doc.:IEEE /0908r3 Submission November 2011 Secure Enablement and CVS without Persistent Association Slide 1S.Abraham Qualcomm Incorporated Authors: November 7, 2011 NameAffiliationsAddressPhone Santosh Abraham Qualcomm, Inc 5775 Morehouse Dr., San Diego, CA Steve Shellhammer Qualcomm, Inc 5775 Morehouse Dr., San Diego, CA Philip Hawkes Qualcomm, Inc 77 King Street Sydney, New South Wales 2000 (Australia) Cameron McDonald Qualcomm, Inc 77 King Street Sydney, New South Wales 2000 (Australia) Jouni Malinen Qualcomm, Inc Hermiankatu 6-8 D Tampere, Finland Menzo Wentink Qualcomm, Inc Straatweg 66-S, Breukelen, (Netherlands) Dean Brenner Qualcomm, Inc Pennsylvania Ave N.W. Washington DC John Kuzin Qualcomm, Inc Pennsylvania Ave N.W. Washington DC

doc.:IEEE /0908r3 Submission November 2011 Abstract The submission provides techniques that allow a GDC dependent STA to remain enabled even if it disassociates from its GDC enabling STA. The amendment resolves an issue raised by CID 951 which highlights the need for Mode 1 APs. Due to the necessity of a secure association between a GDC dependent STA and its GDC enabling STA to obtain enablement and the requirement that an STA can have only one association, a GDC dependent STA cannot associate with a Mode 1 AP. This amendment proposes a method for a GDC Dependent STA to maintain a secure link with a GDC enabling STA while associated with another AP such as a Mode 1 AP. Slide 2S. Abraham, Qualcomm Inc. 9514The FCC requirement for embedded geo-location limits the placement of Mode II APs indoors, restricting placement to be near a window or another location where GPS lock can be obtained. This severely limits the placement of APs indoors. The standard needs support for a low-rate enabler which can be placed near a window where it can obtain GPS lock and can provide enablement to all the Mode I AP and STAs throughout the building. In addition, this makes it possible for Mode I APs to be used, which reduces the complexity of these APs since they no longer require embedded GPS. Add text from document IEEE /

doc.:IEEE /0908r3 Submission November 2011 Update This revision provides additional support (in the appendix) for the permissibility of Mode I APs. Slide 3S. Abraham, Qualcomm Inc.

doc.:IEEE /0908r3 Submission November 2011 Motivation FCC rules require secure transmission of –White space map (WSM) –Contact Verification Signal (CVS) –Encrypted transmission of WSM and CVS To comply with the above, for the current af draft a GDC dependent STA requires a continuous “secure association” to an GDC enabling AP Revmb does not permit more than one association, the enabling AP will have to also provide data services Therefore: –All APs will need to be enablers to associate dependent STAs –APs would have to be Mode II and accurate geo location capability We present an augmentation to the current GDC enablement protocol that keeps the (GDC) Enabling AP(E-AP) function separate from the data serving AP (S-AP) Slide 4S.Abraham Qualcomm Inc.

doc.:IEEE /0908r3 Submission November 2011 Network Operation with Separate Enabler Slide 5S. Abraham, Qualcomm Inc.

doc.:IEEE /0908r3 Submission November 2011 Proposed “Augmented” Enablement Flowchart Slide 6 S. Abraham, Qualcomm Inc.

doc.:IEEE /0908r3 Submission November 2011 Operation of Enablement Procedure D-STA associates with E-AP using a secure association procedure as required by the E-AP During the secure association the E-AP and D-STA generate an Enablement Key (EK) along with the PTK D-STA requests enablement from the E-AP using the enablement procedure. D-STA then disassociates from E-AP D-STA may then associate with any other AP, even other dependent APs (this AP is called the serving AP) All other communication from D-STA to E-AP use a “pull method” as described later Slide 7S. Abraham, Qualcomm Inc.

