Field of the Invention
The invention relates to an operation and maintenance system for a mobile communications network.
A mobile communications network is a hierarchically structured system of various network elements, in which the lowest hierarchical level is formed by the mobile telephones, also called mobile stations (MS). These mobile stations communicate with radio base stations forming the next hierarchical level, which are also called base stations or base transceiver station equipment (BTSE), via a so-called Um interface or radio interface.
Due to the relatively short radio range of such base stations, a mobile communications network of a normal size contains a large number of base stations. These base stations are combined in regions for leading and controlling the data traffic between them. The higher-level network elements provided for this purpose are called base station controller (BSC). The base stations communicate with the base station controllers via a so-called Abis interface. If necessary, a transcoder and rate adapter unit (TRAU) can be allocated to a base station controller for optimizing the data communication. The base stations, the base station controllers and the transcoder and rate adapter units form a base station subsystem (BSS) of the mobile communications network. In this configuration, base stations, base station controllers and transcoder and rate adapter units are network devices of the base station subsystem.
The base station controllers communicate via so-called A interfaces with one or a few mobile switching centers (MSC), which are also used as gateways to other telephone networks, among other things. Together with a few databases, the mobile switching centers form the network switching subsystem (NSS).
Apart from the network element hierarchies described above, there is an operation and maintenance subsystem (OMS). The operation and maintenance subsystem is used for configuring and monitoring all network elements. For this purpose, monitoring measures and configuration measures are in most cases remotely controlled from operation and maintenance centers (OMC), which are usually located in the area of mobile switching centers.
One of the tasks of the operation and maintenance subsystem is the execution of a configuration management (CM), which represents one of five management function areas which identify the telecommunication management network principles. The configuration management defines a number of services which enable the structure, and thus the characteristics of a communications network to be changed by the operator. These services are always related to entities or instances of managed objects which together form the network-specific management information base (MIB).
In principle, the configuration of a mobile communications network can be managed from two sides, namely either centrally from a workstation of an operation and maintenance center, also called operation and maintenance terminal (OMT), or in the area of the network peripherals with the aid of a maintenance device which is also called local maintenance terminal (LMT) which can be connected to any network devices of the base station subsystem, i.e. to a base station, a base station controller or a transcoder and rate adapter unit via a so-called T interface. In this configuration, a number of LMT maintenance devices can be simultaneously connected to various network devices. For the purpose of changing function-related entities of managed objects, LMT maintenance devices connected to network devices are operated in two different modes. If an LMT maintenance device is directly connected to a base station, base station controller or transcoder and rate adapter unit, the LMT maintenance device is operating in the normal mode in which it directly acts on the corresponding network device. If the LMT maintenance device is connected to a base station or to a transcoder and rate adapter unit, it is operated in the base station controller remote control mode and acts on the associated base station controller from a distance. The LMT maintenance device is logically connected to the base station controller in these two types of configuration.
A managed object in the sense of the configuration management is a logical abstraction of a resource in the mobile communications network. In this connection, a distinction is made between hardware-related managed objects which describe a proprietary implementation of a function, and between function-related managed objects which are in each case the abstraction of a nonproprietary functionality.
Hardware-related managed objects can be configured via an LMT maintenance device which is operated in normal mode, i.e. in local mode and is connected to a base station or transcoder and rate adapter unit affected.
Within the scope of a configuration management, a number of operators of operating and maintenance devices of the operation and maintenance center, which are working independently of one another, and operators of LMT maintenance devices connected peripherally can simultaneously change the configuration of a mobile communications network in the form of configuration processes. A configuration process is usually initiated with a xe2x80x98start configurationxe2x80x99 command which is issued by an operation and maintenance device or an LMT maintenance device, and in the normal case, such a configuration process is concluded with an xe2x80x98end configurationxe2x80x99 command when all changes in configuration are entered. An initiated configuration process can also be aborted with an xe2x80x98abort configurationxe2x80x99 command when changes made to the configuration are discarded.
The operation and maintenance center regulates the control of operator accesses to the mobile communications network via the operation and maintenance center with the aid of security mechanisms which are implemented on the basis of so-called authentication and authorization checks, i.e. of user identification and allocation of corrections in central supervisory computers. Accordingly, control of user accesses via an operation and maintenance center is ensured. LMT accesses, i.e. configuration accesses via local maintenance devices which are connected to any network device of the base station subsystem provide an operator with the same configuration capabilities as accesses via the operation and maintenance center. For an access to the operation and maintenance system of a mobile communications network via such an LMT, an operator identification and an authorization check are frequently only carried out within this LMT. This has the result that an operator, who knows a local password for the LMT, can manipulate the entire mobile communications network.
