RRLP
Encyclopedia
Radio resource location services (LCS) protocol (RRLP) applies to GSM and UMTS Cellular Networks. It is used to exchange messages between a handset and an SMLC
in order to provide geolocation information; e.g., in the case of emergency calls. The protocol was developed in order to fulfil the Wireless Enhanced 911 requirements in the United States. However, since the protocol does not use require any authentication, and it can be used outside a voice call or SMS transfer, its use is not restricted to emergency calls and can be used by law enforcement to pinpoint the exact geolocation of the targets mobile phone. RRLP was first specified in 3GPP
TS 04.31 - Location Services (LCS); Mobile Station (MS) - Serving Mobile Location Centre (SMLC); Radio Resource LCS Protocol (RRLP).
Harald Welte
proved at HAR2009
that many high-end smart-phones submit their GPS location to the mobile operator when requested. This happened without any sort of authentication.
E-OTD: The Enhanced Observed Time Difference
(E-OTD) is based on measurements inside the mobile phone, where the phone measures the observed time difference of arrival of bursts sent by nearby pairs of base transceiver station
s.
GPS: This method uses the GPS (Global Positioning System) for achieving geolocation. To support this, the phone needs to have a built-in GPS receiver.
MS assisted: The MS (mobile phone) performs E-OTD or GPS measurements, and passes the raw measurement data to the network. The computation of the geolocation is then performed inside the carrier network, not on the phone itself.
MS based: The MS (mobile phone) performs E-OTD or GPS measurements, and successively performs the complete computation of the geolocation inside the phone. The result of this computation is then sent back to the carrier network.
In this mode, the network typically needs to send so-called assistance data to the phone.
SMLC
Serving Mobile Location CenterThe SMLC is a network element in GSM Networks that resides in the BSC which calculates network-based location of mobile stations . The SMLC may control several LMUs which measure radio signals to help find mobile stations in the area served by the SMLC...
in order to provide geolocation information; e.g., in the case of emergency calls. The protocol was developed in order to fulfil the Wireless Enhanced 911 requirements in the United States. However, since the protocol does not use require any authentication, and it can be used outside a voice call or SMS transfer, its use is not restricted to emergency calls and can be used by law enforcement to pinpoint the exact geolocation of the targets mobile phone. RRLP was first specified in 3GPP
3GPP
The 3rd Generation Partnership Project is a collaboration between groups of telecommunications associations, known as the Organizational Partners...
TS 04.31 - Location Services (LCS); Mobile Station (MS) - Serving Mobile Location Centre (SMLC); Radio Resource LCS Protocol (RRLP).
Harald Welte
Harald Welte
Harald Welte is a programmer resident in Berlin, Germany. Within the free software community, Welte is well known as a hacker of the Linux kernel and for his activities in enforcing the GNU General Public License , the license that governs the use of much of free software.Welte is also involved in...
proved at HAR2009
Hacking at Random
Hacking at Random was an outdoor hacker conference that took place in The Netherlands from August 13 to August 16, 2009.It was situated on a large camp-site near the small town Vierhouten in The Netherlands called the Paasheuvel...
that many high-end smart-phones submit their GPS location to the mobile operator when requested. This happened without any sort of authentication.
Positioning methods
RRLP supports two positioning methods:E-OTD: The Enhanced Observed Time Difference
E-OTD
E-OTD is the acronym for the Enhanced Observed Time Difference.Enhanced Observed Time Difference is a standard for the location of mobile telephones. The location method works by multilateration. The standardisation was first carried out for GSM by the GSM standard committees in LCS Release 98...
(E-OTD) is based on measurements inside the mobile phone, where the phone measures the observed time difference of arrival of bursts sent by nearby pairs of base transceiver station
Base Transceiver Station
A base transceiver station or cell site is a piece of equipment that facilitates wireless communication between user equipment and a network. UEs are devices like mobile phones , WLL phones, computers with wireless internet connectivity, WiFi and WiMAX gadgets etc...
s.
GPS: This method uses the GPS (Global Positioning System) for achieving geolocation. To support this, the phone needs to have a built-in GPS receiver.
Method type
The method type indicates whether MS based or assisted location is to be performed.MS assisted: The MS (mobile phone) performs E-OTD or GPS measurements, and passes the raw measurement data to the network. The computation of the geolocation is then performed inside the carrier network, not on the phone itself.
MS based: The MS (mobile phone) performs E-OTD or GPS measurements, and successively performs the complete computation of the geolocation inside the phone. The result of this computation is then sent back to the carrier network.
In this mode, the network typically needs to send so-called assistance data to the phone.