Authentication vector management for UMTS

Authentication Vector Management for UMTS

Lin-Yi Wu and Yi-Bing Lin, Fellow, IEEE

Abstract— In Universal Mobile Telecommunication System (UMTS), the security function provides mutual authenticity and key agreement between the core network and the Mobile Station (MS). Specifically, the Serving GPRS Support Node (SGSN) in the core network obtains an array of Authentication Vectors (AVs) from the Home Subscriber Server/Authentication Center (HSS/AuC), and consumes one AV for each mutual authenti-cation. After the departure of the MS, the SGSN may keep the unused AVs for a time interval called the Reservation Timeout (RT) period. If the MS returns within the RT period, the SGSN uses the stored AVs for mutual authentication instead of obtaining new AVs from the HSS/AuC. Note that a long RT period results in fewer accesses to the HSS/AuC at the cost of extra AV storage in the SGSN. In this paper, we propose an analytic model to investigate the impact of the RT period on the system performance. Our study provides the guidelines for the mobile operators to select an appropriate RT period.

Index Terms— 3G, authentication vector, security function, UMTS core network.

I. INTRODUCTION

U

SYS-TEM (UMTS) [1] supports multimedia applications with quality of services. The UMTS network includes three parts:

Mobile Station (MS; Fig. 1 (1)) is the equipment through

which a user accesses UMTS services. Core Network (Fig. 1 (2)) provides mobility management, session management and transport for IP-based services. UMTS Terrestrial Radio

Ac-cess Network (UTRAN; Fig. 1 (3)) provides wireless

connec-tivity between the MS and the core network. UTRAN consists of Radio Network Controllers (RNCs; Fig. 1 (8)) and Node Bs (Fig. 1 (9)). In the core network, Serving GPRS Support

Node (SGSN; Fig. 1 (4)) and Gateway GPRS Support Node

(GGSN; Fig. 1 (5)) provide mobility and session services to mobile users. One SGSN connects to several RNCs, and one RNC connects to one or more Node Bs. The coverage of the Node Bs connected to the same SGSN is called an SGSN area. In Fig. 1, SGSN area 1 (Fig. 1 (10)) corresponds to SGSN1, and SGSN area 2 (Fig. 1 (11)) corresponds to SGSN2. The Manuscript received May 11, 2006; revised January 1, 2007; accepted January 10, 2007. The associate editor coordinating the review of this paper and approving it for publication was X. Zhang. This work was sponsored in part by the NSC Excellence project NSC 2752-E-009-005-PAE, NSC 95-2218-E-009-201-MY3, NSC 94-2219-E-009-001, NSC 94-2219-E-009-024, NTP SIP-based B3G project under grant number NSC 95-2219-E-009-010, NTP IMS Integration Project under grant number NSC 95-2219-E-009-019, Intel, Chung Hwa Telecom, IIS/Academia Sinica, ITRI/NCTU Joint Research Center, and MoE ATU.

L.-Y. Wu is with MediaTek Inc., No. 1, Dusing Rd. 1, HsinChu Science-Based Industrial Park, HsinChu, Taiwan 300, R.O.C. (e-mail: ly-wyu@csie.nctu.edu.tw).

Y.-B. Lin is with the Department of Computer Science and Information Engineering, National Chiao Tung University, 1001 Ta Hseuh Rd., Hsinchu 30030, Taiwan (e-mail: liny@csie.nctu.edu.tw). He is also with the Institute of Information Science, Academia Sinica, Nankang, Taipei, Taiwan.

Digital Object Identifier 10.1109/TWC.2007.060245.

Fig. 1. The UMTS architecture.

Fig. 2. Message flow for UMTS security.

GGSN connects to the external Packet Data Network (PDN; Fig. 1 (7)) by an IP-based interface. Both SGSN and GGSN communicate with the Home Subscriber Server/Authentication

Center (HSS/AuC; Fig. 1 (6)) for mobility and session

man-agement. The HSS/AuC is the master database containing all user-related subscription and location information.

