Network Working Group R. Gellens Request for Comments: 2636 Qualcomm Obsoletes: 2604 July 1999 Category: Informational Wireless Device Configuration (OTASP/OTAPA) via ACAP Status of this Memo This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited. Copyright Notice Copyright (C) The Internet Society (1999). All Rights Reserved. Abstract Wireless carriers today are faced with creating more efficient distribution channels, increasing customer satisfaction, while also improving margin and profitability. Industry trends are pushing the sale of handsets further into the retail channel. The cost and effort of provisioning handsets, activating users, and updating handset parameters can be greatly reduced by using over-the-air activation mechanisms. A comprehensive and extensible means for over-the-air provisioning and handset parameter updating is required. One approach is to purchase EIA/TIA/IS-683A (Over-the-air Service Provisioning of Mobile Stations in Spread Spectrum Systems) equipment. The cost of this has led carriers to seek alternative solutions. A very viable means for providing over-the-air (OTA) provisioning is to leverage the rollout of IS-707 data services equipment, which most carriers are in the process of deploying. This paper presents an approach to OTA provisioning that utilizes the deployment of IS-707 to deliver OTA provisioning and parameter upgrading. IS-707 data services makes available several methods of providing over-the-air provisioning and parameter updating. A well thought-out approach utilizing Internet-based open standard mechanisms can provide an extensible platform for further carrier service offerings, enhanced interoperability among back-end services, and vendor independence. This paper describes a viable and attractive means to provide OTASP/OTAPA via IS-707, using the ACAP [ACAP] protocol. Gellens Informational [Page 1] RFC 2636 OTASP/OTAPA via ACAP July 1999 Table of Contents 1. Terms . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Feature Descriptions . . . . . . . . . . . . . . . . . . . 6 2.1. OTASP Feature Description . . . . . . . . . . . . . . . 6 2.2. OTAPA Feature Description . . . . . . . . . . . . . . . 6 3. Operation . . . . . . . . . . . . . . . . . . . . . . . . . 7 3.1. Initial Provisioning Activity . . . . . . . . . . . . . 7 3.2. OTASP for Authorized Users . . . . . . . . . . . . . . . 8 3.3. OTAPA Activity . . . . . . . . . . . . . . . . . . . . 8 4. Requirements . . . . . . . . . . . . . . . . . . . . . . . . 9 4.1. General Requirements . . . . . . . . . . . . . . . . . 9 4.2. OTASP Requirements . . . . . . . . . . . . . . . . . . . 9 4.3. OTAPA Requirements . . . . . . . . . . . . . . . . . . 10 4.4. Provisioning Server Requirements . . . . . . . . . . . . 10 4.5. Security Requirements . . . . . . . . . . . . . . . . . 11 5. Architecture . . . . . . . . . . . . . . . . . . . . . . . . 11 5.1. ACAP over TCP/IP . . . . . . . . . . . . . . . . . . . 11 5.1.1. Mobile Authentication and A-Key Generation . . . . . 12 5.1.2. Mobile Identification . . . . . . . . . . . . . . . 12 5.1.3. ACAP Server . . . . . . . . . . . . . . . . . . . . 12 5.1.4. Overview of ACAP Structure . . . . . . . . . . . . 13 5.1.5. Data Organization and Capabilities . . . . . . . . . 13 5.1.5.1. Structure . . . . . . . . . . . . . . . . . . . 14 5.1.5.2. Conventions . . . . . . . . . . . . . . . . . . 15 5.1.5.3. Dataset . . . . . . . . . . . . . . . . . . . . 15 5.1.5.4. Entries and Attributes . . . . . . . . . . . . . 15 5.1.5.5. NAM Records . . . . . . . . . . . . . . . . . . 16 5.1.5.6. Server Roaming Lists . . . . . . . . . . . . . . 17 5.1.5.7. Requested-Data Record . . . . . . . . . . . . . 18 5.1.5.8. Sample Server Entry . . . . . . . . . . . . . . 18 5.1.6. Administrative Client . . . . . . . . . . . . . . . 19 5.1.7. Mobile Client . . . . . . . . . . . . . . . . . . . 20 5.2. WAP with ACAP . . . . . . . . . . . . . . . . . . . . . 22 5.3. Network-Resident vs. Configuration Data . . . . . . . . 23 5.4. Intellectual Property Issues . . . . . . . . . . . . . 23 6. Handset Protocol Suites . . . . . . . . . . . . . . . . . . 23 6.1. ACAP over TCP/IP . . . . . . . . . . . . . . . . . . . 23 7. IS-683A Compatibility . . . . . . . . . . . . . . . . . . . 24 7.1. OTASP Operations . . . . . . . . . . . . . . . . . . . 24 7.2. OTASP Call Flow . . . . . . . . . . . . . . . . . . . . 24 7.3. OTAPA Operations . . . . . . . . . . . . . . . . . . . 24 7.4. OTAPA Call Flow . . . . . . . . . . . . . . . . . . . . 25 8. Alternative Methods . . . . . . . . . . . . . . . . . . . . 25 8.1. IS-683A over TCP/IP . . . . . . . . . . . . . . . . . . 25 8.1.1. OTAF Server . . . . . . . . . . . . . . . . . . . . 25 8.1.2. Interface Application . . . . . . . . . . . . . . . 26 8.1.3. Protocol Handset Suite . . . . . . . . . . . . . . 