Tech
Q&A: Ericsson GPRS chief on security and roaming
Michel Roquejoffre, head of the UMTS and GPRS project at Ericsson France, explains the issues behind GPRS security and roaming
Michel Roquejoffre is the head of the UMTS and GPRS project at Ericsson France. ZDNet France caught up with him at the 3GSM World Congress in Cannes, and talked to him about GPRS roaming and security issues.
Q: Mobile email and intranet access is one of the services being heavily promoted at 3GSM World Congress this year. How do you think corporate demands will evolve in 2002?
A: This year, with the arrival of the GPRS network, companies will be launching mobile email pilots and intranet access tests, working closely with sales support or field management to determine their needs. Mobility will be able to really make a difference in this area by substantially reducing costs and helping generate new revenues. Most of the trials carried out centre on solutions targeting the simultaneous use of a GPRS mobile phone and a PDA connected together by a Bluetooth connection. We won't see many professional solutions for Virtual Private Networks (VPNs), which are limited to intranet access, since these solutions are unlikely to generate sufficient return on investment. But most of the GSM or GPRS applications launched this year will have personalisation options, either directly on one's mobile or via the operator's Web portal. What level of security can users obtain with a standard GPRS handset?
The GPRS network access is totally secure. User authentification as well as data encryption is triggered upon each radio session. In addition to this, a second authentification process takes place at the IP level. When a member of staff accesses an intranet from a GPRS phone it is possible, depending on the agreement between the operator and the firm, to secure the data transfer from one end to another. If the WAP protocol is used, the security check can be made using Wireless Transport Layer Security (WTLS). Terminals can also use multiple mechanisms that allow security to be set from one end to the other on an application level (SSL, IPSec...). This is especially useful when applications can only be obtained via the Internet. The more processing is done directly on the terminal (such as a PDA) the easier and more secure these applications will become to use. What types of contribution is Ericsson making to the development of the pan-European mobile network infrastructure?
Ericsson started its inter-GPRS operator integration tests over a year ago to make sure that GPRS roaming is working correctly. The first phase of these tests is being carried out by connecting operators directly, without using intermediary platforms. Ericsson is now helping build GPRS roaming solutions. Will the GPRS network be able to reconcile large-scale roaming with secured access and personalised services at the 42kbps output speed announced?
GPRS and UMTS were conceived to operate in roaming environments. On a large scale, this task is simplified by connecting operators to the GPRS Roaming Exchange (GRX) platforms. So a subscriber crossing a zone covered by a third party operator can access the personalised application environment offered by his home network, but interoperator agreements are necessary. Use of the IPSec protocol on the network backbone insures security on all data security passing through it. Of course, the implementation of this protocol from end to end depends on the terms agreed between GPRS and GRX operators. Within the IP network (present on the operator backbones and GRX), the supply of quality service depends on technical and engineering decisions. Thanks to the diverse offering of IP technologies providing multiple services, the 42kbps output speed is not an issue. Will it be possible to capture audiovisual streams in these conditions?
Yes, although the output limitations depend on the radio interface. Looking at the infrastructures being deployed and the current offering of mobile terminals, output speeds are estimated to vary between 30 and 40kbps. Such speeds have already been achieved by the GPRS networks being deployed by Ericsson. In order to go beyond this, operators have made the technical and financial decision to opt for UMTS. This technology will provide substantially higher output speeds. It will also introduce the notion of guaranteed speed, which is important for email applications, Web and intranet access. To access a corporate intranet, won't the costs for GPRS (invoiced on the volume of IP packets and no longer on duration) incite companies to use an ISP with international presence?
In both cases, there won't be any difference in invoicing. The GPRS/UMTS equipment provides the ability to count the number of IP packets transmitted as well as session durations (plus a few other parameters). It's up to the operator and its commercial strategy to agree with its subscribers how the invoice will be built, whether it is based on the amount of information sent, usage time, geographic location, and so on. When the user is in roaming mode, the GPRS/UMTS operator being visited collects various taxation information mirroring the use of its network. Like for phone operators, horizontal agreements enable the operator of the network being visited to invoice the home network operator who will in turn invoice the subscriber. When the user is in GPRS/UMTS roaming mode, he can access his intranet in many different ways depending on what has been allowed by his own operator and the operator being roamed.
