Upload
zareen-aabedin
View
234
Download
2
Tags:
Embed Size (px)
DESCRIPTION
Â
Citation preview
Introduction of Wi MAX
Chapter 1
1.1 Introduction
The explosive growth of the Internet over the last decade has lead to an increasing demand for high-speed,
ubiquitous Internet access. Broadband Wireless Access (BWA) is increasingly gaining popularity as an
alternative "last-mile” technology to DSL lines and cable modems. Following the hugely successful global
deployment of the 802.11wireless Local Area Network (LAN) standard, deployment of the IEEE 802.16d
wireless Metropolitan Area Network (MAN) standard is currently in progress. This technology aims to
provide fixed broadband wireless access to residential and small business applications, as well as enable
Internet access in countries without any existing wired infrastructure in place. Standardization efforts are
also underway for the 802.16e version that attempts to provide mobility to the end user in a MAN
environment. The WiMAX Four (Worldwide Interoperability for Microwave Access) is an industry-led,
non-profit corporation formed to promote and certify compatibility and interoperability of broadband
wireless products. The organization is a non-profit association formed in 2003 by equipment and component
Suppliers to promote the adoption of IEEE 802.16 compliant equipment by operators of broadband wireless
access systems[1].
1.2 Definition
WiMAX (Worldwide Interoperability for Microwave Access) is a wireless digital communications system.
It is also known as IEEE 802.16 which is intended for “Wireless Metropolitan Area Networks" by the
WiMAX Forum, formed in June 2001. WiMAX can provide Broadband Wireless Access (BWA) up to 30
miles (50 km) for fixed stations, and 3 - 10 miles (5 - 15 km) for mobile stations. In contrast, the
Wi-Fi/802.11 wireless local area network standard is limited in most cases to only 100 - 300 feet (30 -
100m). WiMAX is a second-generation protocol that allows for more efficient bandwidth use, interference
avoidance, and is intended to allow higher data rates over longer distances. The IEEE 802.16 standard
defines the technical features of the communications protocol. The WiMAX Forum offers a means of testing
manufacturer's equipment for compatibility, as well as an industry group dedicated to fostering the
development and commercialization of the technology. WiMAX.com provides a focal point for consumers,
service providers, manufacturers, analysts, and researchers who are interested in WiMAX technology,
services, and products[2]. Soon, WiMAX will be a very well recognized term to describe wireless Internet
access throughout the world.
1.3 Type of WiMAX
Basically there are two types of WiMAX technology. These are:
-Fixed WiMAX
-Mobile WiMAX
1.3.1 Fixed WiMAX
Fixed WiMAX defines as 802.16d.WiMAX provides fixed service from a base station to a subscriber
station, also known as Customer Premise Equipment (CPE). Some goals for WiMAX include a radius of
service coverage of 18 miles from a WiMAX base station for point-to-multipoint, non-line-of-sight service.
This service should deliver approximately 40 megabits per second (Mbps) for fixed access applications[3].
For better understanding the type, we can have a look at the Figure 1.1, which clearly shows the snapshot of
fixed wireless technology.
Figure: 1.1 Fixed WiMAX Access Network
1.3.2 Mobile WiMAX
Mobile WiMAX or 802.16e standard was ratified by the IEEE in late 2005 as a potential to emerge as a real
viable competitor to existing 3G technologies. This standard however, was based on a different formulation
of OFDM than that chosen for the first product profile of 802.16-2004. The 802.16-2004 standards support
both formulations-however, the OFDM 256FFT system was chosen for 802.16-2004.WiBro/Mobile
WiMAX uses an OFDMA™ technology called 1K-FFT[4]. Service for the WiBro/Mobile WiMAX
standard is in the 2.3 GHz spectrum range at least in Korea WiBro/Mobile. The next version of WiMAX
802.11m will incorporate even more mobile capabilities, bandwidth capacity and technology changes to
improve mobile capability.
Figure: 1.2 Mobile WiMAX Technologies
1.4 WiMAX Standards
IEEE 802.16: Broadband Wireless MAN Standard (WiMAX). The IEEE 802.16 defines the wireless
Metropolitan Area Network (MAN) technology which is branded as WiMAX. The 802.16 includes two sets
of standards, 802.16-2004 (802.16d) for fixed WiMAX and 802.16-2005(802.16e) for mobile WiMAX. The
WiMAX wireless broadband access standard provides the missing link for the "last mile" connection in
metropolitan area networks where DSL, Cable and other broadband access methods are not available or too
expensive. WiMAX also offers an alternative to satellite Internet services for rural areas and allows mobility
of the customer equipment.
