IEEE 802.21 MEDIA INDEPENDENT HANDOVER DCN: 21-08-0268-00-0sec Title: WiMAX Access Network Security Date Submitted: September 10, 2008 Presented at IEEE 802.21 session #28 in Big Island Authors or Source(s): Shubhranshu Singh, Subir Das Abstract: Study of WiMAX Access Network Security 21-08-0257-00-0sec
IEEE 802.21 presentation release statements This document has been prepared to assist the IEEE 802.21 Working Group. It is offered as a basis for discussion and is not binding on the contributing individual(s) or organization(s). The material in this document is subject to change in form and content after further study. The contributor(s) reserve(s) the right to add, amend or withdraw material contained herein. The contributor grants a free, irrevocable license to the IEEE to incorporate material contained in this contribution, and any modifications thereof, in the creation of an IEEE Standards publication; to copyright in the IEEE’s name any IEEE Standards publication even though it may include portions of this contribution; and at the IEEE’s sole discretion to permit others to reproduce in whole or in part the resulting IEEE Standards publication. The contributor also acknowledges and accepts that this contribution may be made public by IEEE 802.21. The contributor is familiar with IEEE patent policy, as stated in Section 6 of the IEEE-SA Standards Board bylaws <http://standards.ieee.org/guides/bylaws/sect6-7.html#6> and in Understanding Patent Issues During IEEE Standards Development http://standards.ieee.org/board/pat/faq.pdf> IEEE 802.21 presentation release statements This document has been prepared to assist the IEEE 802.21 Working Group. It is offered as a basis for discussion and is not binding on the contributing individual(s) or organization(s). The material in this document is subject to change in form and content after further study. The contributor(s) reserve(s) the right to add, amend or withdraw material contained herein. The contributor grants a free, irrevocable license to the IEEE to incorporate material contained in this contribution, and any modifications thereof, in the creation of an IEEE Standards publication; to copyright in the IEEE’s name any IEEE Standards publication even though it may include portions of this contribution; and at the IEEE’s sole discretion to permit others to reproduce in whole or in part the resulting IEEE Standards publication. The contributor also acknowledges and accepts that this contribution may be made public by IEEE 802.21. The contributor is familiar with IEEE patent policy, as outlined in Section 6.3 of the IEEE-SA Standards Board Operations Manual <http://standards.ieee.org/guides/opman/sect6.html#6.3> and in Understanding Patent Issues During IEEE Standards Development http://standards.ieee.org/board/pat/guide.html> 21-08-0257-00-0sec
Network Reference Model ASN: Access Service Network CSN: Connectivity Service Network MS: Mobile Station
ASN Reference Model With Single ASN-GW With multiple ASN-GW
ASN Security Architecture Functional Entities Authenticator Same as EAP authenticator Authentication Relay Relays EAP packets (unmodified) via an authentication relay protocol Key Distributor Key holder for MSK, PMK Distributes AK and context to key receiver via AK transfer protocol Key Receiver Key holder for AK & derives 802.16e specified keys from AK
ASN Security Architecture Integrated Model Authentication Relay Authentication Relay protocol Authenticator AK transfer protocol Key Receiver Key Distributor BS
ASN Security Architecture Standalone Model Authentication Relay Authenticator Authentication Relay protocol AK transfer protocol Key Receiver Key Distributor BS Single Device
Authentication Relay Protocol
Authentication & Authorization Authenticator ASN AAA Proxy (s) AAA Server Home CSN BS ASN Link Up & SBC exchange EAP request / Identity EAP response / Identity EAP over Radius/Diameter EAP Method (EAP-TLS, etc) MSK Transport Master session key (MSK) established in MS and AAA server Pairwise Master Key (PMK) established in MS and Authenticator Authorization key (AK) established in MS and authenticator AK transferred to the BS PKMv2 procedure (SA-TEK 3 way handshake) Registration Path establishment Supplicant MS PKMv2 Procedures
Handoff optimization guidelines Same Authenticator Domain AK is validated by signing and verifying a frame via the CMAC using the AK which is newly generated from the same PMK as long as the PMK remains valid Validating the AK is usually combined with the procedure of ranging which include 802.16e RNG-REQ and RNG-RSP with CMAC tuple Different Authenticator Domain PMK cannot be shared