When an MS sends initial L3 messages (e.g., location up-date request, connection management service request, paging response, etc.) to the SGSN, the security function is activated to provide mutual authentication between the HSS/AuC and the MS [2]. Mutual authentication is achieved by showing the knowledge of a preshared secret key that is only available in the MS and the AuC. Specifically, an Authentication Vector (AV) is used for one authentication and key agreement be-tween the SGSN and the MS. Fig. 2 illustrates the message flow for UMTS security.

Step 1. The MS sends an L3 message (e.g., registration) to the SGSN.

Steps 2-4. Upon receipt of the L3 message, if the SGSN possesses the AVs of the MS, Steps 2-4 are skipped. 1536-1276/07$25.00 c 2007 IEEE

4102 IEEE TRANSACTIONS ON WIRELESS COMMUNICATIONS, VOL. 6, NO. 11, NOVEMBER 2007

Otherwise, the SGSN sends an Authentication Data Request message to the HSS/AuC to retrieve the AVs. The HSS/AuC generates an array of AVs, and returns them to the SGSN through the Authentication Data Response message. Steps 2-4 are called the

Authentication Data Request & Response (ADR)

operation. An AV contains 5 elements: a random challenge RAND, a network authentication token AUTN, an expected user response XRES, a cipher key CK, and an integrity key IK.

Steps 5 and 6. The SGSN selects the next unused AV in the AV array to perform the security function. Then the SGSN sends a User Authentication Request with parameters RAND and AUTN to the MS.

Steps 7 and 8. The MS authenticates the SGSN by veri-fying AUTN. After successfully authenticating the network, the MS computes the user response RES by RAND and preshared key, and then sends RES to the SGSN through User Authentication Response. Steps 6-8 are called the User Authentication Request

& Response (UAR) operation.

Step 9. The SGSN compares RES with XRES. If they are matched, the MS is successfully authenticated. Steps 10 and 11.The MS computes CK and IK by RAND

and preshared Key. On the other hand, the SGSN retrieves CK and IK from the selected AV. CK and IK are used in both sides for encryption/decryption and integrity check.

Since the cost for accessing HSS/AuC is expensive (espe-cially when SGSN and HSS/AuC are located in different coun-tries), the issues of the AV management have been drawn con-siderable attention. In [8], long delay of AV distribution from HSS/AuC to SGSN was discussed. The authors proposed a new approach, in which the SGSN requests HSS/AuC for new AVs before all AVs kept in the SGSN are consumed. In [3], an analytic model was presented to investigate the appropriate number of AVs distributed in one access to HSS/AuC. Based on the analytic results, an automatic selection mechanism was proposed to reduce the network signaling cost.

In this paper, we will investigate on another significant factor in managing AVs. When an MS moves from one SGSN area to another, the old SGSN may store the unused AVs for an interval called the reservation timeout (RT) period. If the MS returns to the SGSN area within the RT period, the SGSN will utilize these stored AVs for authentication instead of obtaining new AVs from the HSS/AuC. Therefore, the signaling traffic for accessing the HSS/AuC is reduced. Note that a long RT period results in fewer accesses to the HSS/AuC at the cost of more AV storage required at an SGSN. This paper investigates the effect of the RT period on the system performance. In Section II, the AV usage mechanism is described. Section III presents an analytic model for measuring system performance. Numerical examples are given in Section IV. Finally, Section V concludes this paper.

II. THEAV USAGEMECHANISM

Consider an SGSN area L0. When an MS resides at L0, the authentication activities are shown in Fig. 3. In this figure, the

MS enters L0at time τ1 (Fig. 3 (1)), and sends a registration

request to L0at time τ1,1,1. This registration request activates a

UAR for mutual authentication between the MS and SGSN L0

(Fig. 3 (2)). Since L0does not have authentication information

of the MS at its first visit, SGSN L0obtains an array of K AVs

from the HSS/AuC through an ADR (Fig. 3 (3)), and utilizes the first AV for the UAR request. Subsequently, more UARs may be issued by the MS, and SGSN L0 utilizes the next unused AV in the array to perform the following UARs (Fig. 3 (4), (5), and (6)). After τ1,1,k, all AVs have been consumed for UARs (Fig. 3 (6)). Therefore, when a UAR arrives at τ1,2,1