IEEE 802.16 standards are concerned with the air interface between a subscriber's transceiver station
and a base transceiver station. The fixed WiMAX standard which provides fixed, point-to-multi point
broadband wireless access service and its product profile utilizes the OFDM 256-FFT (Fast Fourier
Transform) system profile. The fixed WiMAX 802.16-2004 standard supports both Time Division Duplex
(TDD) and Frequency Division Duplex (FDD) services - the latter of which delivers full duplex
transmission on the same signal if desired. IEEE 802.16e, based on the early WiMAX standard 802.16a,
adds mobility features to WiMAX in the 2 to 11 GHz licensed bands. 802.16e allows for fixed wireless and
mobile Non Line of Sight (NLOS) applications primarily by enhancing the OFDMA (Orthogonal Frequency
Division Multiple Access)[5].
IEEE 802.16 and WiMAX are designed as a complimentary technology to Wi-Fi and Bluetooth. The
following table provides a quick comparison of 802.16 with to 802.11(WLAN) and 802.15.1 (Bluetooth):
Table: 1.1 WiMAX Standards
Parameters
IEEE802.16d
(802.16-2004
Fixed WiMAX)
IEEE802.16e
(802.16-2005
Mobile WiMAX)
802.11
(WLAN)
802.15.1
(Bluetooth)
Frequency
Band: 2-66GHz
2 - 11GHz
2.4 –
5.8GHz 2.4GHz
Range ~31 miles ~31 miles ~100 meters ~10meters
Maximum Data
rate: ~134 Mbps
~15 Mbps ~55 Mbps
~3Mbps
Number of
users: Thousands
Thousands Dozens
Dozens
1.5 Data Transmission Rates
WiMAX supports very robust data throughput. The technology at theoretical maximums could support
approximately 75 Mbps per channel (in a 20 MHz channel using 64QAM ¾ code rate). Real world
performance will be considerably lower perhaps maxing out around 45 Mbps/channel in some fixed
broadband applications. WiMAX is often cited to possess a spectral efficiency of 5 bps/Hz, which is very
good in comparison to other broadband wireless technologies, especially 3G. In practical terms, Sprint has
stated that it intends to deliver service at 2 Mbps to 4 Mbps to its customers with Mobile WiMAX.The
higher the frequency, the greater the bandwidth delivery potential and the shorter range potential. Lower
frequencies enjoy much greater range capability, but trade that off with much lower bandwidth potential
also, clear wire has stated that it believes it can deliver upwards of 10-15 Mbps once it has access to the full
Sprint panoply of spectrum in addition to its own and once it has shifted to mobile WiMAX[6].
Chapter 2
WiMAX Architecture
2.1 WiMAX Architecture
The following section will provide a simple overview of wireless concepts and nomenclature to help the
reader understand how WiMAX works and will assist the reader in communicating with the WiMAX
industry.
There are two scenarios for a wireless deployment:
A) Point-to-point
B) Point-to-Multipoint
2.1.1 Point-to-point
Point to point is used where there are two points of interest: one sender and one receiver. This is also a
scenario for backhaul or the transport from the data source (data center, co-lo facility, fiber POP, Central
Office, etc) to the subscriber or for a point for distribution using point to multipoint architecture. Backhaul
radios comprise an industry of their own within the wireless industry. As the architecture calls for a highly
focused beam between two points range and throughput of point-to point radios will be higher than that of
point-to-multipoint products[7].
Figure 2.1: Point-to point and point-to-multipoint configurations2.1.2 Point-to-Multipoint
As seen in the figure above, point-to-multipoint is synonymous with distribution. One base station can
service hundreds of dissimilar subscribers in terms of bandwidth and services offered.
2.2 Line of sight or Non-line of sight
Earlier wireless technologies (LMDS, MMDS for example) were unsuccessful in the mass market as they
could not deliver services in non-line-of-sight scenarios. This limited the number of subscribers they could
reach and, given the high cost of base stations and CPE, those business plans failed. WiMAX functions best
in line of sight situations and, unlike those earlier technologies, offers acceptable range and throughput to
subscribers who are not line of sight to the base station. Buildings between the base station and the
subscriber diminish the range and throughput, but in an urban environment, the signal will still be strong
enough to deliver adequate service[8]. Given WiMAX ability to deliver services non-line-of-sight, the
WiMAX service provider can reach many customers in high-rise office buildings to achieve a low cost per
subscriber because so many subscribers can be reached from one base station.
Figure 2.2: Difference between line of sight and non-line of sight2.3 The layer of WiMAX
Basically there are two layer of WiMAX technology. These are
1) Physical layer
2) Medium Access Control (MAC) layer
2.3.1 Physical layer
Figure: 2.3 Physical layer of WiMAX
The WiMAX physical layer is based on orthogonal frequency division multiplexing. OFDM is the
transmission scheme of choice to enable high-speed data, video and multimedia communications and is used
by a variety of commercial broadband systems, including DSL, Wi-Fi, Digital Video Broadcast-Handheld
(DVB-H), and Media FLO, besides WiMAX[9].
OFDM is an elegant and efficient scheme for high data rate transmission in a non-line-of-sight or
multi-path radio environment. From the above Figure 2.3 we can realize the Physical Layer of WiMAX.
