
2/14

1 Abstract

Universal Mobile Telecommunications

Service (UMTS) and CDMA2000 have

emerged as two of the full-fleged 3G

wireless standards to support both the

radio and network functions based on theIMT-2000 framework. This paper

surveys the two architectures in terms oftheir radio access and core networks

technologies.

2 Overview

UMTS and CDMA2000 standards are

designed to deliver wireless services

with better performance, greater cost-effectiveness and significantly more

content than the 2G counterpart.

Besides offering traditional voicecommunication, 3G data capability

offers Internet and Intranet services for

multimedia application, high-speedbusiness transaction and telemetry.

Figure 1: Evolution of UMTS and

CDMA2000

2.1 UMTS

UMTS is the European member of the

IMT2000 family of third generation

cellular mobile standards. The goal ofUMTS is to enable networks that offer

true global roaming and to support a

wide range of voice, data andmultimedia services. Data rates offered

by UMTS are: vehicular - 144 kbit/s;

pedestrian 384 kbit/s;in-building 2Mb/s.The new UMTS networks will build on

the success of GSM, and on the GSMoperators existing investment in

infrastructure. The first stage of service

and network evolution is from todays

GSM systems, through the

implementation of GPRS, to commercialUMTS networks (see Figure 1). The

UMTS core network can continue to usethe current 2G network structure toprocess voice and packet data. The

major introduction of UMTS are a newair interface1 operating at around 2GHz,

and a packet-based network architecture

which supports both voice and data

services.

2.3.2 CDMA 2000CDMA2000 is another wireless standard

designed to support 3G services asdefined by the ITU and its IMT-2000

vision. It is evolved from the North

American IS-95 cdma standard.CDMA2000 system uses 2.1GHz band

and it maintains backward compatibility

by allowing current frequency bands of800, 1800 and 1900 MHz to operate

seamlessly.

3 UMTS Network Architecture

A UMTS network consists of three

interacting domains (see Figure 2): User

Equipment (UE), UMTS TerrestrialRadio Access Network (UTRAN), and

Core Network (CN). The UE is a

mobile that communicates with UTRANvia the air-interface. UTRAN provides

the air interface access method for the

UE. CN provides switching, routing,and transit for user traffic. It also stores

databases and provides network

management functions.

1UMTS uses wideband-cdma as the air-interface

access technology


3/14

From the specification andstandardization point of view, both UE

and UTRAN consist of completely new

Figure 2: UMTS Network Architecture

protocols, the design of which is basedon the needs of the new W-CDMA radio

technology. On the contrary, the

definition of CN is adopted from GSM

network. This gives the system with

new radio technology a global base ofknown and rugged CN technology that

accelerates and facilitates itsintroduction, and enables such

competitive advantages as global

roaming.

3.1 User Equipment (UE)

A UE consists of two parts:

The Mobile Equipment (ME) is a

radio terminal used forcommunicating over the Uu interface

(air-interface).

The UMTS Subscriber Identity

Module (USIM) is a smartcard thatstores subscribers identity and

encryption keys, performs

authentication algorithms, andsupports subscription information for

the ME. Figure 3 shows the Cu

interface that allows the USIM to

communicate with the ME .

Figure 3: UE architecture

3.2 UMTS Terrestrial Radio

Access Network (UTRAN)

A UTRAN consists of two distincts

elements: Node B and Radio Network

Controller (RNC). The main functionsof the UTRAN archtecture are to:

Support soft handoff and W-CDMAspecific radio resource management

Share and reuse of voice and packet

data interfaces (ie. Iu-CS and Iu-PS)

Share and reuse of GSM

infrastructure

Use ATM as the main transportmechanism within UTRAN

3.2.1 Node B

A Node B (logically corresponds to the

GSM Base Station) converts data flowbetween the Iub and Uu interfaces. Itsmain duty is to perform the physical

layer processing, e.g. modulation,

coding, interleaving, rate adaptation,

spreading, etc.

USIM

ME

Cu


4/14

3.2.2 Radio Network

Controller (RNC)

An RNC (logically corresponds to the

GSM Base Station Controller) controlsthe radio resources in its domain. RNC

is the service access point for all services

UTRAN providing to the Core Network.It also terminates the Radio Resource

Control Protocol (RRC) that defines the

messages and procedures between UE

and UTRAN.