From the international patent publication WO 96/30823, a radio communications system and a number of computer systems, in each case operating independently, are known which are connected to one another in a computer network. The autonomous computer system is connected to a central radio database via this computer network. Each computer system is exclusively responsible for operating a part of the radio communication system and stores configuration data in a local computer database as a map of the central radio database. During this process, the data must be continuously synchronized between the central computer database and the radio database. The European patent document EP 0 442 839 also discloses a number of independently operating computer systems which are connected to one another in a computer network. This document, therefore, does not deal with a communications network or an operation and maintenance system but with a computer network including a control of access to resources of this network. Whenever an access occurs, a resource manager requests the data required for authentication from a local reference monitor service. After having received this data, the resource manager checks whether corresponding rights of access to the resource exist. In the report xe2x80x9cSign and be safexe2x80x9d by Johnson J. T., Data Communications 24 (1995), January, No. 1, New York, pages 122 and 124, a network security program is disclosed which increases the security in computer networks and data processing systems by combining password and user authentication.
It is accordingly an object of the invention to provide an operation and maintenance system which overcomes the above-mentioned disadvantages of the heretofore-known systems of this general type and which allows a better control of operator accesses via peripherally connected maintenance devices.
With the foregoing and other objects in view there is provided, in accordance with the invention, an operation and maintenance system for a mobile communications network, including an operation and maintenance center having a maintenance device and a controller; a local maintenance terminal operatively connected to the operation and maintenance center; a base station subsystem connected to the local maintenance terminal and having network devices; the maintenance device being configured for centrally executing a network configuration, the local maintenance terminal being configured for peripherally executing a network configuration; the operation and maintenance center storing an LMT access table for an operator authorized to access the operation and maintenance system with the aid of the local maintenance terminal, the LMT access table including an operator record having a name entry, an operator password to be used by the operator for accessing the operation and maintenance center via the local maintenance terminal, and information on an extent of an access authorization of the operator; and the controller administering the LMT access table and initiating a nonvolatile storing of at least a part of the LMT access table in the network devices of the base station subsystem, the part of the LMT access table being required for accessing, with the aid of the local maintenance terminal, via the network devices.
In other words, an operation and maintenance system according to the invention contains an LMT access table which is stored in the operation and maintenance center and which contains for each operator authorized for access to the operation and maintenance system with the aid of an LMT maintenance device an operator record with a name entry, a specific operator password to be used by him for access via an LMT maintenance device, and information on the extent of the operator""s access authorization. In addition, such an operation and maintenance system contains, in the operation and maintenance center, a controller for administering the LMT access table and for initiating a nonvolatile storing of in each case at least that part of the LMT access table in network devices of the base station subsystem which is required for an access with the aid of an LMT maintenance device via these network devices.
Such an operation and maintenance system ensures that the data relevant to LMT accesses are administered centrally in the operation and maintenance center for the entire mobile communications network. Nevertheless, in the case of an access via an LMT maintenance device, security-relevant data can be rapidly checked locally, namely in the network device via which an access is to be made, or in the base station controller responsible for this network device, since each network device contains for each authorized operator an operator record with a name entry, wherein the operator record allows a password control of the operator and contains information on the extent of the access authorization of this operator.
An advantageous embodiment of an operation and maintenance system according to the invention provides that the LMT access table administered and stored in the operation and maintenance center contains a number of table parts, namely a BSC table part with operator records for LMT accesses via base station controllers, a BTSE table part with operator records for LMT accesses via base stations and a TRAU table part with operator records for LMT accesses via transcoder and rate adapter units. Accordingly, the corresponding table parts contain for each operator an operator record depending on his access authorizations. In consequence, an operator who is authorized to access the mobile communications network both via base stations and via base station controllers and via transcoder and rate adapter units with the aid of an LMT maintenance device has a BSC table part record, a BTSE table part record and a TRAU table part record.
A division in the LMT access table in the operation and maintenance center makes it simpler to transfer to individual network devices in each case only the operator records needed for accesses via this network device and to store these records in these network devices. As a result, it is made possible, in an embodiment of the invention, for the controller of the operation and maintenance center to initiate the nonvolatile storing of the BSC table part of the LMT access table in base station controllers of the base station subsystem and also the nonvolatile storing of the BTSE part of the LMT access table in base stations and the nonvolatile storing of the TRAU table part of the LMT access table in transcoder and rate adapter units.