2.3.1.1 Adaptive Modulation and Coding in WiMAX
WiMAX supports a variety of modulation and coding schemes and allows for the scheme to change on a
burst-by-burst basis per link, depending on channel conditions. Using the channel-quality feedback
indicator, the mobile can provide the base station with feedback on the downlink channel quality. For the
uplink, the base station can estimate the channel quality, based on the received signal quality[10].
2.3.1.2 PHY-Layer Data Rates
Because the physical layer of WiMAX is quite flexible, data rate performance varies based on the operating
parameters. Parameters that have a significant impact on the physical-layer data rate are channel bandwidth
and the modulation and coding scheme used. Other parameters, such as number of sub-channels, OFDM
guard time, and over-sampling rate, also have an impact[11].
2.3.2 Medium Access Control (MAC) layer
Figure- 2.4 MAC layer of WiMAX
The IEEE 802.16 MAC was designed for point-to-multipoint broadband wireless access applications. The
primary task of the WiMAX MAC layer is to provide an interface between the higher transport layers and
the physical layer.
The MAC layer takes packets from the upper layer. These packets are called MAC Service Data
Units (MSDUs) & organize them into MAC Protocol Data Units (MPDUs) for transmission over the air. For
received transmissions, the MAC layer does the reverse.
The IEEE 802.16-2004 and IEEE 802.16e-2005 MAC design includes a convergence sub-layer that
can interface with a variety of higher-layer protocols, such as ATM TDM Voice, Ethernet, IP and any
unknown future protocol. The 802.16 MAC is designed for point-to-multipoint (PMP) applications and is
based on collision sense multiple access with collision avoidance (CSMA/CA).
The MAC incorporates several features suitable for a broad range of applications at different mobility
rates, such as the following:
Privacy Key Management (PKM) for MAC layer security. PKM version 2 incorporates support for
Extensible Authentication Protocol (EAP).
Broadcast and multicast support.
Manageability primitives.
High-speed handover and mobility management primitives.
Three power management levels, normal operation, sleep and idle.
Header suppression, packing and fragmentation for efficient use of spectrum.
These features combined with the inherent benefits of scalable OFDMA make 802.16 suitable for high-
speed data and burst or isochronous IP multimedia applications. Support for QoS is a fundamental part of
the WiMAX MAC-layer design[12]. WiMAX borrows some of the basic ideas behind its QoS design from
the DOCSIS cable modem standard. Strong QoS control is achieved by using a connection-oriented MAC
architecture, where all downlink and uplink connections are controlled by the serving BS.
2.4 Integration with an IP based Network
Figure- 2.5 IP Base network of WIMAX
The WiMAX Forum has proposed an architecture that defines how a WiMAX network can be connected
with an IP based core network, which is typically chosen by operators that serve as Internet Service
Providers (ISP); Nevertheless the WiMAX BS provide seamless integration capabilities with other types of
architectures as with packet switched Mobile Networks. For better understanding the type, we can have a
look at the Figure 2.5, which clearly shows the snapshot of IP Base network of WIMAX. The WiMAX
forum proposal defines a number of components, plus some of the interconnections (or reference points)
between these, labeled R1 to R5 and R8:
-SS/MS: the Subscriber Station/Mobile Station
-ASN: the Access Service Network
-BS: Base station, part of the ASN
-ASN-GW: the ASN Gateway, part of the ASN
-CSN: the Connectivity Service Network
-HA: Home Agent, part of the CSN
-AAA: Authentication, Authorization and Accounting Server, part of the CSN
-NAP: a Network Access Provider
-NSP: a Network Service Provider
It is important to note that the functional architecture can be designed into various hardware
configurations rather than fixed configurations. For example, the architecture is flexible enough to allow
remote/mobile stations of varying scale and functionality and Base Stations of varying size - e.g. femto,
pico, and mini BS as well as macros[13].
Chapter 3
WiMAX Application
3.1 WiMAX Applications
WiMAX is the most important technology in the world. WiMAX has following application.
3.1.1 WiMAX VoIP
A fixed wireless solution not only offers competitive internet access, it can do the same for telephone service
thus further bypassing the telephone company's copper wire network. Voice over Internet Protocol (VoIP)
offers a wider range of voice services at reduced cost to subscribers and service providers alike. The diagram
below Figure 3.1 illustrates a typical solution where a WiMAX service provider can obtain wholesale VoIP
services at about $5/number/month and resell to enterprise customers at $50[14].
Figure: 3.1 VoIP - The “Killer app” for WiMAX
3.1.2 Digital Television
WiMAX lets us deliver a 100% digital picture, room shaking sound and so much more. Once viewer got
Sling Digital TV, they never want to go back to IP or satellite. With over 300 channels originating from
more than 80 countries, the ultimate entertainment for the true TV lover, Sling IPTV features 31
commercial-free premium movie channels from Showtime, Star Movie Pack, HBO and Cinemas; NBA TV
and all the great programming. Sling IPTV also offers the greatest range of local and “International”
television available on any one network[15].