doc.:IEEE /0908r3 Submission November 2011 Obtaining a CVS from E-AP All messages between the E-AP and D-STA (after disassociation) use self protected action frames that are encrypted using the EK generated during the association D-STA obtains a CVS by requesting one from E-AP –CVS Request approach frees the E-AP from tracking the sleep state of the D-STA when sending the CVS When E-AP receives a CVS request, it responds with a CVS containing the CVSIE if it is able to de-crypt the self protected action frame using the EK. Operation when CVS indicates new WSM-ID –D-STA sends self protected Channel Availability Query( CAQ) with reason result set to WSM –D-STA uses self protected CAQ response frame to send the WSM Slide 8S. Abraham, Qualcomm Inc.

doc.:IEEE /0908r3 Submission November 2011 Frame Formats CVS Request: –Only contains Category and Action field Slide 9S. Abraham, Qualcomm Inc. Self protected CVS: Similar to the CVS public action frame, with category field indicating self protected Self protected CAQ: For WSM Similar to CAQ public action frame with category field indicating self protected.

doc.:IEEE /0908r3 Submission November 2011 Appendix FCC Rules, Decisions, and Relevant TVBD Definitions and Terminology Slide 10S. Abraham, Qualcomm Inc.

doc.:IEEE /0908r3 Submission November 2011 A Mode I AP Is Permissible Under FCC TVWS Rules The FCC’s main goal in the TVWS proceeding is to provide as much flexibility as possible for unlicensed uses while fully protecting the reception of broadcast TV signals. See 2008 TVWS Order at para. 54 (“we are providing for operation of personal/portable devices under two different modes: 1) controlled by a fixed device or a Mode II personal/portable device and 2) independent. In each of these cases, our goal is to make the technical requirements as simple and as reliable as possible [and] to permit a wide range of unlicensed broadband uses and applications and while ensuring that the most appropriate and effective mechanisms are in place to protect TV and other licensed services. “) So long as a network has a single device acting in master mode – and thus protecting licensed users – it can enable any number of other devices acting as masters and clients. –See 2008 TVWS Order at para. 111 (“A network always has at least one device operating in master mode and also some devices that may be capable of operating only in client mode and some devices that may be capable of operating in either mode. All fixed TVBDs will be allowed to operate in master mode. Those personal/portable devices communicating on a master/client basis with a fixed device will be required to use channels/frequencies as directed by the fixed device. Thus, a personal/portable device operating under this arrangement will pose no more risk of interference to a licensed service than the fixed device, and because it will use less power will generally pose less risk of causing such interference.”) –See 2008 TVWS Order at para. 133 (“We envision that both the Mode I and Mode II approaches will often be incorporated into the same personal/portable device. That is, a personal/portable device could function as a master device when it is able to use geo-location/sensing and database access to identify unused TV channels in its area. If it cannot rely on these techniques but is near a fixed device or another personal/portable device that can act as a master, it could operate in client mode if it makes contact with a master station.”) A Mode I AP is fully consistent with the FCC’s definition of a Mode I personal/portable device as well as the other definitions on the following page. Slide 11S. Abraham, Qualcomm Inc.

doc.:IEEE /0908r3 Submission November 2011 TVBD Definitions Support This Interpretation TermDefinition Fixed deviceA fixed TVBD may … initiate and operate a network by sending enabling signals to one or more fixed TVBDs and/or personal/portable TVBDs. Fixed devices may provide to a Mode I personal/portable device a list of available channels on which the Mode I device may operate under the rules. Mode I personal/ portable device A personal/portable TVBD that does not use an internal geolocation capability and access to a TV bands database to obtain a list of available channels. A Mode I device must obtain a list of available channels on which it may operate from either a fixed TVBD or Mode II personal/portable TVBD. A Mode I device may not initiate a network of fixed and/or personal/portable TVBDs nor may it provide a list of available channels to another Mode I device for operation by such device. Mode II personal/ portable device A personal/portable TVBD that uses an internal geo-location capability and access to a TV bands database, either through a direct connection to the Internet or through an indirect connection to the Internet by way of fixed TVBD or another Mode II TVBD, to obtain a list of available channels. A Mode II device may select a channel itself and initiate and operate as part of a network of TVBDs, transmitting to and receiving from one or more fixed TVBDs or personal/portable TVBDs. A Mode II personal/portable device may provide its list of available channels to a Mode I personal/portable device for operation on by the Mode I device Network initiation The process by which a fixed or Mode II TVBD sends control signals to one or more fixed TVBDs or personal/portable TVBDs and allows them to begin communications. Slide 12S. Abraham, Qualcomm Inc.