In accordance with another feature of the invention, the controller in the operation and maintenance center also initiates the nonvolatile storing of the BTSE table part and of the TRAU table part of the LMT access table in base station controllers of the base station subsystem.
If needed, storing of the TRAU table part and of the BTSE table part in a base station controller allows a local updating of the LMT access table part entry in a transcoder and data device or a base station, respectively, independently of the current availability of the operation and maintenance center. In addition, it is sufficient, according to a modification of the invention, if the controller of the operation and maintenance center initiates the nonvolatile storing of all table parts of the LMT access table in the base station controllers if the base station controllers then additionally initiate the storing of the specific table parts in the network devices connected to it.
An advantageous embodiment of an operation and maintenance system according to the invention provides for the operator password in each case being stored in encrypted form in the LMT access table. This makes it more difficult for an unauthorized person to spy out an operator password.
In accordance with a further modification of this aspect of an operation and maintenance system according to the invention, a network device, via which an access is possible with the aid of an LMT maintenance device, contains a controller for encrypting an operator password entered in unencrypted form by an operator, and for comparing the result of the encryption with the operator password stored in encrypted form in the LMT access table. This prevents an unencrypted operator password from having to be stored in the mobile communications network. In consequence, it could only be spied out directly while the operator password is being entered unencrypted in plain text.
In accordance with an added feature of an operation and maintenance system according to the invention a network device, via which an operator effects access in a configuring manner by entering his or her operator password, with the aid of an LMT maintenance device operated in a base station controller remote control mode, contains a controller in order to encrypt the operator password received unencrypted in plain text from the LMT maintenance device and to transfer it in encrypted form to the base station controller. This measure additionally makes it more difficult to spy out an operator password in this special application.
In accordance with an advantageous embodiment of an operation and maintenance system according to the invention, the controller in the operation and maintenance center is provided for generating encrypted operator passwords to be stored in the LMT access table by forming the hash function from a secret information item, from the operator password entered in plain text and from an identity information item containing the name of the operator.
Forming the hash function from a secret information item, which is for example unambiguous for a network element type, from an identity information item containing the name of the operator and from the operator password entered in plain text leads to an encrypted operator password, such that any applied analysis methods do not lead to the operator password to be entered in plain text. For example, the length can be 64 bits for the secret information item, up to 128 bits for the operator password and also up to 128 bits for the identity information item. When these data are used for calculating the hash function MD5 (T.I.S) and from this, the first 64 bits of the encrypted result are used as operator password for the LMT access table, then a reverse analysis is not possible.
If the secret information item used for forming the hash function is in each case network device type-specific, the same operator password also provides different, encrypted operator passwords to be stored for different table parts of the LMT access table.
If the operator password to be stored is encrypted in the manner explained above, it is recommended in accordance with an embodiment of the invention to configure the controllers of network devices such that the network device controllers encrypt an operator password entered in plain text by forming the hash function from a secret information item specific to the network device type, from the operator password entered in plain text and from an identity information item containing the name of the operator.
In order to be able to put a network device into operation when as yet no LMT access table or a part thereof has been stored in the network device, a storage device containing an installation password and containing information on the extent of the access authorization, which allows an operator to input a few configuration commands required for putting the network device into operation must be provided in each network device.
In this case, an operator does not log in with an identity specific to him or her and with his or her password when putting the network device into operation, but with the installation password and receives the access authorizations required for putting it into operation from the access control mechanism.
In accordance with another embodiment of the operation and maintenance system according to the invention, a controller is provided in the operation and maintenance center for administering a table of all base station controllers in which, since an initiation, caused by an update, of the nonvolatile storing of at least part of the LMT access table, a corresponding storage process has not been performed due to a disturbance or error, and for initiating this storing process if a cessation or disappearance of the disturbance has been recognized.
With each change of security-related data for LMT accesses such as, for example, changes by the security operator in the operation and maintenance center or password changes by the LMT operator himself, the LMT access tables affected by this change must be updated in all network device entities. This feature ensures that the LMT access tables of all base station controllers are updated. In addition, a table of all other network devices in which the LMT access table has not yet been updated could also be stored and administered in the operation and maintenance center. However, a particularly advantageous embodiment of the concept of the invention mentioned above provides in base station controllers in each case a controller for the respective administration of a table of all base stations and transcoder and rate adapter units allocated to it in which, since an initiation, necessary due to an update, of the nonvolatile storing of at least part of the LMT access table, a corresponding storage process has not been performed due to a disturbance, and for initiating this storage process if the disappearance of the disturbance has been recognized.