3.1.3 Internet Service Provider
An Internet service provider (ISP), also sometimes referred to as an Internet access provider (IAP), is a
company that offers its customers access to the Internet. The ISP connects to its customers using a data
transmission technology appropriate for delivering Internet Protocol Paradigm, such as dial-up, DSL, cable
modem, wireless or dedicated high-speed interconnects. ISPs may provide Internet e-mail accounts to users
which allow them to communicate with one another by sending and receiving electronic messages through
their ISP's servers[16]. ISPs may provide services such as remotely storing data files on behalf of their
customers, as well as other services unique to each particular ISP.
3.1.3.1 End-user-to-ISP connection
ISPs employ a range of technologies to enable consumers to connect to their network. For users and small
businesses, the most popular options include dial-up, DSL (typically Asymmetric Digital Subscriber Line,
ADSL), broadband wireless, cable modem, fiber to the premises (FTTH), and Integrated Services Digital
Network (ISDN) (typically basic rate interface). For customers with more demanding requirements, such as
medium-to-large businesses, or other ISPs, DSL (often SHDSL or ADSL), Ethernet, Metro Ethernet, Gigabit
Ethernet, Frame Relay, ISDN (BRI or PRI), ATM, satellite Internet access and Synchronous Optical
Networking (SONET) are more likely to be used[17].
Figure: 3.2 Internet connectivity options from end-user to Tier 3/2 ISP's
Typical home user connection
-Broadband wireless access
-Cable Internet
-Dial-up
-ISDN
-Modem
-DSL
-FTTH
-Wi-Fi
Typical business-type connection
-DSL
-Ethernet technologies
-Leased line
-SHDSL
3.1.3.2 ISP interconnection
Figure: 3.3 Internet Connections
Just as their customers pay them for Internet access, ISPs themselves pay upstream ISPs for Internet access.
An upstream ISP usually has a larger network than the contracting ISP and/or is able to provide the
contracting ISP with access to parts of the Internet the contracting ISP by itself has no access to. In the
simplest case, a single connection is established to an upstream ISP and is used to transmit data to or from
areas of the Internet beyond the home network; this mode of interconnection is often cascaded multiple
times until reaching a Tier 1 carrier. In reality, the situation is often more complex. ISPs with more than one
Point of Presence (PoP) may have separate connections to an upstream ISP at multiple PoPs, or they may be
customers of multiple upstream ISPs and may have connections to each one of them at one or more point of
presence[18].
3.1.3.3 Peering
SPs may engage in peering, where multiple ISPs interconnect at peering points or Internet Exchange points
(IXs), allowing routing of data between each network, without charging one another for the data transmitted
—data that would otherwise have passed through a third upstream ISP, incurring charges from the upstream
ISP. ISPs requiring no upstream and having only customers (end customers and/or peer ISPs) are called Tier
1 ISPs.
Network hardware, software and specifications, as well as the expertise of network management
personnel are important in ensuring that data follows the most efficient route, and upstream connections
work reliably[19]. A tradeoff between cost and efficiency is possible.
3.1.3.4 Virtual ISP
A Virtual ISP (VISP) is an operation which purchases services from another ISP (sometimes called a
"wholesale ISP" in this context) which allow the VISP's customers to access the Internet using services and
infrastructure owned and operated by the wholesale ISP[20].
3.1.3.5 Free ISP
Free ISPs are Internet Service Providers (ISPs) which provide service free of charge. Many free ISPs display
advertisements while the user is connected; like commercial television, in a sense they are selling the users'
attention to the advertiser. Other free ISPs, often called free nets, are run on a nonprofit basis, usually with
volunteer staff[21].
Chapter 4
WiMAX and other Wireless Technologies
4.1 Comparisons of WiMAX & Wi-Fi
Comparisons and confusion between WiMAX and Wi-Fi are frequent because both are related to wireless
connectivity and Internet access.
WiMAX is a long range system, covering many kilometers, which uses licensed or unlicensed
spectrum to deliver a point-to-point connection to the Internet.
Different 802.16 standards provide different types of access, from portable (similar to a cordless
phone) to fixed (an alternative to wired access, where the end user's wireless termination point is
fixed in location.)
Wi-Fi uses unlicensed spectrum to provide access to a network.
Wi-Fi is more popular in end user devices.
WiMAX and Wi-Fi have quite different Quality of Service (QoS) mechanisms.
WiMAX uses a mechanism based on connections between the base station and the user device. Each
connection is based on specific scheduling algorithms.
Wi-Fi has a QoS mechanism similar to fixed Ethernet, where packets can receive different priorities
based on their tags. For example VoIP traffic may be given priority over web browsing.