(Fig. 3 (7)), SGSN L0 issues the second ADR (Fig. 3 (8))

to obtain the next AV array from the HSS/AuC and uses the first AV in the array to perform the UAR. At time τ₁∗ (Fig. 3 (9)), the MS leaves L0 with R1 unused AVs. Then SGSN L0

starts the RT timer of length T (Fig. 3 (10)), and keeps the

R1unused AVs in its storage during the RT period. If the MS

returns to L0before the RT timer expires (Fig. 3 (11)), SGSN

L0will utilize these stored AVs for the next R1UARs (Fig. 3

(12), (13), and (14)). After the R1AVs are consumed, a UAR

occurs at time τ2,1,1 (Fig. 3 (15)), and SGSN L0 issues an

ADR to obtain a new AV array (Fig. 3 (16)). At time τ2∗, the

MS leaves L0 again (Fig. 3 (17)). Let the residence time of the i-th visit to L0 be ti. During ti, Ni ADRs are executed. When the MS leaves L0, there are Riunused AVs, which will

be subsequently used at the (i+1)-th visit of the MS. Note that if the RT timer expires before the MS returns to L0 (Fig. 3

(18)), then these unused AVs are discarded; that is, Ri= 0 for

the (i+1)-th visit.

III. ANANALYTICMODEL

This section investigates the effect of the RT period T on the performance of the AV management. The following parameters and assumptions are made.

• The UAR arrivals are Poisson processes with rate λ .

• The SGSN residence time is exponentially distributed with rate μ (this exponential assumption will be relaxed in the simulation experiments).

Three output measures are evaluated in our study.

• α: the probability that the MS re-enters L0within the RT

period T

• β: the expected AV storage consumed when T > 0,

which is normalized by the expected AV storage con-sumed when T = 0

• δ: the number of ADRs performed in one visit to SGSN L0as comparing with that when K = 1. Let E[N |K] be the expected number of ADRs performed in one visit to

L0, where K AVs are obtained in one ADR. Then

δ = E[N |K]

E[N |K = 1] (1)

In the following sub-sections, we derive the above output measures.

A. Derivation of Probability α

We utilize a two-dimensional random walk to model the MS movement. Fig. 4 shows the layout of the SGSN areas, where

Fig. 3. MS authentication activities at an SGSN.

Fig. 4. Two-dimensional SGSN layout for the random walk model.

a coordinate(x, y) specifies the location of an SGSN area. An MS resides in an SGSN area for a period, then moves to one of its four neighbors with the same probability 1/4. Let Lj =

(xj, yj) presents the coordinate of the SGSN where the MS

resides after j movements. Initially, the MS resides at L0 =

(0,0).

Let Pj be the probability that the MS returns to L0at the j-th

movement. That is, Pj = Pr[ Lj = L0 ]. Following the

two-dimensional random walk model, Pj= 0 if j is odd. Consider

the even movements where j = 2n. Assume that there are a movements to the east and the same number of movements to the west. Similarly, there are b movements to the north and the same number of movements to the south. Then L2n = L0

if2a + 2b = 2n. For a ≥ 0 and b ≥ 0, we have

P2n =  1 4 2n _2n n 2 (2) Let Q2n be the probability that the MS first returns to L0

at the2n-th movement. In other words, Q_2n = Pr[ L2n= L0,

L2l = L0 for 0 < l < n ]. It is obvious that for n = 1,

Q2= P2.

Suppose that the MS enters L0 at the 2n-th movement, and

the prior visit to L0 occurs at the 2m-th movement, where

0 ≤ m < n. Then we have P2n = P r[L2n= L0] = n−1_ m=0 P r[L2m= L0] × P r[L2n= L2m= L0, L2l= L0f or m < l < n] = n−1 m=0 P2m× Q2(n−m) (3) By rearranging (3), we have Q2n= P2n− n−1_ m=1 P2mQ2(n−m) (4)

Since the MS returns to L0 at the 2n-th movement, the MS moves across 2n − 1 SGSN areas before it returns. For

j = 1, 2, ..., 2n − 1, let the residence time at Lj be t∗j with

the density function f (t∗j) = μe−μt ∗

j_{. Let tr be the period}

between when the MS leaves L0 and when it returns. That is

tr = t∗1+ t∗2+ ... + t∗2n−1, where L2n = L0, and L2l= L0

for 0 < l < n. Let F (2n, t_r) be the cumulative distribution function that the MS returns to L0at2n-th movement at time

tr. It is clear that the F (2n, tr) is an Erlang distribution

F (2n, tr) = 1 − 2n−2_ j=0  (μtr)j j!  e−μtr ₍₅₎

From (4) and (5), α is derived as follows.

