WiMAX Network Architecture 潘仁義國立中正大學通訊工程學系

WiMAX Network Architecture 潘仁義國立中正大學通訊工程學系 jypan@ccu.edu.tw

Outline WiMAX Introduction WiMAX QoS & Flow Network Working Group (NWG) Network Reference Model Network Entry Authentication, Authorization, and Key Hierarchy IP Configuration Setup Mobility Management QoS Functional Model

WiMAX Worldwide Interoperability for Microwave Access The Institute of Electrical and Electronics Engineers (IEEE) 802 committee (802.16 ). Orthogonal Frequency Division Multiplexing (OFDM) (carriers of width of 5MHz or greater can be used ) connectivity at speeds up to 70 Mbps provide high speed access to about 60 businesses at T1 speeds. can serve up to a thousand homes in term of DSL speed.

802.16 History The initial 802.16 standard in 2002, operates in the 10-to-66-GHz frequency band and requires LOS towers. The 802.16a extension, ratified in March 2003 allows use of 2 to 11 GHz frequency. It boasts a 50 km range and 74.7Mbit/sec. Data transfer rates and doesn't require LOS transmission.

802.16 History 802.16b Quality of service 802.16c Interoperability, with protocols and test-suite structures 802.16d Fixing things not covered by 802.16c 802.16e Support for mobile as well as fixed broadband (802.16e-2005) 802.16f MIB 802.16g System/resource/handov er Management Interoperability 802.16j Relay Additional 802.16 standards :

Mobile WiMAX Mobile Technical Group (MTG) in WiMAX Forum develops the system profile for Mobile WiMAX system A Broadband wireless solution – Fix broadband network – Mobile broadband network Signaling – Orthogonal Frequency Division Multiple Access (OFDMA) – Scalable OFDMA Features High Data Rate Quality of Service Scalability Security Mobility

WiMAX entity Two components Subscriber Stations (SSs) Subscriber Stations (SSs) SS typically serves a building (business or residence) Base Station (BS) Base Station (BS) connected to public networks BS serves Subscriber Stations provide SS with first-mile (or last mile) access to public networks

Scenario

Introduction QoS supporting is a fundamental part of the WiMAX MAC-layer design. How does WiMAX support for QoS?

Connections A connection-oriented MAC architecture all downlink and uplink connections are controlled by the serving BS Each connection is identified by a connection identifier (CID)

A service flow is a unidirectional flow of packets with a particular set of QoS parameters is identified by a service flow identifier (SFID) The service flow characteristics of the connection provide the QoS for that packet Service flows

Comparisons of SFID & CID Service Flow ID (SFID) does not change upon HO across BSs belonging to a single NAP SFID shall be set just once when a layer 2 service flow is originally established, and SHALL NOT be modified by HOs. SFID shall be assigned when a new service flow is set up and shall be maintained as the same value at the Anchor Data Path Function in spite of HOs. Connection ID (CID) is defined as temporary in a particular cell coverage area. CID shall be refreshed whenever MS moves into a new cell. SFID identifies a particular Layer 2 session while CID specifies a particular logical radio link.

Operation Object Model

Service Flow Management Dynamic Service Change (DSC) Dynamic Service Delete (DSD) Dynamic Service Activate (DSA) NULL OPERATIONAL DSD DSA DSC

Dynamic Service Flow Change

Classifier A classifier is a set of matching criteria applied to each packet It consists of some protocol-specific packet matching criteria (destination IP address, for example) a classifier priority a reference to a CID. Classifiers can be added by dynamic signaling

Scheduler Associate packets into service flow Define QoS parameter for each service flow Dynamically establishing QoS-enabled service flows Associate QoS service flow with logical connections Classifier Scheduler BS MAC Priority queues MS1 MAC MS2 MAC QoS logical connections Service flow over QoS connections Service flows

Quality of Service Support

Scheduling services Four services are supported in 802.16 802.16-2004 Unsolicited Grant Service (UGS), Real-time Polling Service (rtPS), Non-real-time Polling Service (nrtPS), and Best Effort (BE). Five services are supported in 802.16e 802.16e- 2005 UGS (Unsolicited Grant Service) RT-VR (Real-Time -Variable Rate Service) NRT-VR (Non-Real Time -Variable Rate service) BE (Best Efforts) ERT-VR (Extended Real-Time Variable Rate)

Unsolicited Grant Service (UGS) support real-time data streams consisting of fixed-size data packets issued at periodic intervals Such as T1/E1 and Voice over IP without silence suppression INTERNET VoIP

Real-time Polling Service (rtPS) support real-time data streams consisting of variable-sized data packets that are issued at periodic intervals Such as moving pictures experts group (MPEG) video.