Wi-Fi runs on the Media Access Control's CSMA/CA protocol, which is connectionless and
contention based, whereas WiMAX runs a connection-oriented MAC.
Both 802.11 and 802.16 define Peer-to-Peer (P2P) and ad hoc networks, where an end user
communicates to users or servers on another Local Area Network (LAN) using its access point or base
station. With WiMAX, Wi-Fi like data rates are easily supported, but the issue of interference is lessened.
WiMAX operates on both licensed and non-licensed frequencies, providing a regulated environment and
viable economic model for wireless carriers[22]. WiMAX can be used for wireless networking in much the
same way as the more common Wi-Fi protocol.
4.2 WiMAX Compared to Mobile Telephone Data Systems
The comparison between WiMAX and Mobile Telephone are given below:
Mobile telephone systems are fully automatic wide-area high-capacity RF networks made up of a
group of coverage sites called cells. As a subscriber passes from cell to cell, a series of handoffs ensures
smooth call continuity.
Mobile telephone systems have evolved to offer a mix of voice and packet data services. These
systems are composed of interlinked cells that have the capability to transfer connections from tower to
tower. The radio channel bandwidth is relatively narrow compared to WiMAX systems and the modulation
types are less efficient (i.e. more robust). Therefore, the maximum data rates of mobile telephone data
systems are lower than that of WiMAX.
WiMAX is positioned to fit with cellular data and Wi-Fi systems. WiMAX systems are designed to
provide centrally managed high speed data services over wide areas, whereas Wi-Fi systems are designed to
provide self-managed wireless data services over relatively small geographic areas.
Figure 4.1 Comparisons between WiMAX and 3G
Finally, mobile telephone data services are designed to provide a mix of voice and medium speed
data services to customers as they move throughout a mobile system[23].
Table: 4.1 Comparison of WiMAX with other Broadband Wireless Technologies
Parameter Fixed
WiMAX
Mobile
WiMAX
HSPA 1 x EV-DA
Rev A
Wi-Fi
Standards IEEE 802.16-
2004
IEEE 802.16e-
2005
3GPP Release
6
3GPP2 IEEE
802.11a/g/n
Peak down
link data rate
9.4 Mbps in
3.5MHz with
3:1 DL-to-UL
ratio TDD;
6 .1 Mbps
with 1:1
46 Mbps with
3:1 DL-to-UL
ratio TDD;
32Mbps with
1:1
14.4 Mbps
using all 15
codes;
7.2Mbps with
10 codes
3.1Mbps;
Rev. B will
support
4.9Mbps
54Mbps
shared using
802.11 a/g;
Peak up link
data rate
3.3Mbps in
3.5MHz using
3:1 DL-to-UL
ratio;
6.5Mbps with
1:1
7Mbps in
10MHz using
3:1 DL-to-UL
ratio; 4Mbps
using 1:1
1.4Mbps
initially;
5.8Mbps later
1.8Mbps More than
100Mbps
peak layer 2
throughput
using 802.11n
Bandwidth 3.5MHz and
7MHz in
3.5GHz
3.5MHz,
7MHz, 5MHz,
10MHz and
5MHz 1.25MHz 20MHz for
802.11 a/g;
20/40MHz for
band ; 10MHz
in 5.8GHz
band
8.75MHz
initially
802.11n
Modulation QPSK, 16
QAM, 64-
QAM
QPSK, 16
QAM, 64-QAM
QPSK, 16
QAM
QPSK, 8
PSK, 16
QAM
BPSK, QPSK,
16 QAM, 64
QAM
Multiplexing TDM TDM/OFDMA TDM/CDMA TDM/
CDMA
CSMA
Duple- xing TDD, FDD TDD initially FDD FDD TDD
Frequency 3.5GHz and
5.8GHZ
initially
2.3GHz,
2.5GHz and
3.5GHz initially
800/900/1,800
/1,900/2,100
initially
800/900/1,80
0
/1,900MHz
2.4GHz,
5GHz
Coverage
(typical)
3-5 miles < 2 miles 1-3 miles 1-3 miles < 100 ft
indoors;
< 100 ft
outdoors
Mobility Not
applicable
Mid High High Low
4.3 Limitations of WiMAX
A commonly-held misconception is that WiMAX will deliver 70 Mbit/s over 50 kilometers (~31 miles). In
reality, WiMAX can either operate at higher bitrates or over longer distances but not both: operating at the
maximum range of 50 km increases bit error rate and thus results in a much lower bitrate. Conversely,
reducing the range (to <1km) allows a device to operate at higher bitrates. There are no known examples of
WiMAX services being delivered at bit rates over around 3 Mbit/s[24].
Chapter 5
Security of WiMAX
5.1 Introduction
This Chapter is based on wireless security system. Our first concern is to emphasis on different features of
security and secondly we give an effort on different levels of security in WiMAX. Security specially
considers the Authentication, Authorization & Accounting (AAA).
