data to the received SMS_BearerData parameter. Include the SMS_CauseCode parameter set to Missing Mandatory Parameter. Send a RETURN RESULT. Exit this task.

10 ELSE:

11 ENDIF. 12 IF the SMS_TeleserviceIdentifier parameter is included: 12-1 12-1-1 12-1-2 12-1-3 12-2 12-2-1 12-2-2 12-2-3 IF the SMS_TID is set to a known and supported value: Process the message with the indicated teleservice. Send an SMSDeliveryPointToPoint RETURN RESULT with the parameters loaded according to the teleservice. Exit this task. ELSE: Include the SMS_CauseCode parameter set to Invalid TeleserviceIdentifier. Send a RETURN RESULT. Exit this task.

Signaling Procedures

6-31

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

12-3 13-1 13-2 13-3

ENDIF. Include the SMS_CauseCode parameter set to Missing Mandatory Parameter. Send a RETURN RESULT. Exit this task.

13 ELSE:

14 ENDIF.

TDMA-OTA

6-32

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.46.T2 OTAF Initiating SMSDeliveryPointToPoint to an MS-Based SME

Upon request to send a point-to-point SMS message to an MS-based SME, the OTAF shall do the following: 1 1-1 2 3 IF notification is already pending for this MIN MSID: GOTO Wait for Notification. ENDIF. IF the address for the indicated MS is not current (as determined by internal algorithms of the MC., e.g., any time between never to until revoked): IF notification of the presence of the MS is required: Optionally, include the SMS_NotificationIndicator parameter set to Notify When Available. ELSE: Include the SMS_NotificationIndicator parameter set Do not notify when available. ENDIF. Execute the "MC Initiating SMS Request" task (see 4.48.1). IF the request was accepted: Store the temporary routing address and the current time. GOTO Send the message. ELSEIF the request was denied or unavailable: Execute "MC Initiating SMS Request" task (see 3.5.1). Exit this task. ELSE (the request was postponed which can only happen when notification is requested): Queue the request. WAIT for MS to become available to receive a teleservice message: WHEN SMSNotification is passed (see 4.47.3): Remove the request from the queue. Store the temporary routing address and the current time. WHEN the validity of the message expires: Remove the request from the queue. Exit this task. ENDWAIT. ENDIF. ENDIF. IF notification of the presence of the MS is required: Optionally, include the SMS_NotificationIndicator parameter set to Notify when available.

Get SMS Address: 3-1 3-1-1 3-2 3-2-1 3-3 3-4 3-5 3-5-1 3-5-2 3-6 3-6-1 3-6-2 3-7

Wait for Notification: 3-7-1 3-7-2 3-7-3 3-7-3-1 3-7-3-2 3-7-4 3-7-4-1 3-7-4-2 3-7-5 3-8 4 5 5-1

Send the message:

Signaling Procedures

6-33

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

5-2 6 6-1 7 8 9

Optionally, include the SMS_MessageCount parameter set to the number of messages pending delivery to this MS. ELSE: Include the SMS_NotificationIndicator parameter set to Do not notify when available. ENDIF. Set the destination address to the temporary routing address of the MS (from the SMS_Address parameter). Include the MobileIdentificationNumber MSID parameter set to identify the destination MS.

10 Include the ElectronicSerialNumber parameter set to further identify the destination MS. 11 Include the SMS_BearerData parameter set by the SMS teleservice. 12 Include the SMS_TeleserviceIdentifier parameter set to identify the SMS teleservice. 13 Execute the "Initiating SMS Delivery Point-To-Point" task (see 4.46.2). 14 IF the indication was accepted: 14-1 15-1 Exit this task. GOTO Wait for Notification. 15 ELSEIF the indication was postponed: 16 ELSEIF the request resulted in a SMS_CauseCode value of Destination resource shortage: 16-1 17-1 Exit this task (the OTAF will get no further notification). Execute "Local Recovery Procedures" task (see 3.5.1). 17 ELSE (the request was denied): 18 ENDIF. 19 Exit this task.