Non-real-time Polling Service (nrtPS) support delay-tolerant data streams consisting of variable-sized data packets for which a minimum data rate is required such as FTP

Best Effort (BE) support data streams for which no minimum service level is required and therefore may be handled on a space-available basis.

Extended Real-Time Variable Rate (ERT-VR) service support real-time applications with variable data-rates, which require guaranteed data and delay, for example VoIP with silence suppression.

WiMAX Forum The WiMAX Forum is a nonprofit organization formed in 2001 to enhance the compatibility and interoperability of equipment based on the IEEE 802.16 family of standards WiMAX Forum_Network Working Group (NWG) define Stage 1: Use case scenarios and service requirements and defined along with Service Provider Working Group Stage 2: Architecture Tenets, Reference Model and Reference Points Stage 3: Detailed Protocols and Procedures

WiMAX Working Group Application Working Group (AWG) Define applications over WiMAX that are necessary to meet core competitive offerings Certification Working Group (CWG) Handles the operational aspects of the WiMAX Forum Certified program. Evolutionary Technical Working Group (ETWG) Maintains existing OFDM profiles, develops additional fixed OFDM profiles, and develops technical specifications for the evolution of the WiMAX Forum's OFDM based networks from fixed to nomadic to portable, to mobile. Global Roaming Working Group (GRWG) Assures the availability of global roaming service for WiMAX networks in a timely manner as demanded by the marketplace. Marketing Working Group (MWG) Promotes the WiMAX Forum, its brands and the standards which form the basis for worldwide interoperability of BWA systems.

WiMAX Working Group Network Working Group (NWG) Creates higher level networking specifications for fixed, nomadic, portable and mobile WiMAX systems, beyond what is defined in the scope of 802.16. Regulatory Working Group (RWG) Influences worldwide regulatory agencies to promote WiMAX-friendly, globally harmonized spectrum allocations. Service Provider Working Group (SPWG) Gives service providers a platform for influencing BWA product and spectrum requirements to ensure that their individual market needs are fulfilled. Technical Working Group (TWG) The main goal of the TWG is to develop technical product specifications and certification test suites for the air interface based on the OFDMA PHY.

Relationship between the scopes of WiMAX NWG and 802.16 From IEEE 802.16 to WiMAX NWG build an interoperable broadband wireless network. Interoperable networks involve end-to-end service such as IP connectivity and session management, security, QoS, and mobility.

Tenets for WiMAX Network Systems Architecture Based on …… a packet-switched framework IEEE 802.16 standard and IETF RFCs Decoupling of access architecture from connectivity IP services Specifying open, published and accepted standards SHALL NOT preclude inter-technology handover SHALL support seamless handovers at up to vehicular speeds All-IP Network !

WiMAX Network Reference Model

Decomposed ASN into BS and ASN GW entities

Entities of the WiMAX Network Reference Model (1/2) ASN: Access Serving Network Logical representation of the functions of a NAP, e.g.  802.16 interface network entry and handover  Radio Resource Management & Admission ctrl.  L2 Session/mobility management  QoS and Policy Enforcement  Foreign Agent (FA)  Forwarding to selected CSN

Entities of the WiMAX Network Reference Model (2/2) CSN: Connectivity Serving Network Logical representation of the functions of a NSP, e.g.  Connectivity to the Internet, ASPs  Authentication, authorization and accounting  IP address management  L3 Mobility and roaming between ASNs  Policy & QoS management based on a SLA

Network Reference point (1/2) R1: Reference point between MS and BS: implements IEEE 802.16e-2005. R2: Reference point between MS and ASN-GW or CSN: logical interface used for authentication, authorization, IP host configuration and mobility management. R3: Reference point between ASN and CSN: supports AAA, policy enforcement, and mobility –management capabilities. Implements tunnel between ASN and CSN. R4: Reference point between ASN and ASN: used for MS mobility across ASNs.

Reference point (2/2) R5: Reference point between CSN and CSN: used for internetworking between home and visited network. R6: Reference point between BS and ASN: implements intra- ASN tunnels and used for control plane signaling. R7: Reference point between data and control plane in ASN- GW: used for coordination between data and control plane in ASN-GW. R8: Reference point between BS and BS: used for fast and seamless handover.

WiMAX Network Reference Model(2/2)

ASN Profile A Functional View

ASN-GW Reference model

Link model for Profiles A &C

Internetworking with 3GPP Scope WiMAX-3GPP Interworking refers to the integration of a WiMAX Access Network to an existing 3GPP core network.