A UTRAN may consist of one or more

Radio Network Sub-Systems (RNS). AnRNS is a sub-network within UTRAN

that consists of one RNC and one or

more Node B. RNCs which belongs todifferent RNS can be connected to each

other via the Iur interface.

The logical function of an RNC isfurther divided into controlling, serving,

and drift. The controlling RNC

administers the Node B for load andcongestion control. It also executes

admission control and channel code

allocation for new radio links to be

established by the Node B.

Figure 4: UTRAN Architecture

The serving RNC is the RNC thatterminates both the Iu and Iub links from

the core network and user equipment

respectively. It performs L2 (MAC

layer) processing of data to/from the

radio interface. Mobility managementfunctions such as power control, handoff

decision, etc are also handled by theserving RNC. Note that one UE

connected to the UTRAN has one and

only one SRNC.

The drift RNC compliments the serving

RNC by providing diversity when the

UE is in the state of inter-RNC softhandoff (which requires two RNCs).

During the handoff, the drift RNC doesnot perform L2 processing; rather itroutes data transparently between the Iub

and Iur interfaces.

3.3 Core Network (CN)

UMTS CN is divided into circuit

switched and packet switched domains.ATM is the transport mechanism to be

used in the UMTS core. In particular,

ATM AAL 2 handles circuit and packetswitched signalling while AAL 5 is

designed for data delivery. The core

network consists of the following

elements inherited from the incumbentGSM network:

3.3.1 Home Location Register

(HLR)

An HLR is a database located in the

users home system that stores the usersservice profile. A service profile is

created when a new user subscribes to

the system, and remained as long as thesubscription is active. It consists of

information such as user service type

and roaming permission etc.

lub lur

Node B

Node B

RNC

RNS

Node B

Node B

RNC

RNS


5/14

3.3.2 Mobile Switching Center

and Vistor Location

Register (MSC/VLR)

The co-located MSC/VLR serves as both

the switch and database for the circuitswitch service. The MSC is used to

switch the circuit switch data while theVLR function temporarily hold copies of

the visiting users service profile.

3.3.2 Gateway MSC (GMSC)

It is the gateway that connects the

UMTS PLMN2

with the external circuit

switch networks. All incoming andoutgoing circuit switch connections go

through the GMSC

3.3.4 Serving GPRS Support

Node (SGSN)

SGSN has the similar functionality as

MSC/VLR except it handles packetswitch connections.

3.3.4 Gateway GPRS Support

Node (GGSN)

GGSN has the same functionality as thatof GMSC except it handles the packetswitch connection.

4 UMTS Network Protocol

Protocol structures in UTRAN terrestrial

interfaces are designed according to the

same general protocol model. As shownin Figure 5, the protocols are divided

into horizontal layers and vertical planes.

The horizontal layer consists of two

layers, the Radio Network Layer and the

Transport Network Layer. All UTRAN-related issues are visible only in the

Radio Network layer, and the Transport

2Public Land Mobile Network

Network layer represents standardtransport technology selected for

UTRAN without any UTRAN-specific

changes.

Figure 5: General UTRAN Protocol Model

The vertical planes are further dividedinto control, user, transport network

control, and transport network user

planes. The control plane is used for all

UMTS-specific control signalling. Itincludes the Application Protocol

(RANAP in Iu, RNSAP in Iur, and

NBAP in Iub), and the signalling bearer

for transporting the Application Protocolmessages. All information transmitted

and received by the user such as a voice

call or packet data are transported via theuser plane. The Transport Network

Control Plane is a plane that acts

between the control plane and the userplane. It is used for all control signalling

within the transport layer. It includes the

ALCAP protocol to set up the transportbearers for the user plane. It also

includes signalling bearer needed for the

ALCAP. Noticed that the introduction

of the transport network control plane

makes it possible for the ApplicationProtocol in the Radio Network Control

Plane to be completely independent ofthe technology selected for the Data

Bearer in the User Plane. Finally the

Transport Network User Plane handlesthe data bearer and signalling bearer in

the user plane.