TDMA-OTA

6-34

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.47 SMS NOTIFICATION

4.47.1 HLR Initiating SMSNotification INVOKE

(TIA/EIA-41.6-D, page 6-285)

Upon request to send an SMSNotification message, the HLR shall do the following: 1 2 a a-1 b 3 3-1 4 4-1 5 5-1 6 7 8 9 Include the ElectronicSerialNumber parameter set to the ESN of the desired MS. Include the MobileIdentificationNumber MSID parameter set to the MIN or IMSI of the desired MS. IF the notification is being issued by the HLR independent of a postponed (previous) SMSRequest to initiate a SMS teleservice on an MS: Include the SMSTeleserviceIdentifier parameter set to the teleservice for which the notification is being made. ENDIF. IF MS is denied: Include the SMS_AccessDeniedReason parameter set to Denied. ELSEIF MS is unavailable or the temporary SMS routing address is not current: Include the SMS_AccessDeniedReason parameter set to Unavailable. ELSE: Include the SMS_Address parameter set to the temporary SMS routing address for the desired MS. ENDIF. Send an SMSNotification message toward the MS's MC or OTAF according to the teleservice identifier. Start the SMS Notification Timer (SNT). WAIT for a SMS Notification response: Stop the timer (SNT). IF the message cannot be processed: Execute "Local Recovery Procedures" task (see 3.5.1). ENDIF. Stop the timer (SNT). Execute "Local Recovery Procedures" task (see 3.5.1). Execute "Local Recovery Procedures" task (see 3.5.1).

10 WHEN a RETURN RESULT is received: 10-1 10-2 10-2-1 10-3 11-1 11-2 12-1

11 WHEN a RETURN ERROR or REJECT is received:

12 WHEN the timer (SNT) expires: 13 ENDWAIT. 14 Exit this task.

Signaling Procedures

6-35

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.47.3 MC or OTAF Receiving an SMSNotification INVOKE

6-286)

(TIA/EIA-41.6-D, page

Upon receipt of a SMSNotification INVOKE, the MC or OTAF shall do the following:: 1 1-1 1-2 1-2-1 1-3 1-3-1 1-4 1-4-1 1-4-2 1-5 1-6 1-7 1-7-1 1-8 1-8-1 1-9 2 2-1 3 4 IF the received message can be processed: Select the MS based on the received MobileIdentificationNumber MSID and ElectronicSerialNumber parameters. IF the SMS_AccessDeniedReason parameter was received: Clear the SMS_Address. ELSEIF the SMS_Address parameter was received: Store the SMS_Address as the temporary routing address with the current time. ELSE (expected parameters not received): Send a RETURN ERROR with the Error Code set to . Exit this task. ENDIF. Send an SMSNotification RETURN RESULT. IF messages are queued for delivery to the indicated MIN MSID: Pass SMSNotification to "MC Initiating SMS Delivery Point-To-Point to an MS-Based SME" task (see 4.46.9 "Wait for Notification"). ELSE: Ignore the message. ENDIF. ELSE (the received message cannot be processed): Send a RETURN ERROR with the proper Error Code value (see the following table). ENDIF. Exit this task.

TDMA-OTA

6-36

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.48 SMS REQUEST

4.48.1 MC or OTAF Initiating SMS Request

(TIA/EIA-41.6-D, page 6-288)

Upon request to obtain a routing address for an MS-based SME (this request may be accepted, postponed, unavailable, or denied), the MC shall do the following: 1 1-1 2 3 4 5 5-1 6 7 8 9 IF the ESN is known for the MS: Include the ElectronicSerialNumber parameter set to identify the MS. ENDIF. Include the MobileIdentificationNumber MSID parameter set to identify the MS. Include the SMS_TeleserviceIdentifier parameter set to the appropriate teleservice identifier value if applicable. IF notification is not required: Include the SMS_NotificationIndicator parameter set to . ENDIF. Send an SMSRequest INVOKE message toward the HLR serving the MIN MSID. Start the SMS Request Timer (SRT). WAIT for an SMS Request response: Stop the timer (SRT). IF the message can be processed: IF an SMS_Address is received: Return to the calling task with the SMS_Address and an accepted indication. ELSEIF an SMS_AccessDeniedReason parameter is received: CASE SMS_AccessDeniedReason value OF: Postponed: Return to the calling task with a postponed indication. Denied: Return to the calling task with a denied indication. Unavailable: Return to the calling task with a unavailable indication. ENDCASE: ELSE the request resulted in a SMS_CauseCode value of Invalid Teleservice ID: Exit this task. ENDIF. ELSE (the message cannot be processed): Return to the calling task with a denied indication. ENDIF.