α =

∞



n=1

{P r[the MS first returns to L0 at the 2n− th movement] × P r[the M S moves 2n steps

within time T ]}

= ∞

n=1

4104 IEEE TRANSACTIONS ON WIRELESS COMMUNICATIONS, VOL. 6, NO. 11, NOVEMBER 2007 = ∞ n=1 Q2n× ⎧ ⎨ ⎩1 − 2n−2_ j=0  (μT )j j!  e−μT ⎫ ⎬ ⎭ (6) B. 3.2 Derivation for β

Consider the Markov chain illustrated in Fig. 5, where state

Sk represents that there are k AVs stored in SGSN L0. In this figure, the transition probability in a short observation interval Δs is considered. The descriptions of the transitions are given below.

Transition 1: At state Sk(k > 0), the MS resides in L0

with probability (1 − μΔs). A UAR arrives with probability λΔs, which decrements the number of AVs by one. That is, the Markov chain moves from

Sk to Sk−1with probability(1 − μΔs)λΔs.

Transition 2: At S0, the MS resides at L0 with probability

(1 − μΔs), and a UAR occurs with probability

λΔs. Since k = 0, SGSN L0 issues an ADR to obtain K AVs from the HSS/AuC, and uses the first AV to perform the UAR. The remaining K − 1 AVs are stored in SGSN L0. Therefore, the Markov chain moves from S0 to SK−1 with probability

(1 − μΔs)λΔs.

Transition 3: At state Sk(k > 0), the MS leaves L0 with

probability μΔs, and it does not return to L0within

T with probability (1−α). In this case, all AVs stored

in SGSN L0are discarded. That is, the Markov chain

moves from Sk to S0 with probability μΔs(1 − α).

Transition 4: At state Sk(k > 0), the MS stays in L0 with

probability (1 − μΔs), and the probability that no UAR occurs duringΔs is (1−λΔs). In this case, the number of AVs stored in SGSN L0 is not changed. Also, if the MS leaves L0 with probability μΔs and returns before RT expires with probability α, all unused AVs are still stored in SGSN L0. Thus, the

state remains in Sk with probability(1 − μΔs)(1 −

λΔs) + μΔsα.

Transition 5:At S0, SGSN L0 does not keep any AVs, and

the state remains in S0 with probability 1 − (1 −

μΔs)λΔs.

Based on the above transitions, whenΔs → 0, the transition rate matrix H for the Markov chain can be expressed as

H = ⎡ ⎢ ⎢ ⎢ ⎢ ⎢ ⎢ ⎢ ⎣ −λ 0 . . . 0 λ λ + μ − μα μα − μ − λ 0 0 μ(1 − α) λ 0 0 μ(1 − α) 0 0 0 μ(1 − α) 0 0 0 μ(1 − α) 0 0 0 . . . . . . . . . . . . μ(1 − α) 0 μα − μ − λ 0 μ(1 − α) 0 . . . λ μα − μ − λ ⎤ ⎥ ⎥ ⎥ ⎥ ⎥ ⎥ ⎥ ⎦ K×K

Let π = (π0, π1, π2, ..., πK−1) be the probability matrix

where πk is the probability that k AVs are stored in SGSN

L0 at the steady state. Since πH = 0, we have

−λπ0+ λπ1+ μ(1 − α)(π1+ π2+ . . . + πK−1) = 0 (μα − μ − λ)π1+ λπ2 = 0 (μα − μ − λ)π2+ λπ3 = 0 .. . (μα − μ − λ)πK−2+ λπK−1 = 0 (μα − μ − λ)πK−1+ λπ0 = 0 ⎫ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎬ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎭ (7) By rearranging (7), we have πk = AK−kπ0 f or l ≤ k ≤ K − 1, where A = λ μ + λ − μα (8)

