Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Networking

P802.16m Stage3 Proposal

advertisement 
IEEE C802.16m-09/1177
Project
IEEE 802.16 Broadband Wireless Access Working Group <http://ieee802.org/16>
Title
Security Ad-hoc Proposal for AWD Security Section
Date
Submitted
2009-05-05
Source(s)
Security Ad-hoc
Re:
AWD Baseline Text for Security
Abstract
The contribution proposes the text of security section to be included in the 802.16m amendment
working document.
Purpose
To be adopted by TGm for 802.16m amendment working document.
Notice
Release
Patent
Policy
jicheol.lee@samsung.com
This document does not represent the agreed views of the IEEE 802.16 Working Group or any of its subgroups. It
represents only the views of the participants listed in the “Source(s)” field above. It is offered as a basis for discussion.
It is not binding on the contributor(s), who reserve(s) the right to add, amend or withdraw material contained herein.
The contributor grants a free, irrevocable license to the IEEE to incorporate material contained in this contribution,
and any modifications thereof, in the creation of an IEEE Standards publication; to copyright in the IEEE’s name any
IEEE Standards publication even though it may include portions of this contribution; and at the IEEE’s sole discretion
to permit others to reproduce in whole or in part the resulting IEEE Standards publication. The contributor also
acknowledges and accepts that this contribution may be made public by IEEE 802.16.
The contributor is familiar with the IEEE-SA Patent Policy and Procedures:
<http://standards.ieee.org/guides/bylaws/sect6-7.html#6> and
<http://standards.ieee.org/guides/opman/sect6.html#6.3>.
Further information is located at <http://standards.ieee.org/board/pat/pat-material.html> and
<http://standards.ieee.org/board/pat>.
1
IEEE C802.16m-09/1177
Proposed Text of Security Section
for the IEEE 802.16m AWD
TGm Security Ad-hoc
1. Text proposal for inclusion in the 802.16m amendment working document
-------------------------------
Text Start
---------------------------------------------------
15.2.3 Security Enhancements
15.2.3.1 Security Architecture
The security functions provide subscribers with privacy, authentication, and confidentiality across the IEEE 802.16m network. It
does this by applying cryptographic transforms to MAC PDUs carried across connections between AMS and ABS.
The security architecture of WirelessMAN-OFDMA Advanced System consists of the following functional entities; the AMS, the
ABS, and the Authenticator as shown in the figure below.
If during pre-authentication capabilities negotiation, an AMS specifies that it does not support IEEE 802.16m security, steps of
authorization and key exchange shall be skipped. The ABS, if provisioned so, shall consider the AMS authenticated; otherwise, the
AMS shall not be serviced. Neither the key exchange nor data encryption performed.
S cope of IEEE 8 02 .1 6m S pecif i catio ns
S cope of recommendatio ns (Out of scope)
E AP Meth od
E AP
Authori zati on/SA Control
Locati on
P riv acy
E AP Encapsul ati on
/Decaps
u latio n
E nhanced Key
M anagement
P KM Control
E ncryptio n/A
uthenti cati on
S ecuri ty Functi ons
Within AMS and ABS the security architecture is divided into two logical entities:
• Security management entity
• Encryption and integrity entity
Security management entity functions included:
2
IEEE C802.16m-09/1177
•
•
•
•
•
Overall security management and control
EAP encapsulation/decapsulation: This stack provides the interface with the EAP layer, which the EAP-based authentication
is used as an authorization policy between an AMS and an ABS.
Privacy Key Management (PKM) control: This stack controls all security components. Various keys are derived and
generated in this stack. Privacy key management protocol version 3(PKM v3) defines how to control all security
components(e.g. such as derivation/ update/usage of keys)
Authentication and Security Association (SA) control: This stack controls the authorization state machine and the traffic
encryption key state machine.
Location privacy: This stack processes the location privacy related messages.
Encryption and integrity protection entity functions included:
• Transport data encryption/authentication processing: This stack encrypts or decrypts the transport data and executes the
authentication function for the traffic data.
• Management message authentication processing: This stack executes message authentication function such as CMAC.
• Management message confidentiality protection: This stack encrypts or decrypts the management data and executes the
authentication function for the traffic data.
15.2.3.2 Key Management Protocol (PKMv3)
15.2.3.2.1 Key Management
15.2.3.2.2 SA Management
15.2.3.2.3 Security Context
15.2.3.3 Cryptographic Methods
15.2.3.4 AMS Privacy
-------------------------------
Text End ---------------------------------------------------
3
Related documents
2010 PPT Slide Template
2010 PPT Slide Template
J. Lauletta
J. Lauletta
IEEE R10 HTA Outstanding Section Award
IEEE R10 HTA Outstanding Section Award
Advanced Computer Graphics and Multimedia Assignment Questions
Advanced Computer Graphics and Multimedia Assignment Questions
IEEE FELLOW GRADE NOMINATION FORM B
IEEE FELLOW GRADE NOMINATION FORM B
here - ICEAA
here - ICEAA
The New Jersey Coast Section, IEEE
The New Jersey Coast Section, IEEE
IEEE
IEEE
2. Text Proposal
2. Text Proposal
C80216m_09/xxx Project Title
C80216m_09/xxx Project Title
IEEE C802.16m-09/0928 Project Title
IEEE C802.16m-09/0928 Project Title
P802.16m Stage3 Proposal
P802.16m Stage3 Proposal
Download
advertisement