doc.:IEEE /0908r3 Submission November 2011 IEEE TermDefinition APAn entity that contains one station (STA) and provides access to the distribution services, via the wireless medium (WM) for associated STAs. From Draft Revmb Serving AP (S-AP) AP that is associated with the STA providing connectivity to external networks. Serving AP may contain a GDC Enabling STA or a GDC Dependent STA New GDC Enabling STA A STA that has the authority to control the operation of GDC dependent STAs after obtaining available spectrum for use at its own location. From 11af Draft 1.02 Enabling AP (E-AP) GDC enabling STA that is an APNew GDC Dependent STA (D-STA) A STA that is under the control of Geo-location Database Controlled enabling STA From 11af Draft 1.02 Slide 13S. Abraham, Qualcomm Inc.

doc.:IEEE /0908r3 Submission November 2011 Part Certified operating frequency range On one of the conference calls it was brought up that we need to review FCC Part , which is copied below: Slide 14S. Abraham, Qualcomm Inc. Client devices that operate in a master/client network may be certified if they have the capability of operating outside permissible Part 15 frequency bands, provided they operate on only permissible Part 15 frequencies under the control of the master device with which they communicate. Master devices marketed within the United States must be limited to operation on permissible Part 15 frequencies. Client devices that can also act as master devices must meet the requirements of a master device. For the purposes of this section, a master device is defined as a device operating in a mode in which it has the capability to transmit without receiving an enabling signal. In this mode it is able to select a channel and initiate a network by sending enabling signals to other devices. A network always has at least one device operating in master mode. A client device is defined as a device operating in a mode in which the transmissions of the device are under control of the master. A device in client mode is not able to initiate a network Observations Master devices send enabling signals. Client devices are under the control of a master and cannot initiate a network. A single device can operate as a master or a client depending on its mode of operation. A TV band device is an unlicensed (i.e., Part 15) RF device that operates on open broadcast TV channels. See § (m).

doc.:IEEE /0908r3 Submission November 2011 KDB Restrictions on Software Configuration for devices not approved as Software Defined Radios Slide 15 S. Abraham, Qualcomm Inc. On one of the conference calls we were asked to review KDB A relevant excerpt from that KDB is provided below: Many devices referred to by the Wi-Fi industry as "client devices" may not meet the definition of a Section client, and must be approved as master devices on U.S. authorized frequencies, and must operate in accordance with the grant conditions. To qualify as a Section client, a device cannot initiate, or be configured to initiate, any transmission including probes, beacons, or ad-hoc mode transmissions. If a device supports such network initiating functions, it shall be approved as a master device for that particular band. This includes devices that support Wi-Fi Direct modes in the bands where the device is capable of becoming a Group Owner must be approved as master devices under Section Observations While it is clear that a Mode 1 AP cannot initiate the transmission of a probe or a beacon, in , no AP “initiates” the transmission of probes. The transmission of a probe is an autonomous decision at a client device (e.g., a laptop) af has very clear rules stating that any transmission (including a probe) can only be done after seeing a beacon from a Fixed or Mode 2 device. Hence we comply with the KDB. Mode 1 APs do not initiate the transmission of a beacon autonomously. They transmit a frame (including the beacon) only after being given permission by a Fixed or Mode 2 AP. Also, the beacons from a Mode 1 AP do not by themselves provide permission for any other STAs to transmit.

doc.:IEEE /0908r3 Submission November 2011 Mode 1 APs are Permitted An IEEE AP provides access to the distribution system for associated STAs. This device may be an FCC Mode I device. This FCC Mode I device may not enable other STAs by sending control signals to them to allow them to begin transmitting in the TVWS. That must be done by a device acting as a Mode II Enabling AP. Slide 16S. Abraham, Qualcomm Inc.

doc.:IEEE /0908r3 Submission November 2011 References Link to KDB – Slide 17S. Abraham, Qualcomm Inc.