6/14

4.1 UTRAN-CN Interface: Iu

The Iu interface bridges the UTRAN and

CN. As can be seen in Figure 6 and 7,

the Iu can have two different instances,

which are the Iu-CS for connecting

UTRAN to circuit switched CN, and Iu-PS for connecting UTRAN to packet

switched CN. Since the two protocolstructures are very similar, we focus

mainly on Iu-CS.

4.1.1 Iu-CS

UMTS physical layer is not specified in

the standard. It can be any off-the-shelf

transmission technologies such as

SONET, STM-1, and E1. However,ATM is the transport mechanism to be

used across all three planes of theTransport Network Layer.

Figure 6: Iu-CS interface protocol stack

The Radio Network Layer Control Planeprotocol stack consists of RANAP

running on top of broadband SS7protocols.

The Transport Network Layer User

Plane counterpart uses SignallingConnection Control Part (SCCP),

Message Transfer Part (MTP3-b),

Signalling ATM Adaptation Layer for

Network-to-Network Interfaces (SAAL-NNI). SAAL-NNI is further divided

into Service Specific Co-ordination

Function (SSCF), Service Specific

Connection Oriented Protocol (SSCOP)

and ATM AAL-5 layers. SSCF andSSCOP are specifically designed for

signalling transport in ATM networkswhile AAL-5 is used for segmenting

data into ATM cells.

The Transport Network Control Plane

protocol stack consists of signalling

protocol for setting up AAL2

connections (Q.2630.1 and Q.2150.1)running on top of the SS7 protocols

similar to those aforementioned.

4.1.2 Iu-PS

In the Transport Network User Plane, an

alternative IP-based signalling bearer isspecified. This signalling bearer consists

of M3UA, Simple Control

Transmmission Protocol (SCTP), and

Internet Protocol (IP). The SCTP layeris specifically designed for signalling

transport in the Internet.

Figure 7: Iu-PS interface protocol stack

In the Iu PS User Plane, multiple packet

data flows are multiplexed onto one or

several AAL5 Permanent Virtual


7/14

Circuits. The GPRS Tunnelling Protocol(GTP-U) is the multiplexing layer that

provides identities for individual packet

data flow. Each flow uses UDP

connectionless transport and IP

addressing.

No protocols are required in theTransport Network Control Plane since

establishing GTP tunnel requires only

identifier for the tunnel, and the IPaddresses for both directions are already

included in the RANAP messages.

4.2 UTRAN-UTRAN Interface:

Iur

The RNC-RNC interfaces shown inFigure 8 provides four distinct functions:

Basic Inter-RNC mobility

Dedicated Channel Traffic

Common Channel Traffic

Global Resource Management

For this reason, the Iur signalling

protocol Radio Network SystemApplication Part (RNSAP) is divided

into four different modules: Iur-1 thru

Iur-4

Figure 8: Iur interface protocol stack

4.2.1 Iur-1

Iur-1 provides the basic functionality of

RNSAP signalling needed for mobility

of users between two RNCs, excluding

exchange of any user data traffic. If this

interface is not available, the only wayfor a user connected to one RNC to

utilize a cell in another RNC is todisconnect itself from the first RNC.

Other services provided by Iur-1 include

support of SRNC relocation, inter-RNCregistration area update, inter-RNC

packet paging.

4.2.2 Iur-2

Iur-2 provides dedicated channelbetween two RNCs to support the inter-

RNC soft handover and allow the

anchoring of the SRNC during when theUE is utilizing the dedicated channels

for as long as the user has an active

connection to the circuit-switcheddomain. To achieve this, the user plane

frame protocol for dedicated channels

(DCH FP) is used to defines data framesto carry user data and control frames to

exhange measurement information.User data frames are normally routed

transparently between DRNC andSRNC.

The Transport Network Control PlaneProtocol uses Q.2630.1 to set up AAL2

connections. Each dedicated channel is

conveyed over one transport connection,except the coordinated DCH used to

obtain unequal error protection in the air

interface.

4.2.3 Iur-3

This functionality allows handling of

common and shared channel datastreams across the Iur interface. It

requires the Common Transport Channel

module of RNSAP and the Iur Common


8/14

Transport Channel Frame Protocol(CCH FP). The Q.2630.1 signalling

protocol of the Transport Network

Control Plane is needed if AAL2

connections are used.

