IEEE C802.16m-09/1036
Project
IEEE 802.16 Broadband Wireless Access Working Group <http://ieee802.org/16>
Title
Proposed Text of Network entry Section for the IEEE 802.16m Amendment
Date
Submitted
2009-04-27
Source(s)
Jungje Son, Youngkyo Baek, Jicheol Lee
youngkyo.baek@samsung.com
Samsung Electronics Co., Ltd.
Re:
“802.16m AWD”:
IEEE 802.16m-09/0020, “Call for Contributions on Project 802.16m Amendment Working
Document (AWD) Content”.
Target topic: “Network entry”.
Abstract
The contribution proposes the text of security section to be included in the 802.16m amendment
working document.
Purpose
To be discussed and adopted by TGm for 802.16m amendment working document.
Notice
Release
Patent
Policy
This document does not represent the agreed views of the IEEE 802.16 Working Group or any of its subgroups. It
represents only the views of the participants listed in the “Source(s)” field above. It is offered as a basis for discussion.
It is not binding on the contributor(s), who reserve(s) the right to add, amend or withdraw material contained herein.
The contributor grants a free, irrevocable license to the IEEE to incorporate material contained in this contribution,
and any modifications thereof, in the creation of an IEEE Standards publication; to copyright in the IEEE’s name any
IEEE Standards publication even though it may include portions of this contribution; and at the IEEE’s sole discretion
to permit others to reproduce in whole or in part the resulting IEEE Standards publication. The contributor also
acknowledges and accepts that this contribution may be made public by IEEE 802.16.
The contributor is familiar with the IEEE-SA Patent Policy and Procedures:
<http://standards.ieee.org/guides/bylaws/sect6-7.html#6> and
<http://standards.ieee.org/guides/opman/sect6.html#6.3>.
Further information is located at <http://standards.ieee.org/board/pat/pat-material.html> and
<http://standards.ieee.org/board/pat>.
1
IEEE C802.16m-09/1036
Proposed Text of Network entry Section
for the IEEE 802.16m AWD
Jungje Son, Youngkyo Baek, Jicheol Lee
Samsung Electronics Co., Ltd.
1. Introduction
In this proposal, we proposed the network entry procedure to implement the scheme at SDD for location privacy,
2 step capability negotiations and try to optimize the air interface procedure within the range not seriously
affecting the overall network architecture and try to be consistent with current Network implementation.
The proposed changes from WirelessMAN-OFDMA Reference System can be abstracted as follows:
- Introducing Pseudo MS ID and temporary STID during the ranging step
- Implementing 2 step capability negotiations.
- Encryption of registration message conveying STID.
- Setting up default service flow and associated flow ID at successful registration as imbedded.
2. References
[1] IEEE P802.16 Rev2/D9, “Draft IEEE Standard for Local and Metropolitan Area Networks: Air Interface
for Broadband Wireless Access,” Jan. 2009.
[2] IEEE 802.16m-07/002r7, “802.16m System Requirements”
[3] IEEE 802.16m-08/003r8, “The Draft IEEE 802.16m System Description Document”
[4] IEEE 802.16m-08/043, “Style guide for writing the IEEE 802.16m amendment”
2
IEEE C802.16m-09/1036
3. Text proposal for inclusion in the 802.16m amendment working document
-------------------------------
Text Start
---------------------------------------------------
15.2.x Network Entry and Initialization
Systems shall support the applicable procedures for entering and registering a new AMS or a new node to the network. The procedure
for initialization of an AMS shall be as shown in Figure AAA. This figure shows the overall flow between the stages of initialization
in an AMS.