5.2 Security in Wireless Networks
Security is an important concern for the network operator and the network user. In fact, the expectations of
the network operator and the network user are not contradictory but complimentary. Any well designed
network needs to deliver these perfectly reasonable expectations which can only be achieved by the
equipment vendors, system integrators and network operators working together and making the right design
choices. In Table 5.1 below, we have summarized these security expectations.
Table: 5.1 Security Expectations
Stakeholder Security Concern Comment
Network
User
Privacy Protect from eavesdropping
Data integrity Protect user data from being
tampered in transit
Access to services User has the correct credentials
Correct accounting Accuracy and efficiency of
accounting
Network
Operator
User authentication Is the user who he says He is?
Device authentication Is the device the Correct device?
Authorization Is the user authorized to receive a
particular Service?
Access control Only authorized users
have access to services
Security is handled at multiple layers of the network, each layer handling a complimentary aspect of
security. Security functions can be mapped to different layers of the OSI 7-layer model as shown in Table
5.2 below.
Table: 5.2 Security functions at various network layers
Application Layer Digital Signature, Certificate, End-to-
End Security
Transport Layer Transport Layer Security (TLS)
Network Layer IPsec, AAA Infrastructure, RADIUS
Data Link Layer AES, PKI, X.509
Physical Layer WiMAX PHY
The security sub-layer specified by the IEEE 802.16e-2005 only deals with the Data Link Layer
security. Link Layer authentication and authorization ensures that the network is only accessed by permitted
users. Link Layer encryption ensures privacy and protects traffic data from eavesdropping by unauthorized
third parties. Network Layer security measures protect the network from malicious attacks achieved through
the use of firewalls and AAA servers. RADIUS is the most widely used protocol for AAA interactions.
Mobile WiMAX network architecture addresses the use of these techniques by providing an AAA based
secure roaming model. The Transport and Application layers provide additional security measures as
deemed appropriate by the network operator, Application Service Providers (ASPs) or the end users
themselves[25].
5.3 Attacks on Wireless LANs
A malicious hacker can seek to disable or attempt to gain access to a wireless LAN in several ways. Some of
these methods are eavesdropping (frame capture), jumming (denial of service), man-in-middle, management
interface exploits, encryption cracking, and connection hijacking. This list is by no means exhaustive, and
some of this method can be orchestrated in several different ways. It is beyond the scope of this book to
present every possible means of wireless LAN attack. This text aimed at giving you insight into some
possible methods of attack so that security will be considered a vital part of your wireless LAN
implementation[26].
-Eavesdropping
-Encryption Cracking
-RF Jamming
-Wireless Hijacking
-Rogue Access Point
-Penetration Attacks
5.4 Security in Mobile WiMAX
In any communication system security is important portion, also important is in telecommunications. It is
even more important when wireless systems are used because it is generally perceived that wireless systems
easier to attack than wire line systems. For a ground-breaking broadband wireless standard such as WiMAX,
addressing the security concerns head-on and specifying credible solutions has been an important objective.
In this chapter we start by introducing the requirements and general principles of security in wireless
networks. We then present the data link security sub layer functions as defined by the IEEE 802.16e-2005
standard for the WiMAX air interface[27]. Finally, the network aspects of security and Mobile WiMAX
network architecture sections deal with the network aspects of security in accordance with the WiMAX
Forum Network Reference Model (NRM).
5.5 Security Functions
WiMAX systems were designed at the outset with robust security in mind. The standard includes state-of-
the-art methods for ensuring user data privacy and revenging unauthorized access, with additional protocol
optimization for mobility. Security is handled by a privacy sub layer within the WiMAX MAC. The key
aspects of WiMAX security are as follow.
5.5.1 Support for privacy
User data is encrypted using cryptographic schemes of proven robustness to provide privacy. Both AES
(Advanced Encryption Standard) and 3DES (Triple Data Encryption Standard) are supported. Most system
implementations will likely use AES, as it is the new encryption standard approved as compliant with
Federal Information Processing Standard (FIPS) and is easier to implement. The 128-bit or 256-bit key used
for deriving the cipher is generated during the authentication phase and is periodically refreshed for
additional protection[28].
5.5.2 Device/user authentication
WiMAX provides a flexible means for authenticating subscriber stations and users to prevent unauthorized
use. The authentication framework is based on the Internet Engineering Task Force (IETF) EAP, which
supports a variety of credentials, such as username/password, digital certificates, and smart cards. WiMAX
terminal devices come with built-in X.509 digital certificates that contain their public key and MAC address.
WiMAX operators can use the certificates for device authentication and use a username/password or smart
card authentication on top of it for user authentication[29].
5.5.3 Flexible key-management protocol
The Privacy and Key Management Protocol Version 2 (PKMv2) is used for securely transferring keying
material from the base station to the mobile station, periodically reauthorizing and refreshing the keys. PKM
is a client-server protocol: The MS acts as the client; the BS, the server. PKM uses X.509 digital certificates
and RSA (Rivest-Shamer-Adleman) public-key encryption algorithms to securely perform key exchanges
between the BS and the MS[30].