4.2.4 Iur-4

Iur-4 provides signalling to support

enhanced radio resource and O&Mfeatures across the Iur interface. It is

implemented via the global module of

RNSAP and does not require any UserPlane Protocol, since there is no

transmission of user data across the Iur

interface.

4.3 UTRAN-NODE B Interface:Iub

The protocol stack of the RNC-Node B

interface is shown in Figure 9. The

stack resembles the Iur interface. Themain difference being that in the Radio

Network and Transport Network Control

Planes SS7 stack is replaced by the

simpler SAAL-UNI as signalling bearer.

Figure 9: Iub interface protocol stack

The Iub signalling interface is divided

into two components: the common NodeB Application Part (NBAP) that defines

the signalling procedures across the

common signalling link, and thededicated NBAP that used in the

dedicated signalling link.

In order to understand the above twoprotocols, the logical model of Node B

must be first understood. Referring to

Figure 10, a common signalling link

exists between the RNC and the Node B.

There is also a set of traffic terminationpoint each controlled by a dedicated

signalling link. One traffic terminationpoint controls a number of mobiles

having dedicated resources in the Node

B, and the corresponding traffic isconveyed through dedicated data ports.

Common data ports outside the traffic

termination points are used to convey

RACH, FACH, and PCH traffic.

The User Plane Iub frame protocolsdefine the structures of the frames andthe basic in-band control procedures for

every type of transport channel (ie.

RACH, FACH, and PACH). Finally,Q.2630.2 signalling is used for dynamic

management of the AAL2 connections

used in the User Plane.

Figure 10: Logical Model of Node B

4.3.1 Common NBAP

The main function of Common NBAP is

the setup of the first radio link of one

UE, and selection of the traffictermination point. It also handles

RACH, FACH, and PCH channels.

4.3.2 Dedicated NBAP

When the RNC requests the first radio

link for one UE via the C-NBAP, theNode B assigns a traffic termination


9/14

point for handling of this UE context,and every subsequent signalling related

to this mobile is exchanged with

dedicated NBAP procedures across the

dedicated control port of the given

Traffic Termination Point.

5 CDMA2000 Network

Architecture

In cdma2000 architecture, mobile station(MS) gain access to a service provider

network via the air interface to the Radio

Network (RN). The service

Figure 9: CDMA Netork Architecture

provider network may be the users

home access provider or, in roaming

cases, the visited access provider

network is used. Access mobilitymanagement is achieved using existing

air interface procedures that include

interactions with Visited LocationRegisters (VLR) and Home Location

Registers (HLR). Information about

access service parameters are maintained

in the access service profile stored in theHLR and cached in the VLR while the

mobile station is registered in the serviceprovider access network. There is an

open interface defined between the RN

and the Packet Data Serving Node

(PDSN) known as the R-P interface.The PDSN interacts with the local or

visited AAA server using the IP protocolwithin the IP network. The servers

contacted by the PDSN or local AAA

server may reside in other IP domains

and be operated by other cellular

operators.

5.1 MobileStation (MS)

The main function of the MS is toestablish, maintain, and terminate voice

and data connections through the PDSN.

The MS establishes a connection byrequesting the appropriate radio

resources from the RN. Once the

connection is established, the mobilestation is responsible for maintaining

knowledge of radio resources, bufferingpackets from the mobile applications

when radio resources are not in place orare insufficient to support the flow to the

network. The mobile station optionally

supports encryption and protocols suchas Mobile IP and Simple IP.

5.2 Radio Network (RN)

The Radio Network consists of twological components: Packet Control

Function (PCF) and Radio Resources

Control (RRC).

The primary function of the PCF is to

establish, maintain, and terminate L2connection to the PDSN. It also

communicates with the RRC to request

and manage radio resources in order to

relay packets to and from the mobilestation. During hard handoff to another

RRC, the serving PCF forwards its

information to the target PCF to re-establish packet data session to the

PDSN. Finally PCF is responsible for

collecting accounting information andforward them to the PDSN.

RRC supports authentication and

authorization of the mobile station for


10/14

radio access. It also supports airinterface encryption to the mobile

station.