Figure. AAA network entry state machine - AMS side
Scan
downlink
channel
Establish DL sync/
Got UL parameters
Wait for
ranging
opportunity
Got ranging
opportunity/ Send
CDMA code
Got AAI-RNGRSP(success) or
CMDA Allocation IE/
Send AAI-RNG-REQ
Containing either MS
MAC address or
pseudo MSID
Got AAI-RNG-RSP
with STID and either
MAC address or
pseudo MSID/ Handle
AAI-RNG-RSP and
Send AAI-SBC-REQ
T18 expired and have more
retries/ Send AAI-SBC-REQ
Wait for
AAI-RNGRSP or
CDMA
allocation IE
(T3 expired and retries
exhausted) or (received
AAI-RNG-RSP(abort))
Received AAI-RNGRSP(con-tinue) or T3
expired
T3 expired and have more
retries
Wait for
AAI-RNGRSP with
TSTID
Wait for
AAI-SBCRSP
(T18 expired and retries
exhausted) or (received
AAI-RNG-RSP(abort) from
ABS)
If Auth. Supported, got AAISBC-RSP/ Handle AAI-SBCRSP
If Auth. Not supported, got
AAI-SBC-RSP/ Handle AAISBC-RSP
(T17 expires and retries
exhausted) or (received
AAI-RNG-RSP(abort) from
ABS)
AMS
authorization
and key
exchange
End
Authenticated from PKM/
Send AAI-REG-REQ, Start T6
T6 expired and have more
retries/ Send AAI-REG-REQ
(T6 expires and retries
exhausted) or ( AAI-RNGRSP(abort) or AAI-RESCMD from ABS
Wait for
REG-RSP
containing, if
Auth.
Supported,
STID
(AAI-RNG-RSP(Abort) or
AAI-DREG-CMD or AAIRES-CMD from ABS
Got AAI-REG-RSP/ Handle
AAI-REG-RSP
NW entry
completed
3
IEEE C802.16m-09/1036
The procedure can be divided into the following phases:
a) Scan for DL channel and establish synchronization with the ABS
b) Obtain UL parameters (from SuperFrameHeader)
c) Perform ranging
d) Negotiate Pre-authentication capability
e) Authorize AMS and perform key exchange
f) Perform Capability exchange and registration, and setup default service flow.
Each AMS contains the following information when shipped from the manufacturer:
— A 48-bit universal MAC address (per IEEE Std 802-2001) assigned during the manufacturing process. This is used to identify the
SS to the various provisioning servers during initialization.
— Security information as defined in Clause 7 (e.g., X.509 certificate) used to authenticate the AMS to the security server and
authenticate the responses from the security and provisioning servers.
15.2.x.1 AMS synchronization.
On initialization or after signal loss, the AMS shall acquire a DL channel. The AMS shall have nonvolatile storage in which the last
operational parameters are stored and may first try to reacquire this DL channel. If this fails, it shall begin to scan the possible
channels of the DL frequency band of operation until it finds a valid DL signal. Once the PHY has achieved synchronization, as given
by a PHY Indication, the MAC shall attempt to acquire the channel control parameters for the DL and then the UL.
15.2.x.2 AMS obtaining DL/UL parameters
[TBD pending decision on SFH design]
15.2.x.3 Initial ranging and automatic adjustments
Ranging is the process of acquiring the correct timing offset and power adjustments so that the AMS’s transmissions are aligned with
the ABS receive frame, and received within the appropriate reception thresholds. The timing delays through the PHY shall be
relatively constant. Any variation in the PHY delays shall be accounted for in the guard time of the UL PHY overhead.
15.2.x.3.1 Contention-based initial ranging and automatic adjustments.
After synchronization and UL parameter acquisition, the AMS first send a CDMA code at the initial ranging interval. The BS shall
allocate an initial ranging interval consisting of one or more transmission opportunities and inform at SFH.
4
IEEE C802.16m-09/1036
The AMS shall send the CDMA code at a power level measured at the antenna connector. If the AMS does not receive a response, the
AMS shall send a new CDMA code at the next appropriate initial ranging transmission opportunity and adjust its power level. If the
AMS receives a AAI-RNG-RSP message containing the parameters of the code it has transmitted and status Continue, it shall consider
the transmission attempt unsuccessful but implement the corrections specified in the AAI-RNG-RSP and issue another CDMA code
after random selection of one Ranging Slot in a single frame. If the AMS receives an UL-MAP containing a CDMA Allocation IE
with the parameters of the code it has transmitted, it shall consider the AAI-RNG-RSP reception successful, and proceed to send a
unicast AAI-RNG-REQ containing either MS MAC address or, if exists, pseudo MSID on the allocated bandwidth. If the AMS stores
a pseudo MSID then it shall use the pseudo MSID in place of MS MAC address for MS identification in order to support MS identity
privacy.
Once the ABS has successfully received the AAI-RNG-REQ message, it shall return an AAI-RNG-RSP message using the Initial
Ranging STID. Within the AAI-RNG-RSP message shall be the temporary STID(TSTID) assigned to this AMS. The message shall
also contain information on RF power level adjustment and offset frequency adjustment as well as any timing offset corrections. The
allocated TSTID is used during initial network entry until a STID is assigned to the AMS through AAI-REG-RSP message.
