IEEE 802.16ppc-10/0060r1
Project
IEEE 802.16 Broadband Wireless Access Working Group <http://ieee802.org/16>
Title
Suggested Enhancements on Requirements for M2M Security
Date
Submitted
2010-09-09
Source(s)
Kerstin Johnsson, Nageen Himayat, Shilpa Talwar
E-mail: kerstin.johnsson@intel.com
Intel Corp.
Re:
Requirements for M2M Security
Abstract
Response to call for requirements
Purpose
For review and adoption into the IEEE 802.16p Systems Requirements Document
Notice
Release
Patent
Policy
This document does not represent the agreed views of the IEEE 802.16 Working Group or any of its subgroups. It
represents only the views of the participants listed in the “Source(s)” field above. It is offered as a basis for
discussion. It is not binding on the contributor(s), who reserve(s) the right to add, amend or withdraw material
contained herein.
The contributor grants a free, irrevocable license to the IEEE to incorporate material contained in this contribution,
and any modifications thereof, in the creation of an IEEE Standards publication; to copyright in the IEEE’s name
any IEEE Standards publication even though it may include portions of this contribution; and at the IEEE’s sole
discretion to permit others to reproduce in whole or in part the resulting IEEE Standards publication. The
contributor also acknowledges and accepts that this contribution may be made public by IEEE 802.16.
The contributor is familiar with the IEEE-SA Patent Policy and Procedures:
<http://standards.ieee.org/guides/bylaws/sect6-7.html#6> and
<http://standards.ieee.org/guides/opman/sect6.html#6.3>.
Further information is located at <http://standards.ieee.org/board/pat/pat-material.html> and
<http://standards.ieee.org/board/pat>.
1 Background
The security requirements for M2M vary with use case. For example, in mHealth applications security is
extremely important, both in terms of the physical integrity of the device as well as for the connection with the
M2M server. However, there are also M2M use cases where security is far less important, particularly when
weighed against the “power cost” of establishing security. For example, there are M2M use cases where sensors
are deployed “en masse” across a large environment, and those sensors transmit “real data” only very rarely.
When “real data” is transmitted, the network may require/desire the standard level of security. However, in
between those data transmissions, the network may still want to hear that the sensors are alive. These “alive”
messages do not contain sensitive data, thus in an effort to conserve power (both in terms of total awake time
and in transmission power), the network may desire to forgo the full security suite opting instead for a lower,
more time/power efficient security profile.
2 Text Proposal
Modify the functional requirements described in Section 6.1 as shown.
1
IEEE 802.16ppc-10/0060r1
--------------------------
Begin Text Proposal
-------------------------------
6.4 Security Support
6.4.1
The 802.16p system amendment should shall support the M2M device authentication.
802.16p system shall support an M2M device authentication which includes a device validity
check in cooperation between the device and the network.
6.4.2
The 802.16p system amendment should shall support verification and validation of the
exchanged data for M2M services.
6.4.3
The protocol 802.16p system should shall support efficient security for small burst
transmissions.
6.4.4
The 802.16p system shall include a security function to provide protection and confidentiality
of M2M device-generated traffic and its related data (e.g. location privacy, M2M device
identity).
6.4.5
The 802.16p system shall support lowered security requirements for certain M2M connections.
6.4.6
The 802.16p system shall support reduced security signaling for faster network entry of M2M
connections.
----------------------------- End Text Proposal
----------------------------------
2