A: This year, with the arrival of the GPRS network, companies will be launching mobile email pilots and intranet access tests, working closely with sales support or field management to determine their needs. Mobility will be able to really make a difference in this area by substantially reducing costs and helping generate new revenues. Most of the trials carried out centre on solutions targeting the simultaneous use of a GPRS mobile phone and a PDA connected together by a Bluetooth connection. We won't see many professional solutions for Virtual Private Networks (VPNs), which are limited to intranet access, since these solutions are unlikely to generate sufficient return on investment. But most of the GSM or GPRS applications launched this year will have personalisation options, either directly on one's mobile or via the operator's Web portal. What level of security can users obtain with a standard GPRS handset?
The GPRS network access is totally secure. User authentification as well as data encryption is triggered upon each radio session. In addition to this, a second authentification process takes place at the IP level. When a member of staff accesses an intranet from a GPRS phone it is possible, depending on the agreement between the operator and the firm, to secure the data transfer from one end to another. If the WAP protocol is used, the security check can be made using Wireless Transport Layer Security (WTLS). Terminals can also use multiple mechanisms that allow security to be set from one end to the other on an application level (SSL, IPSec...). This is especially useful when applications can only be obtained via the Internet. The more processing is done directly on the terminal (such as a PDA) the easier and more secure these applications will become to use. What types of contribution is Ericsson making to the development of the pan-European mobile network infrastructure?
Ericsson started its inter-GPRS operator integration tests over a year ago to make sure that GPRS roaming is working correctly. The first phase of these tests is being carried out by connecting operators directly, without using intermediary platforms. Ericsson is now helping build GPRS roaming solutions. Will the GPRS network be able to reconcile large-scale roaming with secured access and personalised services at the 42kbps output speed announced?
GPRS and UMTS were conceived to operate in roaming environments. On a large scale, this task is simplified by connecting operators to the GPRS Roaming Exchange (GRX) platforms. So a subscriber crossing a zone covered by a third party operator can access the personalised application environment offered by his home network, but interoperator agreements are necessary. Use of the IPSec protocol on the network backbone insures security on all data security passing through it. Of course, the implementation of this protocol from end to end depends on the terms agreed between GPRS and GRX operators. Within the IP network (present on the operator backbones and GRX), the supply of quality service depends on technical and engineering decisions. Thanks to the diverse offering of IP technologies providing multiple services, the 42kbps output speed is not an issue. Will it be possible to capture audiovisual streams in these conditions?
Yes, although the output limitations depend on the radio interface. Looking at the infrastructures being deployed and the current offering of mobile terminals, output speeds are estimated to vary between 30 and 40kbps. Such speeds have already been achieved by the GPRS networks being deployed by Ericsson. In order to go beyond this, operators have made the technical and financial decision to opt for UMTS. This technology will provide substantially higher output speeds. It will also introduce the notion of guaranteed speed, which is important for email applications, Web and intranet access. To access a corporate intranet, won't the costs for GPRS (invoiced on the volume of IP packets and no longer on duration) incite companies to use an ISP with international presence?
In both cases, there won't be any difference in invoicing. The GPRS/UMTS equipment provides the ability to count the number of IP packets transmitted as well as session durations (plus a few other parameters). It's up to the operator and its commercial strategy to agree with its subscribers how the invoice will be built, whether it is based on the amount of information sent, usage time, geographic location, and so on. When the user is in roaming mode, the GPRS/UMTS operator being visited collects various taxation information mirroring the use of its network. Like for phone operators, horizontal agreements enable the operator of the network being visited to invoice the home network operator who will in turn invoice the subscriber. When the user is in GPRS/UMTS roaming mode, he can access his intranet in many different ways depending on what has been allowed by his own operator and the operator being roamed.
The high speeds of GPRS and 3G networks mean Internet browsing on the move is becoming a reality. Check out the latest news and the latest products in the GPRS/3G News Section.
Have your say instantly, and see what others have said. Go to the Telecoms forum . Let the editors know what you think in the Mailroom.