As a result, the availability of a connection to a network device, i.e. a base station or transcoder and rate adapter unit, or, respectively, the availability of the network device in the network only needs to be checked peripherally by the associated base station controller. In addition, it is sufficient if a communication connection is provided between base station controller and network device. It is not necessary to simultaneously provide a communication connection to the operation and maintenance center in this case.
Another advantageous embodiment of an operation and maintenance system according to the invention provides that at least the part of an LMT access table stored in a base station controller contains a special security operator record containing a specific security password, to be used by a security operator for access via an LMT maintenance device, and information on the extent of an access authorization in order to enable operator records of the LMT access table within a base station subsystem to be accessed even in the case of a network operation without an operation and maintenance center.
An operator password providing for an LMT access must always be unambiguous throughout the network. For this reason, a network device, via which an operator has changed his operator password with the aid of an LMT maintenance device, contains a controller for preventing access when using the changed operator password until the nonvolatile storing of the changed operator password in the LMT access table of the network device has taken place on initiation by the operation and maintenance center.
A particularly advantageous embodiment of an operation and maintenance system according to the invention provides for the information on the extent of the access authorization of each operator to be stored in the form of an authorization profile reference containing authorizations, defined individually by a security operator, of types of access to individual classes of managed objects.
In this configuration, the access authorizations can specify, for example, management areas such as configuration management or error management. In addition, the type of access, for example passive or active access, can be specifically defined. Such an authorization profile reference can be generated for example separately for each type of network device, with the aid of automatic tables containing a column for all classes of managed objects for which the current network device is administering a master database, i.e. for base station controllers, all classes of function-related managed objects within the base station subsystem and of hardware-related managed objects specific to the base station controller, for base stations, all classes of hardware-related managed objects specific to base stations, and for transcoder and rate adapter units, all cases of hardware-related managed objects relating to these units. In a command column of the automatic table of the authorized profile reference, all commands are listed which relate to the current class of managed objects. These two columns are generated automatically so that they are complete in each case. A further column which specifies the validity of the individual commands is empty in the normal state. In this column, the individual commands of the individual classes of managed objects can be in each case identified as authorized for access by a security operator as necessary.
An advantageous embodiment of an LMT access table of an operation and maintenance system according to the invention provides in each case a validity date or expiry date entry in each operator record fur operators, authorized for access to the operation and maintenance system with the aid of an LMT maintenance device, of the LMT access table stored in the operation and maintenance center.
This ensures that an access authorization expires mandatorily if this date entry has not been renewed by a security operator in the meantime.
An embodiment of the operation and maintenance system according to the invention provides in the operator record of operators, authorized for access to the operation and maintenance system with the aid of an LMT maintenance device, of the LMT access table stored in the operation and maintenance center, in each case an information item on whether the operator is allowed to change his or her operator password with the aid of an LMT maintenance device connected to a network device of a base station subsystem of the mobile communications network.
Such an entry is appropriate, for example, if it is intended to use one password for a number of operators. In this case, it should not be possible for an individual operator to change the password. A change should then only be performed by the security operator in the operation and maintenance center.
An embodiment of an operation and maintenance system according to the invention provides in the operator record of the operators, authorized for access to the operation and maintenance system with the aid of an LMT maintenance device, of the LMT access table stored in the operation and maintenance center, in each case an information item on the types of network devices for which the operator has access authorization.
A special modification of this aspect of the invention also provides for the operator record of operators authorized for access to the operation and maintenance system with the aid of an LMT maintenance device to contain in each case an information item on the physical devices of the types of network devices for which the operator in each case has access authorization.
This makes it possible to grant certain operators access to quite specific network devices but to prevent access to other network devices of the same type.
Other features which are considered as characteristic for the invention are set forth in the appended claims.
Although the invention is illustrated and described herein as embodied in an operation and maintenance system for a mobile communications network, it is nevertheless not intended to be limited to the details shown, since various modifications and structural changes may be made therein without departing from the spirit of the invention and within the scope and range of equivalents of the claims.
The construction and method of operation of the invention, however, together with additional objects and advantages thereof will be best understood from the following description of specific embodiments when read in connection with the accompanying drawings.