10 WHEN a RETURN RESULT is received: 10-1 10-2 10-2-1 10-2-1-1 10-2-2 10-2-2-1 10-2-2-2 10-2-2-2-1 10-2-2-3 10-2-2-3-1 10-2-2-4 10-2-2-4-1 10-2-2-5 10-2-a 10-2-a-1 10-2-3 10-3 10-3-1 10-4

11 WHEN a RETURN ERROR or REJECT is received:

Signaling Procedures

6-37

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

11-1 11-2 12-1

Stop the timer (SRT). Return to the calling task with a denied indication. Return to the calling task with a denied indication.

12 WHEN the timer (SRT) expires: 13 ENDWAIT. 14 Exit this task.

TDMA-OTA

6-38

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.48.2 HLR Receiving an SMSRequest INVOKE

(TIA/EIA-41.6-D, page 6-289)

Upon receipt of an SMSRequest INVOKE, the HLR shall do the following: 1 1-1 1-1-1 1-2 1-2-1 1-3 1-3-1 1-3-2 1-3-2-1 1-3-3 1-a 1-a-1 1-4 IF the message can be processed: IF the addressed MS is not known, OR IF the MS is known, but is not authorized for SMS: Include the SMS_AccessDeniedReason parameter indicating Denied. ELSEIF (the teleservice indicated by the SMS_TeleserviceIdentifier parameter is unknown or is not supported): Include the SMS_AccessDeniedReason parameter indicating Invalid: ELSEIF the temporary SMS routing address is current (as determined by the HLR, e.g., some time between never to until revoked) for the addressed MS: Include the SMS_Address parameter set to the current SMS address for the MS. IF the ElectronicSerialNumber parameter was not received: Include the ElectronicSerialNumber parameter set to identify the MS. ENDIF. ELSEIF the SMS_TeleserviceIdentifier is not supported: Include the SMS_CauseCode parameter indicating Invalid Teleservice ID. ELSEIF the addressed MS is able to receive SMS messages (e.g., MS is registered to an SMS capable system), but the SMS address is not current or the MS is reported as inactive: Relay all parameters received in the SMSRequest INVOKE. Include the ElectronicSerialNumber parameter for the addressed MS. Send an SMSRequest INVOKE to the VLR that is currently serving the indicated MS. Start the SMS Request Timer (SRT). WAIT for an SMS Request Response: WHEN a RETURN RESULT is received: Stop timer (SRT). IF the message can be processed: Relay all received parameters. ELSE (message cannot be processed): Execute "Local Recovery Procedures" task (see 3.5.1). Set the SMS Delivery Pending Flag for this MS. Include the SMS_AccessDeniedReason parameter set to Postponed. ENDIF. WHEN a RETURN ERROR or REJECT is received: Stop timer (SRT). Execute "Local Recovery Procedures" task (see 3.5.1). Set the SMS Delivery Pending Flag for this MS. Include the SMS_AccessDeniedReason parameter set to Postponed. 1-4-8 WHEN timer (SRT) expires:

1-4-1 1-4-2 1-4-3 1-4-4 1-4-5 1-4-6 1-4-6-1 1-4-6-2 1-4-6-2-1 1-4-6-3 1-4-6-3-1 1-4-6-3-2 1-4-6-3-3 1-4-6-4 1-4-7 1-4-7-1 1-4-7-2 1-4-7-3 1-4-7-4

Signaling Procedures

6-39

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

1-4-8-1 1-4-8-2 1-4-8-3 1-4-9 1-5 1-5-1 1-5-1-1 1-5-2 1-5-2-1 1-5-2-2 1-5-3 1-6 1-7 2 2-1 2-2 3 4 ENDIF.

Execute "Local Recovery Procedures" task (see 3.5.1). Set the SMS Delivery Pending Flag for this MS. Include the SMS_AccessDeniedReason parameter set to Postponed. ENDWAIT. ELSE (the MS is not registered to an SMS capable system or the MS is registered to an SMS incapable system): IF the SMS_NotificationIndicator parameter was present in the SMSRequest INVOKE and the SMS_NotificationIndicator indicates : Include the SMS_AccessDeniedReason parameter set to Unavailable. ELSE: Set the SMS Delivery Pending Flag for this MS. Include the SMS_AccessDeniedReason parameter set to Postponed. ENDIF. Send a RETURN RESULT.