5.3 Packet Data Serving Node

(PDSN)PDSN incorporates numerous functionswithin one node. Routing packets to the

IP networks or directly to the HA is the

major effort of PDSN. It assigns

dynamic IP addresses and maintains PPPsessions to the mobile stations. It

initiates authentication, authorization,

and accounting to the AAA for themobile station packet data session3. In

return, the PDSN receives user profile

parameters of the mobile station fromthe AAA. The user profile may contain

differentiated services and security.

PDSN may optionally supports Foreign

Agent (FA) functionalities such asreverse tunneling, registration, and

dynamic home agent and home address

assignment.

5.4 Home Agent (HA)

Home Agent (HA) plays a major role inimplementing the Mobile IP protocol by

redirecting packets to the Foreign Agent

(FA), and receive and route reverse

tunneled packets from the FA. HAprovides security by authenticating

mobile station through Mobile IP

registration. HA also maintains directconnection with AAA in order to receive

provisioning information for subscribers.

3An instance of continuous use of packet data

serviced by the user.

5.5 Authentication,

Authorization, and

Accounting (AAA)

AAA has different personalities

depending on the type of network towhich the AAA server is connected.

When an AAA server is connected to a

service provider network, its major role

is to pass authentication requests fromthe PDSN to the home IP network4, and

authorize responses from the home IP

network to the PDSN. It also storesaccounting information for the MS and

provides user profiles and QOS

information to the PDSN.

An AAA server connected to a home IP

network authenticates and authorizes the

mobile station based on requests fromthe local AAA.

Finally, an AAA server provisioned inthe broker network forwards requests

and responses between service provider

network and the home IP network which

do not have bilateral associations.

6 CDMA2000 Network

Protocol

CDMA2000 network supports two typesof protocol: Simple IP and Mobile IP.

Simple IP is deployed for service in

which the mobile user is assigned adynamic IP address from the local PDSN

and provided IP routing service by aservice provider network. The mobileuser can retain its IP address as long as it

is served by a RN which has

connectivity to the address assigning

4The home network that provides IP based data

services to the user.


11/14

PDSN. However, there is no IP addressmobility beyong this PDSN.

Mobile IP provides IP routing service to

a public IP network and/or secure IP

routing service to predefined private IPnetworks. The mobile user is able to use

either a static IP address or dynamicallyassigned IP address belonging to its

home IP network HA. Regardless of

whether the mobile is assigned a static ordynamic IP address, it should have a

static and persistent HA address to allow

seamless handoff between RNs that are

connected to separate PDSNs. Figure 12and 13 illustrates a Simple IP and

Mobile IP network respectively.

Figure 12: Simple IP Network

Figure 13: Mobile IP Network

6.1 Simple IP

6.1.1 Point-To-Point (PPP)

CDMA2000 usues PPP as the data link

protocol. Only one PPP session is allow

to be established between the MS andthe PDSN. Figure 14 shows the network

protocols when Simple IP is deployed.

The PDSN initiates a PPP session bysending a LCP Configure-Request to the

mobile station immediately after an R-P

session is established. There are twocircumstances in which a PPP session is

terminated. First, if an R-P session is

closed (either mobile or PDSN intends to

close the physical connection), the

packets buffered by the PDSN will bediscarded and an ICMP destination

unreachable packet is sent back to thesender. Then the PPP session is

terminated. Second, if the PPP session

is idle for a certain period, the PDSNwill release the R-P session to the RN

and terminate the PPP session in order to

better utilize network resource.

Figure 10: Simple IP Protocol

6.1.2 Link Access Control

(LAC)

LAC runs on top of PPP. It consists offive sub-layers: Authentication, ARQ,

Addressing, Utility, and Segmentation

and Reassembly. The Authenticationsub-layer is responsible for the initial

authentication and acts on only the

Access Channel (i.e. MS to RN). TheARQ sub-layer assuredand unassured


12/14

delivery of data. Assured meansreceived data are acknowledged, loss

and out-of-order data are selectively

retransmitted, and duplicate data are

discarded. Addressing sublayer presents

only on the common channels. Itsfunction is to assign and match sender

and receiver mobile addresses of thefollowing types: IMSI and ESN, ESN,

IMSI, IMSI and ESN, TMSI. Utility

sub-layer assembles and reasemblesLAC PDU by adding message type,

encryption, radio environment report,

LAC padding and length, and arranging

LAC PDU with L3 PDU. Finally, SARsublayer converts PDU to bitstream (and

vice versa), and adds message length andCRC.