At this point the ABS shall start using invited initial ranging intervals addressed to the AMS’s TSTID to complete the ranging process,
unless the status of the AAI-RNG-RSP message is success, in which case the initial ranging procedure shall end. If the status of the
AAI-RNG-RSP message is continue, the AMS shall wait for an individual initial ranging interval assigned to its TSTID. Using this
interval, the AMS shall transmit another AAI-RNG-REQ message using the TSTID along with any power level and timing offset
corrections.
The ABS shall return another AAI-RNG-RSP message to the AMS with any additional fine tuning required. The ranging
request/response steps shall be repeated until the response contains a ranging successful notification or the ABS aborts ranging. Once
successfully ranged (AAI-RNG-REQ is within tolerance of the ABS), the AMS shall join normal data traffic in the UL.
15.2.x.4 Negotiate Pre-authentication capability.
Immediately after completion of ranging, the AMS informs the ABS of its pre-authentication capabilities by transmitting an
AAI-SBC-REQ message with its capabilities set to “on”. The ABS responds with an AAI-SBC-RSP message with the intersection of
the AMS’s and the ABS’s pre-authentication capabilities set to “on”. Among the parameters for pre-authentication capability from
AMS, if AMS follows default value, the AMS may omit those parameters from AAI-SBC-REQ. If AMS omits some parameters, the
ABS consider AMS follows the default value for those parameters and ABS may omits those parameters applying default value in its
AAI-SBC-RSP.
Among the capability parameters included in SBC-REQ, the following parameters shall be included in AAI-SBC-REQ if those
parameters are still required to be negotiated during network entry procedure of AMS.
– Capabilities for construction and transmission of MAC PDUs
– Extended header capability
– Service Information Query
– Association type support
– Visited NSP ID
– Visisted NSP Realm
– SII-ADV message pointer
–
–
–
–
–
–
–
Auth type for single EAP
PKM flow control
Security negotiation subattributes
PKM version support
Authorization policy support
MAC(message authentication) mode
PN window size
5
IEEE C802.16m-09/1036
–
–
–
–
–
–
–
–
–
–
OFDMA MAP capability
UL control channel support
Maximum TX power
Current TX power
OFDMA SS UL power control support
Number of UL HARQ channels
Number of DL HARQ channels
HARQ incremental redundancy buffer capability
HARQ Chase combining and CC-IR buffer capability
Maximum number of bursts per frame capability in HARQ
15.2.x.5 AMS authorization and key exchange.
If PKM is enabled in pre-authentication capability negotiation, the ABS and AMS shall perform authorization and key exchange as
described in 15.2.3. If MIH query capability during network entry is enabled, the ABS and AMS may perform MIH query using PKM
messages before authorization and key exchange. If this procedure completes successfully, all parameters for TEK generation are
shared, and TEKs are derived at each side of AMS and ABS.
15.2.x.6 Capability exchange and registration.
After authorization and key exchange are finished, the AMS informs the ABS of its capabilities and requests the registration for entry
into the network by AAI-REG-REQ. If an ABS receives an AAI-REG-REQ, the ABS shall respond with AAI-REG-RSP. Those
AAI-REG-REQ and AAI-REG-RSP messages shall be encrypted.
In AAI-REG-REQ, the AMS informs the ABS of its capabilities except pre-authentication capabilities with its capabilities set to “on”.
In AAI-REG-RSP, the ABS responds with the intersection of the AMS’s and the ABS’s capabilities set to “on”. Among the
parameters for capability from AMS, if AMS follows default value, the AMS may omit those parameters from AAI-REG-REQ. If
AMS omits some parameters , the ABS consider AMS follows the default value for those parameters and ABS may omits those
parameters applying default value in its AAI-REG-RSP.
ABS shall allocate a STID to the AMS though AAI-REG-RSP message and the temporary STID, which is allocated during initial
ranging procedure, is discarded.
AAA server or Authenticator should allocate a pseudo MSID to the AMS. The ABS sends this pseudo MSID securely through
AAI-REG-RSP message. The pseudo MSID is used for MS identification in place of MS MAC address during NW (re)entry or
location update, etc.
If the registration is successful, the ABS shall include flow ID in AAI-REG-RSP for default service flow assigned to MS and the flow
ID is used to acquire IP address and carrying IP-layer signaling.
-------------------------------
Text End
---------------------------------------------------
6