Wimax standards and Security The Wimax



Download 2,02 Mb.
bet166/186
Sana29.05.2022
Hajmi2,02 Mb.
#619147
1   ...   162   163   164   165   166   167   168   169   ...   186
Bog'liq
CRC - WiMAX.Standards.and.Security

Nirwan Ansari, Chao Zhang, Yuanqiu Luo, and Edwin Hou
CONTENTS

    1. WiMAX Overview 229

    2. WiMAX Security Challenges 232

      1. Physical Layer Threats 232

      2. MAC Layer Threats 233

    3. Privacy Key Management Protocol Version 1 234

      1. Security Procedure 234

      2. Authentication 236

      3. Key Exchange 237

      4. Data Encryption 239

      5. Challenges 240

    4. Privacy Key Management Protocol Version 2 240

      1. Mutual Authentication 240

      2. Authorization Key Derivation 242

    5. Advanced Security Issues in WiMAX 244

    6. Conclusions 244

Glossary 245
Appendix I: X.509 Certificate 246
Appendix II: EAP 247
Appendix III: RSA 247
Appendix IV: Dot16KDF for PKMv2 248
References 249





12.1 WiMAX Overview
WiMAX stands for worldwide interoperability for microwave access. It was proposed to facilitate high-speed data distribution through wireless metropolitan area networks (WMANs). With the advantages of rapid deploy- ment, high scalability, and low upgrade cost, WiMAX attempts to tackle the last mile bottleneck problem of current telecommunications networks.


229

The IEEE 802.16 working group on broadband wireless access (BWA) standards develops standards and recommends practices to support the development and deployment of the WiMAX technology.


The first WiMAX standard, i.e., IEEE 802.16-2001 [1], was published in 2002. It defines a point-to-multipoint (PMP) fixed wireless access system between a base station (BS) and its associated subscriber stations (SSs). IEEE 802.16-2001 operates in the 10–66 GHz frequency range, which is the so-called line-of-sight (LOS) communications. The IEEE 802.16-2004 standard [2] was published in 2004 to extend the WiMAX specification into the 2–11 GHz frequency range, the so-called nonline-of-sight (NLOS) operation. IEEE 802.16-2004 also describes the WiMAX system profiles and conformance criteria to adapt to the dynamic wireless environment. By introducing the mesh mode, IEEE 802.16-2004 is capable of forwarding traffic from a node to its neighboring nodes. The latest WiMAX standard, IEEE 802.16e-2005 [3], was approved in December 2005. By employing scalable orthogonal frequency division mul- tiplexing (SOFDM), IEEE 802.16e-2005 provides full mobility support for both licensed and unlicensed spectra. The aforementioned WiMAX standards herald a promising new tool for broadband access in the effort to bridge the bandwidth mismatch and to support user mobility.
As illustrated in Figure 12.1, WiMAX standards define the protocol struc-
ture at both the medium access control (MAC) layer and the physical (PHY) layer. The WiMAX PHY layer supports flexible operation across a wide range of spectrum allocations (from 2 to 66 GHz), including variations in channel bandwidth, frequency division duplex, and time division duplex. The WiMAX MAC layer is defined to provide a common feature set across diverse PHY performance. The major MAC functionalities cover initial rang- ing, network entry, bandwidth requests, connection-oriented management, as well as information security through the dynamic WiMAX environment.
Communications in WiMAX are connection-oriented. All services from the upper protocol layer above WiMAX MAC, including the connectionless ser- vices, are mapped into connections between the SS and the BS in the WiMAX MAC layer. One SS may have multiple connections to its associated BS with the purpose to provide diverse services to the subscribers. Connections are identified by 16-bit connection identifiers (CIDs). Such a connection-based mechanism facilitates bandwidth arbitration and QoS support in the dynamic wireless environment. The WiMAX MAC layer is thus defined to support the connection-oriented service in an organic manner.
Among the three sublayers in WiMAX MAC, the service-specific conver- gence sublayer (CS) connects the MAC layer with the upper layer. After classifying service data units (SDUs) from upper layer protocols, the CS sub- layer associates the SDUs to the proper MAC service flow identifier (SFID) and CID. For different upper layer protocols, such as ATM, Ethernet, and IP, the CS sublayer defines different specifications accordingly. Therefore, the MAC common part sublayer (CPS) does not need to understand the format of or parse any information from the CS payload. The CPS sublayer of the

MAC



PHY
FIGURE 12.1
WiMAX standard protocol structure. (Adapted from IEEE Std. 8802.16e-2005, “IEEE Standard for Local and Metropolitan Area Networks—Part 16: Air Interface for Fixed and Mobile Broadband Wireless Access Systems,’’ IEEE, 2006.)
WiMAX MAC is responsible for providing the functionalities, including sys- tem access, bandwidth allocation, and WiMAX connection establishment and maintenance. It exchanges MAC SDUs (MSDUs) with various CSs.
The security sublayer plays a key role in authentication, key establish- ment, as well as information encryption. It exchanges MAC protocol data units (MPDUs) directly with PHY. Toward the end of handling the dynamic wireless environment, WiMAX specifies a set of privacy and key manage- ment mechanisms. The two components in the security sublayer are the encapsulation protocol and privacy key management (PKM) protocols. The encapsulation protocol encrypts WiMAX data across BWA, while the PKM protocols ensure the secure distribution of keying material and authorized access to the connections between the SS and the BS. As a safeguard to high- speed broadband access with flexible mobility, the WiMAX security sublayer provides the SS with privacy and protects the BS from malicious attacks.
This chapter presents an overview of the WiMAX security mechanism, particularly, the management schemes for subscriber privacy and server secu- rity. Section 12.2 describes the challenges to WiMAX security. Section 12.3 presents PKM version 1 (PKMv1), the fundamental security mechanism for

WiMAX communications. Section 12.4 elaborates PKM version 2 (PKMv2), an enhanced security mechanism with a major improvement for mutual authen- tication. Section 12.5 concludes this chapter with a discussion on the open issues in WiMAX security.









    1. Download 2,02 Mb.

      Do'stlaringiz bilan baham:
1   ...   162   163   164   165   166   167   168   169   ...   186




Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling

kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha


yuklab olish