By solving (8) with K−1_i=0 πi= 1, we have

π0= _1−A1−AK πk = AK−k  1−A 1−AK  f or 1 ≤ k ≤ K − 1  (9) LetΨ_T be the expected AV storage consumed in one visit to L0 when T ≥ 0. Then

ΨT = E[the number of AV s stored in SGSN L0at any

time]×E[the time period that SGSN L0stores AV s]

where

E[the number of AV s stored in SGSN L0at any time]

= K−1_ k=0 kπk =  _{1 − A} 1 − AK   AK−1− 1 (1 − A−1₎2 + 1 − K 1 − A−1  (10) As previously defined, tr is the period between when the

MS leaves L0 and when it returns. We have

E[the period that SGSN L0 stores AV s]

= E[the period that MS resides in L0]

+ E[the period that SGSN L0 stores the unused

AV s af ter the M S leaves L0]

= E[the period that the MS resides in L0] +

P r[tr> T ] × E[T |tr> T ] + P r[tr≤ T ] × E[tr|tr≤ T ] = 1 μ+ (1 − α)T +  _T t=0t  d (∞_n=1Q2n× F (2n, t)) dt  dt = 1 μ+ (1 − α)T + ∞  n=1  Q2n(2n − 1) μ  ×  1 − e−μT  1 +2n−2 r=0 (μT )2n−r−1 (2n − r − 1)!  (11)

Fig. 5. The state transition diagram for the AVs size at SGSNL₀. From (10) and (11), ΨT =  1 − A 1 − AK   AK−1− 1 (1 − A−1₎2 + 1 − K 1 − A−1  ×  1 μ+ (1 − α)T + ∞  n=1  Q2n(2n − 1) μ  ×  1 − e−μT  1 +2n−2 r=0 (μT )2n−r−1 (2n − r − 1)!  (12) From (12), β is derived as β =Ψ_ΨT 0 (13) C. Derivation for δ

Suppose that K AVs are obtained in one ADR. The ex-pected number E[N |K] of ADRs performed in one visit to

L0is derived as follows. For i ≥ 1, let θ(Ni, Ri−1, Ri, ti) be

the probability that

(i) at the i-th visit to L0, Ri−1 unused AVs are stored in SGSN L0, where R0= 0 and 0 ≤ Ri−1< K,

(ii) the residence time of the i-th visit to L0 is ti, (iii) during ti, Ni ADRs occur, and

(iv) there are Ri unused AVs when the MS leaves L0,

where0 ≤ R_i< K.

Since Ni= 0 has no effect on E[Ni], it suffices to consider

Ni> 0 in the derivation. In this case, NiK +Ri−1−RiUARs are performed in the period ti, and NiK + Ri−1− Ri > 0.

Therefore θ(Ni, Ri−1, Ri, ti) = e−λt  (λti)NiK+Ri−1−Ri (NiK + Ri−1− Ri)!  Let ϕ(Ni, Ri−1) be the probability that when the MS enters

L0at the i-th visit, Ri−1unused AVs are stored in SGSN L0, and Ni ADRs are performed during the residence time of the

i-th visit. For Ni> 0, ϕ(Ni, Ri−1) is derived as

ϕ(Ni, Ri−1) = K−1_ Ri=0  ∞ ti=0 θ(Ni, Ri−1, Ri, ti) × f(ti)dti  =  λ λ + μ NiK+Ri−1+1 λ + μ λ K − 1  (14)

Let Γ(N_i, T ) be the probability that Ni ADRs are

per-formed at the i-th visit to L0, where i ≥ 1 and Ni > 0,

and the length of the RT period is T . Consider the following two cases:

Case 1: The MS re-enters L0 within T . Thus, SGSN L0

still stores Ri−1unused AVs, where0 ≤ Ri−1 < K.

The probability of Case 1 is α.

Case 2: The MS re-enters L0 after the RT timer expires,

and Ri−1= 0. The probability of Case 2 is (1 − α).