26 Gellens Informational [Page 2] RFC 2636 OTASP/OTAPA via ACAP July 1999 8.2. Browser-Based Forms . . . . . . . . . . . . . . . . . . 26 9. Conclusion . . . . . . . . . . . . . . . . . . . . . . . . 27 10. References . . . . . . . . . . . . . . . . . . . . . . . . 28 11. Security Considerations . . . . . . . . . . . . . . . . . 28 12. Acknowledgments . . . . . . . . . . . . . . . . . . . . . 28 13. Author's Address . . . . . . . . . . . . . . . . . . . . 28 14. Full Copyright Statement . . . . . . . . . . . . . . . . . 29 1. Terms Application Configuration Access Protocol (ACAP) -- An Internet protocol (RFC-2244) that provides remote storage and access of configuration and preference information. Activation -- A process in which a mobile station and network become programmed so that a mobile station becomes operable and can be used for cellular service once authorized by the service provider. Authentication -- A procedure used to validate a mobile station's identity. Authentication Center -- An entity that manages the authentication information related to the mobile station. Authentication Key (A-key) -- A secret 64-bit pattern stored in the mobile station. It is used to generate and update the mobile station's shared secret data. The A-key is used in the authentication process. Authorization -- An action by a service provider to make cellular service available to a subscriber. Call -- A temporary communication between telecommunications users for the purpose of exchanging information. A call includes the sequence of events that allocates and assigns resources and signaling channels required to establish a communications connection. Cellular Service Provider -- A licensee of the responsible government agency (in the U.S. a licensee of the Federal Communications Commission) authorized to provide Cellular Radiotelephone Service. Challenge/Response Authentication Mechanism using Message Digest 5 (CRAM-MD5) -- An authentication mechanism which is easy to implement, and provides reasonable security against various attacks, including replay. Supported in a variety of Internet protocols. Specified as baseline mechanism in ACAP. CRAM-MD5 is published as RFC 2195. Gellens Informational [Page 3] RFC 2636 OTASP/OTAPA via ACAP July 1999 Code Division Multiple Access -- A technique for spread-spectrum multiple-access digital communications that creates channels through the use of unique code sequences. Customer Service Center -- An entity of a service provider that provides user support and assistance to subscribers. Customer Service Representative -- A person that operates from a customer service center and provides user support and assistance to subscribers. Diffie-Hellman Algorithm -- A public-key cryptography algorithm for exchanging secret keys. Uses the equation , where k is the secret key. The equation is executed by each party of the session based on the exchange of independently generated public values. Digits -- Digits consist of the decimal integers 0,1,2,3,4,5,6,7,8, and 9. Dual-mode Mobile Station -- A mobile station capable of both analog and digital operation. Electronic Serial Number (ESN) -- A 32-bit number assigned by the mobile station manufacturer used to identify a mobile station. The ESN is unique for each legitimate mobile station. Home Location Registry (HLR) -- The location register or database to which a MIN is assigned for record purposes such as subscriber information. Message Digest 5 (MD5) -- A one-way cryptographic hash function. Widely deployed in Internet protocols. Published as RFC 1321. Mobile Identification Number (MIN) -- The 10-digit number that represents a mobile station's directory number. Mobile Station (MS) -- A station, fixed or mobile, which serves as the end user's wireless communications link with the base station. Mobile stations include portable units (e.g., hand-held personal units) and units installed in vehicles. Mobile Switching Center (MSC) -- A configuration of equipment that provides cellular radiotelephone service. Mobile Terminal Authorizing System (MTAS) -- A control system that provides the capability to load the CDMA network HLR with mobile station profile information. Gellens Informational [Page 4] RFC 2636 OTASP/OTAPA via ACAP July 1999 Number Assignment Module (NAM) -- The mobile station's electronic memory module where the MIN and other subscriber-specific parameters are stored. Mobile stations that have multi-NAM features offer users the option of using their units in several different markets by registering with a local number in each location. Over-the-air Service Provisioning Function (OTAF) -- A configuration of network equipment that controls OTASP functionality and messaging protocol. Over-the-air Parameter Administration (OTAPA) -- Network initiated OTASP process of