6.1.3 Medium Access Control

(MAC)

MAC offers procedures for controlling

access of data services to the physical

layer. MAC also guarantees reliabletransmission over the Radio Link

Protocol (RLP) which provides best-

effort delivery service. Besides

maintaining data integrity, the MAClayer provides multiplexing of logical

channels to/from physical channelsbased on logical and physical mapping

table. MAC also enforced negotiated

QOS parameters by mediating conflict

requests from competing services andappropriately prioritizing access.

Signalling Radio Burst Protocol (SRBP)

is one of the MAC protocol used incdma2000 to communicate L3 signalling

function via LAC ARQ sub-layer on theAccess channel. Its responsibility is toselect access mode and access

procedure. Another MAC control

chosen is the Radio Link Protocol (RLP)

that comes with limited ARQ capability.It is designed to support reliable internet

protocol running above the MACprotocol.

6.1.4 Physical Layer

The physical layer provides the air and

wired interface specific function such asmodulation/demodulation,

coding/decoding, and power control.CDMA2000 physical layer consists of

forward (RN to mobile) and reverse

(mobile to RN) radio channels that arederived from the 2G CDMA

predecessors.

6.2 Mobile IP

Mobile IP (MIP) introduces a frameworkof procedures, messages, and message

formats that enables a mobile user tochange handoff from one PDSN to

another without requiring alteration of

its IP address, which would otherwisedisrupt L3 and higher operations. MS,

PDSN and HA all support Mobile IP

agent advertisement, MIP extensions,

reverse tunnelling, etc.

6.2.1 IP Security and InternetKey Exchange Protocol

(IPSec/IKE)

IPSec provides security for transmissionof sensitive information over

unprotected networks such as the

Internet. IPSec acts at the network layer,protecting and authenticating IP packetsbetween participating IPSec devices.

IPSec uses IKE to handle negotiation of

protocols and algorithms based on localpolicy, and to generate the encryption

and authentication keys to be used by

IPSec.

Mobile IP authentication consists of

three parts:


13/14

PDSN initiated access authenticationand authorization

HA initiated Mobile IP registration

authentication

FA and HA Security Association

For the first case, CHAP5 authentication

is used during PPP setup and Mobile IP

registration with FAC extension. For thesecond case, PAP authentication with

Mobile Station key distribution are used

along with HA local authentication with

statically configured key for MS-HAsecurity association. For the final case,

options is either to have no security

association, or have the followingsecurity keys:

Static configured FA-HA shared key

Dynamic distributed FA-HA sharedkey

IKE/IPSEC with statically shared

key

IKE/IPSEC with dynamically

distributed from Home RADIUS

server

IKE/IPSEC with public certification

as defined in X.509

Figure 11: Mobile IP Control and IKE

Protocol

5Chanllenge Handshake Authentication Protocol

Figure 12: Mobile IP User Data Protocol

7 Conclusion

UMTS and CDMA2000 architecture

both share the same IMT-2000 vision to

provide high bandwidth wireless internetaccess. Although each approach

receives substantial influence from its

predecessor, both architecture aredesigned to be IP-centric with well-

defined air and wire interfaces. The

requirement of seamless convergence oftraditional voice transmission and

increasing demand of data delivery will

create new business opportunities for

manufacturers, operators and providersof content and applications.

8 References[1] 3GPP Technical Specification

25.401 UTRAN Overall Description

[2] 3GPP Technical Specification

25.410 UTRAN Iu Interface:

General Aspects and Principles

[3] 3GPP Technical Specification

25.420 UTRAN Iu Interface:


[4] 3GPP Technical Specification25.430 UTRAN Iub Interface:


[5] 3GPP2 P.S0001-A Version 3.0.0

Wireless IP Network Standard


14/14

[6] 3GPP2 P.R0001 Version 1.0.0:Wireless IP Architecture Based on

IETF Protocols

[7] 3GPP2 C.S0003-A: Medium

Access Control (MAC) Standard for

cdma2000 Spread SpectrumSystems

[8] 3GPP2 C.S0004-0: Signaling Link

Access Control (LAC) Standard forcdma2000 Spread Spectrum

Systems

telco - 3g wireless network architecture umts vs cdma2000

Documents