Potential femtocell users have been saying they don’t want open access to their femtocells. The main concern is around paying extra for broadband internet usage which might arise from unknown visitors making extensive use of your equipment. Other issues include reduced performance of your broadband in the home, which would be shared with these visitors and affect any other computers, laptops and other connected devices. Some users may also have security concerns, although with all femtocell traffic being securely tunnelled back to the network operator this is an unlikely eventuallity.
This requires a whitelist to be maintained for each femtocell (not individual users) must be easily updated to add/remove/change phone numbers on demand.
It's never just straightforward
There are a number of related technical aspects which aren’t immediate obvious:
- Mobile phone networks internally work using IMSI (International Mobile Subscriber Identity – the unique identity of the SIM card) rather than the phone number (MS-ISDN). This means that the system must translate any phone number entered into an IMSI which is used by the femtocell to grant/deny access. The HLR (Home Location Register) has the database that maps these two number systems together. Some of the back-office (customer care) systems also have this data and can be used for this lookup - not in "real-time" as mobile devices try to access the femtocell, but when the configuration is updated.
- Mobile number portability means that it is no longer possible to determine if any mobile number belongs to a specific mobile operator by inspection. It’s necessary to lookup the number on a live database to check this.
- People change their phones, their networks and their phone numbers from time to time. They also lose their phones which can be replaced with a new SIM card retaining the same number. These changes must be propagated to the femtocell to ensure continued access.
So the operator has to make a choice
There seem to be several choices for network operators to address this:
- Offer an open-access policy by not charging any internet usage fees for data sent through the femtocell. This is an option for fixed/mobile operators offering a combined package. It’s the easiest to manage, has the additional benefit of superior coverage/capacity for all subscribers, with the slight downside of some small internet broadband performance because of the shared access.
- Offer a self-service mechanism, such as a web portal, where users can maintain their whitelist of permitted users. This list is then scrubbed (of non-network numbers), translated into IMSIs, downloaded into the femtocell and refreshed/revalidated periodically.
- Find some easy way to limit access to friends of the femtocell owner.
How does this compare to granting WiFi access
If you have visited a friend, another business or some public areas offering WiFi access, most are secured and require a password. Rather than managing a white-list, the owners provide a password for visitors to gain access. Many low cost WiFi routers these days support multiple wireless network identities, so you can have separate networks for business/home/visitors with different WiFi network names and passwords. This makes it easy to block all previous visitors without affecting existing home computers by changing one password.
Another WiFi feature, called WPS (WiFi Protected Setup), allows you to push a button on your WiFi router which immediately grants access to any nearby WIFi devices searching for access for a few seconds. WPS has other simple pairing mechanisms including entering a PIN code.
All the same, it still seems awkward - I just want it to work seamlessly.
Life is complicated enough with having extra systems to manage - Is there an easier way?
One way might be for femtocells to replicate the WiFi password scheme, where the femtocell (or network operator’s system) somehow prompts the potential new user. This is fraught with technical difficulties because it isn’t the way the mobile phone standards were originally conceived – either you get access or the system/cellsite rejects access with a failure code before your device even opens a signalling channel to talk to the network.
Can I use/share another list?
Most people already have a list of phone numbers of their friends who have mobile phones themselves and who might be likely to want/need to use their femtocell. It’s their contact list/directory, held in the phone itself. Many smartphones have the ability to synchronise this with a central server. For example, the iPhone can synchronise contacts, calendars through Apple’s MobileMe service. Many mobile network operators offer services to backup and restore contact lists from various devices. Other social networking sites (such as Facebook) may know your friends but not necessarily their phone numbers – this gives mobile network operators a potential advantage.
There's an App for that (but it doesn't have to be iPhone specific)
One solution could be for the network operator to combine the phone numbers in your family member’s contact lists and use this as the whitelist on your femtocell. Surely you would be happy for anyone in your contact list to be allowed to use your femtocell? And most people know how to add a friend to their mobile phone contact list.
If this was done automatically, there wouldn’t be a security or privacy issue – you don’t have to have sight of all the phone numbers on your family’s phones if you don’t need it. It would also be easy to add someone else to your whitelist – just add them to the contact list on your phone (or delete them if you don't like them any more). With iPhone applications like “Bump” this is becoming even easier.
The size of the whitelist inside the femtocell might then become much larger than the 30 to 50 range supported today - perhaps to a few hundred or as much as 1000 (remember that anyone on a different network operator would be filtered out). Of these, perhaps 90% or more will never visit your home or be interested in using your femtocell - but it would be seamless if they did.
As an added bonus, those from abroad with foreign phone numbers could easily be processed in the same way and added to the whitelist, encouraging extra roaming revenues from them when visiting. They'll also benefit from the excellent voice quality and high speed data connection.
Meanwhile nobody will need to bother you by asking for that illusive password.
I haven’t fully thought this through for enterprise femtocell access yet, but I take the view that the more people allowed access the better – the risk of an individual gaining a few bytes of femtocell access is such a small cost that this really shouldn’t be a problem.
Why did I title this article "Make it so"?
Nothing to do with femtocells, I'm afraid. I was harking back to the early days of Star Trek where Captain Kirk would discuss his navigation plans with his crew, make a decision and then issue the command "Make It So". With those three words, he delegated all the complex back-office implications of what he wanted to his crew and their computer systems, leaving him to get on with the more important things in life. He didn't need to get involved in the details.
In a similar way, end users want to retain control of who can access their femtocell but leave the details to their trusty network operator who can do the complicated stuff behind the scenes.