ELSE (message cannot be processed): Include the Error Code parameter set to the proper value (see the following table). Send a RETURN ERROR. ENDIF. Exit this task.

TDMA-OTA

6-40

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.TT OTASPREQUEST

4.TT.1 OTAF Initiating OTASPRequest

When an OTAF initiates an OTASPRequest, it shall perform the following: 1 2 3 Include the ElectronicSerialNumber parameter set to identify the MS. Include the MobileIdentificationNumber MSID parameter set to identify the MS during the activation session. If appropriate, include the MS's NewlyAssignedMIN NewlyAssignedMSID parameter set to identify the MIN or IMSI that will be assigned to the MS following the OTASP session. If appropriate, set Include the ServiceIndicator parameter set to indicate TDMA OTASP Service value. CASE ActionCode OF: Generate Public Encryption Values: Include the ActionCode parameter set to request the AC to compute public encryption values. Include the AKeyProtocolVersion parameter set to indicate the appropriate protocol version and revision to be used in the A Key Generation Procedure. Generate A-key: Include the ActionCode parameter set to request the AC to compute the A-key. Include the MSPartialKey parameter set to the partial key value supplied by the MS. Include the AKeyProtocolVersion parameter set to indicate the appropriate protocol version and revision to be used in the A Key Generation Procedure. Perform SSD Update procedure: Include the ActionCode parameter set to request the AC to initiate an SSD Update procedure. Include the PC_SSN and/or MSCID parameters with the address of the VLR serving the MS. Perform Re-authentication procedure: Include the ActionCode parameter set to request the AC to initiate a Reauthentication procedure. Include the PC_SSN and/or MSCID parameters with the address of the VLR serving the MS. Include the ActionCode parameter set to request the AC to Commit A-key. Include the ActionCode parameter set to request the AC to Release Resources. NOTE: There are no other parameters included.

4 5 6 6-1 6-2 7 7-1 7-2 7-3 8 8-1 8-2 9 9-1 9-2

10 Commit A-key: 10-1 11-1 11-2 11 Release Resources:

12 ENDCASE. 13 Send an OTASPRequest INVOKE to the HLR associated with the MS for the OTASP session.

Signaling Procedures

6-41

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

14 Start the OTA Request Timer (OTART t). 15 WAIT for an OTASPRequest response: 16 WHEN a RETURN RESULT is received: 16-1 16-2 16-2-1 16-3 16-3-1 16-3-2 16-4 17-1 17-2 17-3 18-1 18-2 Stop timer (OTARTt). IF the message can be processed: Return to the invoking process. ELSE (the message cannot be processed): Execute "Local Recovery Procedures" (see 3.5.1). Return to the invoking process. ENDIF. Stop timer (OTARTt). Execute "Local Recovery Procedures" (see 3.5.1). Return to the invoking process. Execute "Local Recovery Procedures" (see 3.5.1). Return to the invoking process.

17 WHEN a RETURN ERROR or REJECT is received:

18 WHEN timer (OTARTt) expires:

19 ENDWAIT.

TDMA-OTA

6-42

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.TT.2 HLR Receiving OTASPRequest INVOKE

When an HLR receives an OTASPRequest INVOKE, it shall perform the following: 1 IF the received message can be processed: 1-1 Relay all received parameters. 1-2 Send an OTASPRequest INVOKE to the AC serving the MS. 1-3 Start the OTA Response Timer (OTART t). 1-4 1-5 1-5-1 WAIT for the OTASPRequest response: WHEN a RETURN RESULT is received: Stop timer (OTARTt).