provisioning mobile station operational parameters over the air interface. Over-the-air Service Provisioning (OTASP) -- A process of provisioning mobile station operational parameters over the air interface. Quick-Net-Connect (QNC) -- An IS-707 data service capability that utilizes the Async Data Service Option number but bypasses the modem connection for a direct connection to an IP-based internet. Roamer -- A mobile station operating in a cellular system or network other than the one from which service was subscribed. Simple Authentication and Security Layer (SASL) -- An Internet protocol (RFC-2222) that provides a framework for negotiating authentication and encryption mechanisms. Service Provider -- A company, organization, business, etc. which sells, administers, maintains, and charges for the service. The service provider may or may not be the provider of the network. Shared Secret Data (SSD) -- A 128-bit pattern stored in the mobile station (in semi-permanent memory) and known by the network. The A- key is used to generate the SSD at the network and in the mobile station for comparison. Wireless Application Protocol (WAP) -- A set of network and application protocols including a datagram protocol (WDP), Transport Layer Security (WTLS), Transaction Protocol (WTP), Session Protocol (WSP), and Application Environment (WAE), which use carrier-based gateways to enable wireless devices to access Web resources. See for specifications and details. Gellens Informational [Page 5] RFC 2636 OTASP/OTAPA via ACAP July 1999 2. Feature Descriptions 2.1. OTASP Feature Description The Over the Air Service Provisioning (OTASP) feature allows a potential wireless service subscriber to activate new wireless services, and allows an existing wireless subscriber to make services changes without the intervention of a third party. OTASP includes the following: * A way to establish a user profile. * "Over-The-Air" programming of a Number Assignment Module (NAM), IMSI and Roaming Lists, including Data option parameters, and optionally, service provider or manufacturer specific parameters (e.g., lock code, call timer). * An Authentication Key (A-key) Generation procedure. * A-key storage 2.2. OTAPA Feature Description The Over-the-Air Parameter Administration (OTAPA) feature allows wireless service providers to update a NAM, IMSI, and Roaming List information in the mobile station remotely without the intervention of a third party. This capability increases flexibility and reduces costs for carriers involved with mass changes that affect every handset, such as area-code splits. OTAPA includes the following: * Update a user's Number Assignment Module (NAM) * Update Data option parameters * Update service provider or manufacturer specific parameters (e.g., Server address(es), lock code, call timer). * Update roaming lists Gellens Informational [Page 6] RFC 2636 OTASP/OTAPA via ACAP July 1999 3. Operation 3.1. Initial Provisioning Activity A new subscriber needs to give the intended service provider sufficient information (e.g., name, address, etc.) to prove credit- worthiness and establish a record within the service provider's billing system. In addition, the ESN of the mobile station needs to be given to the provider. This may occur in three ways: Voice scenario -- A customer care representative collects credit information during a voice conversation. This call is made from a different phone (e.g., wired service) or is initiated using the IS- 683A OTASP dialing scheme (i.e., *228xx). Once the user has been authorized, the customer care representative creates a record in the CDMA network HLR, thus allowing use of the CDMA network. In addition, a limited-time N-digit password is created which is tied to the ESN. The choice of N (how many digits) is up to the carrier (as a trade-off between security and user inconvenience). All required provisioning information (including the limited-time password) is loaded into the provisioning server. The user is then told to hang up and call a special number, of the form *228 XX SEND (the XX code is the same as used in the initial voice call). This causes the mobile station to initiate a provisioning session. The mobile station and the provisioning server authenticate, and all required provisioning information is downloaded into the mobile station. The user receives some form of notification once the activity is complete. This notification can be an audible tone or a text message on the mobile station display. (The form and content of this notification can be part of the provisioning data downloaded by the mobile station.) Once this initial provisioning activity is complete the user has a fully authorized mobile station ready for use. Forms scenario -- An interactive user interface is presented via a browser on the mobile station.