Security
The security mechanism provided by WiMAX MAC has two objectives: the first to provide
the subscriber of the network services privacy across the wireless network and the
second to provide the network operator with protection from unauthorized use of its
services. In order to serve the first objective, a set of industry-standard cryptographic
suites are supported. Additionally, key management protocol is also defined for the
secure distribution of an encryption key from the BS to a select set of SSs. The key
management protocol also serves the purpose of meeting the second objective.
Authentication and Authorization SSs use the PKM protocol to obtain their authorization
and keys from the BS and to refresh those keys periodically. The PKM uses an
established shared secret, i.e., an Authorization Key (AK), between the SS and the BS.
The AK is used to secure subsequent exchanges of traffic keys.
The authorization process also involves initial authentication of the identity of SS by
means of a unique X.509 digital certificate of the SS. Once authenticated, the BS authorizes
the SS by issuing an AK that is used to derive a Key Encryption Key (KEK) and a
message encryption key.
Pages:
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077