Wimax standards and Security The Wimax


Extensible Authentication



Download 2,02 Mb.
bet159/186
Sana29.05.2022
Hajmi2,02 Mb.
#619147
1   ...   155   156   157   158   159   160   161   162   ...   186
Bog'liq
CRC - WiMAX.Standards.and.Security

Extensible Authentication Protocol

The IEEE 802.16e standard introduced an alternative to the authentica- tion scheme based on X.509 certificates. This new scheme is considered to be more flexible and is based on the extensible authentication protocol (EAP) [7].
To obtain authentication during link establishment, EAP messages are encoded directly into management frames. Two additional PKM mes- sages, PKM EAP request and PKM EAP response, were added to transport EAP data.
Currently, EAP methods to support the security needs of wireless networks is an active area of research and, therefore, the IEEE 802.16e standard does not specify a particular EAP-based authentication method to be used.



      1. Privacy and Key Management

Subscriber stations use the PKM protocol to obtain authorization and traf- fic keying material from the base station. The PKM protocol can be broken

into two parts. The first handles subscriber station authorization and AK exchange. The second handles TEK exchange [5].



        1. Authorization and AK Exchange

PKM authorization is used to exchange an AK from the base station to the sub- scriber station. Once the subscriber station receives an initial authorization, it will periodically seek reauthorization. The AK exchange is accomplished using three messages, illustrated in Figure 11.6 [5,7].
The subscriber station initiates the exchange by sending a message contain- ing the subscriber station manufacturer’s X.509 certificate to the base station. The message is strictly informative and can be ignored by the base station. However, base stations can be configured to only allow access to devices from trusted manufacturers.
The second message is sent from the subscriber station to the base station immediately after the first message. This message is a request for an AK and a list of SAIDs that identify SAs the subscriber station is authorized to par- ticipate in. There are three parts to the message: a manufacturer-issued X.509 certificate, cryptographic algorithms supported by the subscriber station, and the SAID of its primary SA.
The base station uses the subscriber station’s certification to determine if it is authorized. If it is, the base station will respond with the third message. The base station uses the subscriber station’s public key, obtained from its certification, to encrypt the AK using RSA. The encrypted AK is then included in the message along with the SeqNo, which distinguishes between successive AKs, the key lifetime, and a list of SAIDs of the static SAs the subscriber station is authorized to participate in.

Subscriber station Base station






Download 2,02 Mb.

Do'stlaringiz bilan baham:
1   ...   155   156   157   158   159   160   161   162   ...   186



Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling
kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha

yuklab olish