5.5.4 Protection of control messages
The integrity of over-the-air control messages is protected by using message digest schemes, such as AES-
based CMAC or MD5-based HMAC.11
5.5.5 Support for fast handover
To support fast handovers, WiMAX allows the MS to use preauthentication with a particular target BS to
facilitate accelerated reentry. A three-way handshake scheme is supported to optimize the reauthentication
mechanisms for supporting fast handovers, while simultaneously preventing any man-in-the-middle attacks.
5.6 Data Link Layer Security
We have like to discuss about Data link Layer Security below.
5.6.1 Authentication
The Data Link Layer security functions encompass the essential functions of authentication, authorization
and encryption which take place between the end user station [note that we will talk about mobile station
(MS) but the same principles also apply to subscriber stations (SS)] and the base station (BS) over the IEEE
802.16e- 2005 air interface. Please note that in this section, for simplicity, we will attribute various security
functions to the BS. We will now consider how these functions are performed. Authentication comes in two
forms:
-Unilateral authentication where the BS authenticates the MS and
-Mutual authentication where the BS authenticates the MS and the MS authenticates the BS Every
WiMAX implementation must have unilateral authentication.
The choice of authentication method depends on the operator’s choice of type of EAP as follows:
-EAP-AKA (Authentication and Key Agreement) for SIM based authentication,
-EAP-TLS for X.509 based authentication
-EAP-TTLS for MS-CHAPv2
The BS associates the MS’s authenticated identity to a paying subscriber and hence to the services
the subscriber is authorized to access. Thus, through the exchange of AK, the BS determines the
authenticated identity of the MS and the services it is authorized to access[31].
5.6.2 Security Association
A Security Association (SA) is defined as the set of security information shared between a BS and one or
more of the MSs connected to that BS in order to support secure communications across the WiMAX access
network. Three types of SA have been defined, primary, static and dynamic. Each MS establishes a primary
SA during the MS initialization phase. Static SAs are provided within the BS. Each MS can have several
service flows on the go and can therefore have several dynamic SAs[32]. The BS makes sure that the
assigned SAs are compatible with the service types the MS is authorized to access.
5.6.3 Authorization
Following authentication, MS requests authorization from the BS. This is a request for
an AK as well as for an SA identity (SAID). The Authorization Request includes MS’s X.509 certificate,
encryption algorithms and cryptographic ID. In response, the BS carries out the necessary validation (by
interacting with an AAA server in the network) and sends back an Authorization reply which contains the
AK encrypted with the MS’s public key, a lifetime key and an SAID[33]. After the initial authorization, the
AAA via the BS periodically reauthorizes the MS.
5.6.4 Traffic Encryption
As we have seen above, the authentication and authorization process results in the assignment of and
Authorization Key, which is 160 bits long. The (KEK) Key Encryption Key is derived directly from the AK
and is 128 bits long. The KEK is not used for encrypting traffic data; for this we require the Traffic
Encryption Key which is generated as a random number in the BS using the TEK encryption algorithm
where KEK is used as the encryption key. TEK is then used for encrypting the data traffic[34].
Table below summarizes how the mobile WiMAX standard addresses the security requirements summarized
in Table 5.3 below.
Table: 5.3 WiMAX standard addresses security expectations
Stakeholder Security Concern Comment How does WiMAX
address it?
Network
User
Privacy Protect from
Eavesdropping
RSA encryption,
EAP-TLS, PKM
protocol
Data integrity Protect user data from
being tampered in transit
RSA encryption,
EAP-TLS,PKM
protocol
Access to services User has the correct
Credentials
X.509, EAP
Correct accounting Accuracy and efficiency
of accounting
AAA architecture
Network
User
authentication
Is the user who he says
he is?
X.509, EAP-TTLS
Device
authentication
Is the device the
correct device?
X.509, EAP-TTLS
Authorization Is the user authorized RSA, EAP, PKMv2
Operator to receive a particular
service?
Protocol
Access control Only authorized users
have access to services
RSA, EAP, PKMv2
Protocol
5.7 Network Aspects of Security
As we have considered the security related interactions and protocols between the SS and the BS, now let’s
consider what happens at the network level and where the intelligence may reside. Figure 5.1 shows typical
access control architecture.
Figure: 5.1 Typical Access Control Architecture
Extensible Authentication Protocol (EAP) defined by IETF (RFC 3748) is a flexible framework
which allows complex authentication protocols to be exchanged between the end user and the authenticator.
In WiMAX, between the MS and the BS EAP runs over the WiMAX PHY and MAC utilizing the PKMv2
protocol as defined in 802.16e-2005. If the authenticator function is not in the BS, the BS relays the
authentication protocol to the Authenticator (in the Access Services Network). It has client/server
architecture and utilizes UDP messages. The authentication server is also the RADIUS server, whereas the
authenticator acts as a RADIUS client. In addition to authentication, RADIUS also supports authorization
and accounting functions[35].