Then we have Γ(Ni, T ) = α _K−1  k=0 πkϕ(Ni, k)  + (1 − α)ϕ(Ni, 0) (15)

The first term of the right hand side in (15) is derived as follows. From (9) and (14)

α _K−1  k=0 πkϕ(Ni, k)  = α  1 − A 1 − AK   λ λ + μ _NiK+1 λ + μ λ _K − 1  ×  1 + AK λ A(λ + μ) − λ   1 −  λ A(λ + μ) K−1 (16) The second term of the right hand side in (15) is derived as follows. (1 − α)ϕ(Ni, 0) = (1 − α)  λ λ + μ NiK+1 λ + μ λ K − 1  (17) Let E[N |K] = limi→∞E[Ni|K] be the expected number

of ADRs performed during one visit to SGSN L0at the steady state (i.e., when i → ∞). From (15), (16), and (17), E[N |K] is expressed as: E[N |K] = ∞ N=1 N × Γ(N, T ) = ⎧ ⎪ ⎨ ⎪ ⎩ α  λ λ+μ   1−A 1−AK  1 − λ λ+μ K ⎫ ⎪ ⎬ ⎪ ⎭  1 +  λAK A(λ + μ) − λ 

4106 IEEE TRANSACTIONS ON WIRELESS COMMUNICATIONS, VOL. 6, NO. 11, NOVEMBER 2007

Fig. 6. Effects ofT on α.

Fig. 7. Effects ofT and K on β (λ = 20μ).

×  1 −  λ A(λ + μ) K−1 + 1 1 − λ λ+μ _K2 ×  (1 − α)  λ λ + μ   1 −  λ λ + μ K (18) Finally, δ is derived from (1) and (18).

IV. NUMERICALEXAMPLES

Based on the analytic models, we use numerical examples to investigate how the RT period T affects the performance of AV management. These numerical examples also validate the simulation model against the analytic analysis in Section III. As shown in Figs. 6-8, the discrepancies between the analytic and simulation models are less than 1%. Therefore the analytic and simulation models are consistent.

Based on (6), Fig. 6 plots the probability α of re-entrance to L0 against the RT period T . The figure indicates that for

T < 27/μ, α significantly increases as T increases. For T ≥

27/μ, the impact of T on α becomes less significant. We note that the α curve is determined by the probabilities of the movement directions. In the two-dimensional random walk, if the routing probabilities of the movement directions are not the same, then it is very likely that the MS will never return to

L0. In the real world, the MS movement may exhibit locality, and the MS eventually moves back to L0.

Fig. 8. Effects ofT and K on δ (λ = 20μ)

According to (12) and (13), Fig. 7 plots the normalized AV storage β against T and K. The figure indicates that β is an almost linearly increasing function of T . When T = 27/μ, SGSN L0 consumes 17 times as much AV storage as that

when T = 0.

Based on (1) and (18), Fig. 8 plots δ against T and K. We observe that δ decreases as T increases. For T > 27/μ, the effect of T on δ is negligible. When T → ∞, all AVs are utilized for the UARs, and δ = 1/K. For the same T value, it is obvious that δ increases as K decreases. Consider the case

K = 30 and T = 27/μ, the ADR traffic decreases 24.9%

as compared with K = 30 and T = 0. Fig. 7 and Fig. 8 indicate the relation between the storage usage and the ADR traffic, and provide the guidelines for the mobile operators to configure the RT timer. For example, if the operator sets

K = 10 and wants to reduce 88.86% of the ADR traffic (as

compared with when K = 1), the RT period T = 27/μ should be selected. In this case, the SGSN utilizes 17 times the AV storage as that when T = 0.

Fig. 9 shows the effects for the variance of the SGSN residence times. The Gamma distribution with mean1/μ and variance Vs is considered for SGSN residence times because

it has been shown that the distribution of any positive random variable can be approximated by a mixture of Gamma distrib-utions (see Lemma 3.9 in [4]). Following the past experience [5]–[7], we can measure the SGSN residence times in a real mobile network, and the measured data can be approximated by a Gamma distribution as the input to our simulation model. Fig. 9 shows the effect of variance Vsfor the SGSN residence time distribution on the system performance. When Vs <