1-5-2 IF the message can be processed: 1-5-2-1 Relay all received parameters. 1-5-2-2 Send a RETURN RESULT to the requesting OTAF. 1-5-2-3 Exit the task. 1-5-3 ELSE (the message cannot be processed): 1-5-3-1 Send a RETURN ERROR to the requesting OTAF. 1-5-3-2 Execute the "Local Recovery Procedures" task (see 3.5.1). 1-5-3-3 Exit this task. 1-5-4 ENDIF. 1-6 WHEN a RETURN ERROR or REJECT is received: 1-6-1 Stop timer (OTARTt). 1-6-2 1-6-3 1-6-4 1-7 Relay the RETURN ERROR with the Error Code value as received from the AC. Execute the "Local Recovery Procedures" task (see 3.5.1). Exit this task. WHEN timer (OTARTt) expires:

1-7-1 Send a RETURN ERROR with Error Code set to indicate SystemFailure. 1-7-2 Execute the "Local Recovery Procedures" task (see 3.5.1). 1-7-3 Exit this task. 1-8 ENDWAIT. 2 ELSE (the received message cannot be processed) 2-1 Send a RETURN ERROR with the proper error code value (see the following table) to the requesting OTAF. 3 ENDIF. 4 Exit this task.

Signaling Procedures

6-43

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Table 4.TT.2HLR OTASPRequest Response Problem Detection and Recommended Response from HLR to OTAF

PROBLEM DEFINITION RETURN ERROR Error Code

X X X X X X X X X X d a d c b a d

1

2

3

4

5

6

7

8

9

10 Notes

RETURN RESULT

Problem Detections: 1. The requested IS-41 MAP operation is recognized, but not supported, by the receiving HLR, or the requesting functional entity is not authorized. 2. A required HLR resource (e.g., internal memory record, HLR is fully occupied) is temporarily not available (e.g., congestion). 3. A required resource (e.g., data base access, functional entity) is not presently accessible due to a failure. Human intervention may be required for resolution. 4. A supplied parameter has an encoding problem (e.g., the supplied MobileIdentificationNumberparameter digit values do not meet the BCD specification). 5. A supplied parameter value is unrecognized or has nonstandard values (e.g., Not Used). 6. The supplied MobileIdentificationNumber or NewlyAssignedMIN is not in the HLR's range of MINs or directory numbers (suspect routing error). 7. An expected, or required, optional parameter (e.g., PC_SSN) was not received. 8. The supplied MobileIdentificationNumber or NewlyAssignedMIN parameter is within the range of the AC, but the MIN/NEWMIN is not presently assigned to a subscriber. 9. The supplied MobileIdentificationNumber or NewlyAssignedMIN parameter is within the range of the AC, but the supplied ElectronicSerialNumber parameter is not valid for the MIN's or NEWMIN's record. 10. The HLR has another Authentication process in-progress for the supplied MobileIdentificationNumber parameter. Notes: a. b. c. d. This Error Code is not an appropriate HLR response to a OTASPRequest transaction. It is recommended that an HLR supports OTASPRequest transactions. Only RETURN RESULT operations needing clarification have been included. Include the Parameter Identifier in question as the FaultyParameter parameter.

TDMA-OTA

6-44

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

4.TT.3 AC Receiving OTASPRequest INVOKE

When an AC receives an OTASP Request INVOKE, it shall perform the following: 1 1-1 1-2 1-2-1 1-2-2 1-2-3 1-3 1-3-1 1-3-2 1-4 1-4-1 1-4-2 1-5 1-5-1 1-6 1-6-1 1-7 1-7-1 1-8 1-9 2 2-1 3 4 IF the received message can be processed: CASE ActionCode OF: Generate Public Encryption Values: Include the ModulusValue parameter. Include the PrimitiveValue parameter. Include the PartialKey parameter computed by the AC. Generate A-key: Compute the A-key using the MSPartialKey and stored values Include the OTASPResultCode parameter. Perform SSD Update procedure: Execute the "AC Initiation of an Authentication Directive" task (see 4.1.1) to initiate an SSD Update. Include the SSDUpdateReport and UniqueChallengeReport parameters. Perform Re-Authentication procedure: Execute the "AC Initiation of an Authentication Directive" task (see 4.1.1) to initiate a re-authentication. Commit A-key: Commit the temporary A-key. Release A-key: Releasethe temporary A-key. ENDCASE. Send a RETURN RESULT to the HLR. ELSE (the message cannot be processed): Send a RETURN ERROR to the HLR. ENDIF. Exit this task.