5.8 ASN and CSN Interaction for Security
Connectivity Service Network (CSN) is the core of the network. It controls and manages the ASNs and the
subscribers with a variety of services such as AAA, Home Agent functions, DHCP server, etc. CSN is also
responsible for connecting to other operator’s networks and enables inter-operator and inter-technology
roaming. Figure 5.2 below shows the protocol stack for AAA in mobile WiMAX network implementation. It
is worth noting that EAP ‘layer’ operates over the R1/R3/R5 reference points and the EAP methods (AKA,
TSL/TTLS) operate over R2.
Authenticator AuthenticatorServerIP
Clud
Mobile Station(MS)
EAP EAP
WiMAX Liink Layer AAA RADIUS
Figure: 5.2 Protocols for Mobile WiMAX AAA
When authentications of both the end user and the device need to be performed and these
authentications terminate in different AAA servers, the favored approach in PKMv2 is to use EAP-TTLS
instead of double authentication. In double authentication, first device authentication then user EAP
authentication takes place before the MS is allowed access to IP services. In EAP-TTLS authentication
however, double authentication is dispensed with and by virtue of tunneling to the appropriate AAA server,
the same AAA server is used for both, thus shortening the authentication process[36].
5.9 Service Flow Management and Authorization
Service Flow Management (SFM) and Service Flow Authorization (SFA) are the logical functional entities,
closely associated with QoS, located in the ASN that act as policy enforcement and policy decision points.
For ASN Profile C, the SFM function is located in the BS and the SFA function is located at the ASN GW.
The Service Flow Manager (SFM) located in the BS is responsible for the creation, admission, activation,
modification, and deletion of IEEE 802.16e-2005 service flows. It consists of an Admission Control (AC)
function, data path function and the associated local resource information. AC decides whether a new
service flow can be admitted to the system. Service Flow Authorization (SFA) is located at the ASN GW
and is responsible for evaluating any service request against the subscriber's QoS profile[37]. The Policy
Functions (PFs) and its associated database reside in the CSN of both the home and the visited network.
5.10 EAP-TLS using a Device Certificate for MSS Credentials
The use of EAP-TLS by the MSS to perform device authentication is assumed to be a fundamental
capability, however device authentication has some limitations as documented below.
EAP-TLS relies on the use of both client and server X.509 digital certificates to mutually
authenticate the Device and Network. In the case of WiMAX the EAP-TLS authentication runs between the
MSS and the AAA server managed by either an NAP or an NSP depending on how EAP-TLS is being used.
EAP-TLS defines a mechanism for both the Server (AAA Server) and Client (MSS) to exchange and
authenticate certificates. EAP-TLS provides a mechanism to encapsulate certificates and negotiate a secret
MSK key securely[38].
In general EAP-TLS provides a strong framework for validating:
• Device Identity
• Device Compatibility
• Device Access Validity
• Network Identity
• Network Integrity
Conclusion
WiMAX services bring long time term evolution in wireless data market. WiMAX Technology is facing
many hurdles in market while it has some great advantages which make it a technology of today. The single
station of WiMAX can operate & provide coverage for hundred of users at a time and manage sending and
receiving of data at very high speed with full of network security. The High speed of connectivity over long
distance and high speed voice makes it more demanded in hardly populated areas plus compacted areas.
WiMAX Technology perform a variety of task at a time such as offering high speed internet, providing
telephone service, transformation of data, video streaming, voice application etc. Now everyone can connect
internet anywhere and browse any site and make possible online conference with mobile internet,
multimedia application never let the user bored, IPTV stay up to date etc. WiMAX is a well known wireless
network now days because it provides a low cost network substitute to internet services offered via ADSL,
modem or local area network. The use of smart antenna in WiMAX network offering high quality widest
array which enable the client to make possible communication on long route without any encryption. Its
exclusive design is providing range from 2 to 10 GHz and outstanding time response. Security options of
WiMAX Technology also offer very high security because of encryption system used by WiMAX. The
WiMAX is providing exclusive homeland security. Now it can exchanges its data on whole network without
any fear of losing data. The best advantage of WiMAX vendor technology is lack of history within mobile
industry for protection. WiMAX push the existing technologies and forward on steady stream. WiMAX is a
great technology for next generation with potential applications such as cellular backhaul, hotspot, VoIP
mobiles and broadband connection but it have some limitation as under. The WiMAX other drawback is that
any user closer to the tower can get high speed which is up to 30Mbit/s but if a user exists at the cell edge
from the tower can obtain only 14Mbit/s speed. In all wireless technology the bandwidth is shared between
users in a specified radio sector. Mostly user have a range of 2 to 8 or 12 Mbit/s services so for better result
additional radio cards added to the base station to boost the capability as necessary.