2.5 × 105_/μ2_{, the impact of Vs on α and δ is insignificant,}

and β increases as Vsincreases. For Vs> 2.5 × 105/μ2, as Vs

increases, α significantly increases, β significantly decreases, and δ insignificantly decreases. This phenomenon is explained as follows. As Vs increases, more short and long SGSN

residence times are observed, and the increase of the number of short SGSN residence times is more significant than that of long SGSN residence times. Since tr is composed of SGSN

residence times, the increase of short tris also more significant

than that of long tr. Short tr results in large α value, and

the SGSN consumes less AV storage after the MS leaves the SGSN area (i.e. small β value is expected). Moreover, as α increases, more stored AVs are used for UARs, and the number

(a) Effect ofVsonα. (b) Effect ofVsonβ. (c) Effect ofVsonδ. Fig. 9. Effects ofVs (λ = 20μ, T = 27/μ, and K = 10)

of ADRs decreases. Therefore, the AV usage mechanism has better performance when the variance of SGSN residence times becomes large.

V. CONCLUSIONS

In UMTS, when an MS leaves a SGSN area, the SGSN may keep the unused AVs for an interval called the RT period. If the MS returns to the SGSN area within the RT period, the SGSN uses these stored AVs for mutual authentication instead of obtaining new AVs from the HSS/AuC. This AV usage mechanism reduces the signaling traffic between the SGSN and the HSS/AuC. On the other hand, this mechanism results in extra AV storage at the SGSN. In this paper, we proposed an analytic model to investigate the impact of the RT period on the system performance. Three output measures are considered: the re-entrance probability, the extra AV storage, and the ADRs traffic between the SGSN and the HSS/AuC. The analytic results were validated against the simulation experiments. Our study provides the guidelines for the mobile operators to implement the AV usage mechanism.

REFERENCES

[1] Y.-B. Lin, Y.-R. Haung, A.-C. Pang, and I. Chlamtac. “All-IP approach for UMTS third generation mobile networks,” IEEE Network, vol. 16, no. 5, pp. 8-19, 2002.

[2] 3GPP, 3rd Generation Partnership Project; Technical Specification Group Services and Systems Aspects; 3G Security; Security Architec-ture (Release 6), Tech. Spec. 3GPP TS 33.102 V6.0.0 (2003¡V09), 2003. [3] Y.-B. Lin, and Y. K. Chen. “Reducing authentication signaling traffic in third generation mobile network,” IEEE Trans. Wireless Commun., vol 2, no. 3, pp. 493-501, 2003.

[4] F. P. Kelly. Reversibility and Stochastic Networks. New York: John Wiley & Sons, 1979.

[5] I. Chlamtac, Y. Fang, and H. Zeng. “Call blocking analysis for PCS networks under general cell residence time,” in Proc. IEEE Wireless

Commun. Networking Conf. (WCNC), Sep. 1999, pp. 550-554.

[6] FarEasTone Telecom, Private communication, 2003.

[7] H. Zeng, and I. Chlamtac. “Handoff traffic distribution in cellular networks,” in Proc. IEEE Wireless Commun. Networking Conf. (WCNC), Sep. 1999, pp. 413-417.

[8] Y. Zhang, and M. Fujise. “An improvement for authentication protocol in third-generation wireless networks,” IEEE Trans. Wireless Commun., vol 5, no. 9, pp. 2348-2352, 2006.

Lin-Yi Wu received the B.S., M.S., and Ph.D.

degrees in Computer Science from National Chiao Tung University, Taiwan, in 1999, 2001, and 2006 respectively. She is now a senior software engineer in MediaTek Inc., Taiwan. Her research interests include wireless metro area network, personal com-munications services, voice over IP, and network security.

Yi-Bing Lin (M’95-SM’95-F’03) is Chair Professor

of Computer Science, National Chiao Tung Univer-sity. His current research interests include wireless communications and mobile computing. Dr. Lin has published over 210 journal articles and more than 200 conference papers. Dr. Lin is the author of the book Wireless and Mobile Network Architecture (co-author with Imrich Chlamtac; published by John Wi-ley & Sons) and the book Wireless and Mobile All-IP

Networks (co-author with Ai-Chun Pang; published

by John Wiley & Sons). Dr. Lin is an IEEE Fellow, an ACM Fellow, an AAAS Fellow, and an IET(IEE) Fellow.