|
|
Security: Network Access & Initialization
In this section I am going to explain briefly at the activities of a subscriber station in the framework of gaining network access and initialization. The PKM Protocol is used during the network access and initialization phase, in the authentication and authorization steps. A Subscriber Station (SS) must perform a number of tasks before gaining access to a network. These tasks are discussed in detail below.
Scanning & Synchronization
First the Subscriber Station (SS) searches for a downlink signal from the Base Station (BS) and try to coordinate with it. If previous downlink channel existed, the SS will try reusing those functional parameters. If not, the SS must look into all the potential channels in the downlink frequency band. When a channel has been selected, the SS attempts to synchronize with the downlink transmission by detecting the cyclic frame preambles. (David Johnston, Hassan Yaghoobi, 2004)
Uplink & Downlink Parameters Detection
After synchronization has been established at the physical layer, the Subscriber Station (SS) then continues to search for the Downlink Channel Descriptor (DCD) and the uplink channel descriptor (UCD) messages that are regularly broadcasted by the Base Station (BS). The DCD and UCD messages hold information regarding the physical layer features of both the downlink and uplink channels. Among others, these messages then permit the SS to learn about the modulation type and Forward Error Correction (FEC) method of the carrier. Depending on the PHY specification selected for a given settings, the BS also frequently transmits uplink-map (UL-MAP) and downlink-map (DL-MAP) messages that describe their burst start times. It is through the DL-MAP and UL-MAP messages that the BS can assign access to the individual channels. (Shyam Parekh, 2006)
Ranging & Subscriber Station Capabilities
In this stage, the Subscriber Station (SS) performs ranging, which is the process of aligning the SS transmission timing-wise to the start of a slot during contention for access. This process is part of framing and media access in 802.16 and consists of initial ranging and periodic ranging.
The early ranging contention slot is used for network entry. Here, the SS sends a ranging request packet (RNG-REQ) in the primary ranging contention slot. If this message is received correctly by the BS, it then replies to the SS with a ranging response packet (RNG-RSP) unfolding the timing and power correction information to the SS. This permits the SS to adjust the timing and power of its signal as received by the BS. The response will also tell the SS about the connection IDs (CID) chosen by the BS. The other type of ranging, namely, periodic ranging, provides chances for SS to send ranging-request messages to the BS in order to adjust power levels, time, and frequency offsets. (Derrick Boom, 2004)
After ranging is completed, the SS reports its physical layer capabilities to the BS. This consists of the modulation and coding schemes holds by the SS, and whether the SS within the WiMAX Frequency Division Duplexing (FDD) supports half-duplex or full-duplex. The BS has the choice of accepting or rejecting these capabilities of the SS. (Derrick Boom, 2004)
Subacriber Station Authentication, Authorization & Registration
During this stage, the SS must be authenticated by the BS and obtain authorization from the BS by using the PKM Protocol. Each SS device is assigned to an X.509 digital certificate, which is physically bound to the device hardware during manufacturing. One achievable implementation is to include the devices MAC-address in its certificate. The MAC address in WiMAX is the usual 48bit address used in other IEEE 802 standards such as Ethernet. It is essential to note that just as in Data Over Cable Service Interface Specifications (DOCSIS) compliant cable modem devices, the digital certificate and the private key are allocated during manufacturing of the SS device. The private key must be embedded in the hardware in such a way that it is complicated or infeasible for the user to access or extract. (Michaela Greiler, 2007)
After verification of authentication and authorization, the Subscriber Station (SS) continues with the registration stage. Here, the SS sends a registration request message to the BS, who answers with a registration response message including among others a secondary management connection ID for the SS and the IP version used for the secondary management connection. The appearance of the registration response message from the BS tells to the SS that it has been registered in the network and therefore allowed to enter the network. (Michaela Greiler, 2007)
IP Connectivity
At the completion of registration, the SS can now obtain an IP address through the DHCP protocol, obtain current time information (e. g., through the Internet Time Protocol), and also obtain other parameters from the BS. (Michaela Greiler, 2007)
See Also:PKM (Privacy Key Management) Protocol
|
|
||
© Copyright 2008 | Home | Sitemap | References | Privacy Policy | Contact Us | About Us | Webmaster WiMAX News | WiMAX Products Manudacturers | WiMAX Reviews INTRODUCTION | Authentication Problem | Encryption Problem | Availability Problem | Other Threats to WiMAX BACKGROUND | WiMAX Background | WiMAX Overview | Why WiMAX | WiMAX Standards TECHNOLOGY | WiMAX Technology | WiMAX Design | Types Of WiMAX SECURITY | WiMAX Security | WiMAX Security Functions | Security Inside WiMAX | Network Access & Initialization | PKM Protocol ENCRYPTION | Encryption In WiMAX | Advance Encryption Standard | Public Key Infrastructure | Authentication & Access Control | RADIUS THREATS | Rouge Base Stations | DoS Attacks | Data Link Layer Threats | Application Layer Threats | Physical Layer Threats | Privacy Sub-Layer Threats | Mutual Authentication | Key Management Problem | Threat of Identity Theft | Water Torture Threat | Black Hat Threat ENHANCEMENTS | OFDM | WiMAX & IMT Advanced | Power Control & Error Detection | Sub Channelization & Transmission Diversity | Antennas & Adaptive Modulation FUTURE | WiMAX Future | WiMAX Future Threats | 4G |