Signaling Procedures

6-45

TDMA-OTA

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

Table 4.TT.3AC OTASP Request Response Problem Detection and Recommended Response from AC to HLR

PROBLEM DEFINITION RETURN ERROR Error Code

X X X X X X X X X X d a d c b a d

1

2

3

4

5

6

7

8

9

10 Notes

RETURN RESULT

Problem Detections: 1. The requested IS-41 MAP operation is recognized, but not supported, by the receiving AC, or the requesting functional entity is not authorized. 2. A required AC resource (e.g., internal memory record, AC is fully occupied) is temporarily not available (e.g., congestion). 3. A required resource (e.g., data base access, functional entity) is not presently accessible due to a failure. Human intervention may be required for resolution. 4. A supplied parameter has an encoding problem (e.g., the supplied MobileIdentificationNumberparameter digit values do not meet the BCD specification). 5. A supplied parameter value is unrecognized or has nonstandard values (e.g., Not Used). 6. The supplied MobileIdentificationNumber or NewlyAssignedMIN is not in the AC's range of MINs or directory numbers (suspect routing error). 7. An expected, or required, optional parameter (e.g., PC_SSN) was not received. 8. The supplied MobileIdentificationNumber or NewlyAssignedMIN parameter is within the range of the AC, but the MIN/NEWMIN is not presently assigned to a subscriber. 9. The supplied MobileIdentificationNumber or NewlyAssignedMIN parameter is within the range of the AC, but the supplied ElectronicSerialNumber parameter is not valid for the MIN's or NEWMIN's record. 10. The AC has another Authentication process in-progress for the supplied MobileIdentificationNumber parameter. Notes: a. b. c. d.

This Error Code is not an appropriate AC response to a OTASP Request transaction. It is recommended that an AC supports OTASP Request transactions. Only RETURN RESULT operations needing clarification have been included. Include the Parameter Identifier in question as the FaultyParameter parameter.

TDMA-OTA

6-46

Signaling Procedures

N.S0011-0 v 1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

7 OPERATION TIMER VALUES

Table 63 Timer

···

Operation Timer Values (continued) Started when

···

Default (sec.)

···

Normally stopped when Action when timer expires

··· ···

ORT Origination Request Timer

16

OTARTt OTASPRequest Response Timer

30 (Note 8)

OTARTtl OTASPRequest Response Timer

90

OriginationRequest RETURN RESULT, OriginationRequest RETURN ERROR, or a RemoteUserInteractionDirective INVOKE is received. OTASPRequest OTASPRequest INVOKE is sent RETURN RESULT or with ACTCODE set an OTASPRequest to Generate A-key, RETURN ERROR is Generate Public received. Encryption Key Values, Commit Akey, or Release Resources. OTASPRequest OTASPRequest INVOKE is sent RETURN RESULT or with ACTCODE set an OTASPRequest to Perform SSD RETURN ERROR is Update, or Perform received. Re-Authentication. PACA is honored. PACA is answered.

OriginationReques t INVOKE (or a subsequent RemoteUserInteractionDirectiv e INVOKE) is sent.

Execute recovery procedures.

Execute recovery procedures.

Execute recovery procedures.

PAT PACA Answer Timer

···

18

See 5.17.2.

···

···

···

···

Note 8: When the OTAF sends an OTASPREQ to the AC to initiate an SSD Update, (OTARTt > ADT + BSCT + ASRT), where: ADT = AuthenticationDirectiveTimer (6 sec.). BSCT = Base StationChallenge Timer (3 sec.). ASRT = AuthenticationStatusReport Timer (6 sec.). When the OTAF sends an OTASPREQ to the AC to initiate a Reauthentication, (OTARTt > ADT + ART + ASRT), where: ADT = AuthenticationDirectiveTimer (6 sec.). ART = Authentication Response Timer (6 sec.) ASRT = AuthenticationStatusReport Timer (6 sec.). When the OTAF sends an OTASPREQ to the AC to obtain Public Encryption Values or to Compute an A-key, the AC must perform the computations within 30 seconds.

Signaling Procedures

6-47

TDMA-OTA

Information

Microsoft Word - ns0011_1.doc

401 pages

Find more like this

Report File (DMCA)

Our content is added by our users. We aim to remove reported files within 1 working day. Please use this link to notify us:

Report this file as copyright or inappropriate

1137550


You might also be interested in

BETA
Microsoft Word - ns0011_1.doc