802.16e network entry In a WiMAX network, a full network entry includes four stages: a. Network Discovery and Selection b. Access Authentication c. IP Configuration Setup d. Data Transfer IP Configuration Setup

Network entry A WiMAX subscriber station has to complete the network entry process, in order to communicate on the network. Steps: Scan for DL channel and establish synchronization with the BS Obtain transmit parameters (from UCD message) Perform initial ranging Negotiate basic capabilities Authorize MS and perform key exchange Establish IP connectivity Establish time of day Transfer operational parameters optional Set up connections

a)Downlink Channel Synchronization: When an SS wants to communicate on a WiMAX network, it first scans for available channels in the defined frequency list. On finding a DL channel, it tries to synchronize at the PHY level using the periodic frame preamble. Information on modulation and other DL and UL parameters is obtained by observing the DL Channel Descriptor (DCD) and the UL channel descriptor (UCD) of the DL channel.

b) Initial Ranging: An SS starts an Initial ranging process by sending a ranging request MAC message using the minimum transmission power. If no response is received from the BS, the SS resends the message on a subsequent frame using a higher transmission power. The response either indicates power and timing corrections that the SS must make or indicates success. Purpose: The process by which the SS and BS maintain the quality of RF communication link between them. When ranging finished, the BS would allocate Basic CID and Primary management CID to SS

Ranging(2/2) Periodic ranging Allows SS to adjust transmission parameters and maintain uplink communication with the BS.

c) Exchanging Capabilities: After successful completion of the initial ranging step, the SS sends capability request message indicating the supported modulation level, coding scheme and rates and duplexing methods. The MS and ASN also SHALL negotiate the PKM version, PKMv2 security capabilities and authorization policy including requirements and support for Device Authentication.

d) Authentication: After capability negotiation, the BS authenticates the SS, determines the ciphering algorithm to be used, and sends an authentication response to the SS. e) Registration: After authentication, the SS sends a registration request message to the BS and the BS sends a registration response, with a secondary management CID for IP configuration

f) IP Connectivity: After registration, the SS gets the IP address via DHCP. The SS also downloads other operational parameters using TFTP. g) Connection Creation: After completing the IP connectivity step, transport connections are created. For preprovisioned service flows, the BS sends a dynamic service flow addition request message to the SS and SS confirms the creation of connection. For non-preprovisioned service flows, connection creation is initiated by the SS by sending a dynamic service flow addition request message to the BS. The BS responds with the confirmation.

Network Discovery and Selection NAP discovery NSP Access discovery NSP Enumeration and selection ASN attachment based on NSP Selection

NAP and NSP Discovery “1” to indicate one or more NSPs As per “6.3.2.3.63 Service Identity Information (SII-ADV) message”, a BS may use the SII-ADV message to broadcast a list of Network Service Provider (NSP) Identifiers. The MS MAY include the Visited NSP ID TLV in the SBC-REQ message to solicit BS transmittal of the Visited NSP Realm TLV in the SBC-RSP message.

ASN Attachment based on NSP Selection MS_1@NSP_1.com NSP_4!MS_2@NSP_1.com

Why encryption? Encryption a mechanism that protects data confidentiality and integrity plaintext to ciphertext

Encryption Encryption is always applied to the MAC PDU payload; the generic MAC header is not encrypted; some management messages are not encrypted.

Encryption -- WiMAX WiMAX uses the Advanced Encryption Standard (AES) to produce ciphertext.AES Receiver of the ciphertext simply reverses the process to recover the plaintext.

Public key infrastructure The WiMAX 802.16e-2005 standard uses the Privacy and Key Management Protocol version 2 (PKMv2) for securely transferring keying material between the base station and the mobile station. PKMv2’s components X.509 digital certificates RSA public-key algorithm Strong encryption algorithm to perform key exchanges between SS to BS. PKMv2 mechanism Validates user identity and establishes an authorization key (AK) AK is used to derive the encryption keys, e.g. KEK, CMAC_KEY Supports device and user authentication between MS and home CSN (PKMv1 only for device)

Public key infrastructure PKMv2 supports the use of the Rivest-Shamir-Adlerman (RSA) public key cryptography exchange.Rivest-Shamir-Adlerman public key cryptography RSA public key exchange requires that the mobile station establish identity using either a manufacturer-issued X.509 digital certificate (Device Credential, called Device-Cert) or an operator-issued credential such as a subscriber identity module (SIM) card (Subscriber Credential, called Subscriber Root Key, SUBC).X.509 digital certificateSIM X.509 digital certificate contains the mobile station's Public-Key (PK) and its MAC address.MAC address

X.509 加密資料 (public key) 解密資料 (private key)

Authentication, Authorization and Accounting The WiMAX AAA framework is based on IETF specifications. The term AAA is used to refer to the AAA protocols, Radius or Diameter. The AAA framework provides the following services to WiMAX: Authentication Services These include MS, user, or combined MS and user authentication. Authorization Services These include the delivery of information to configure the session for access, mobility, QoS and other applications. Accounting Services These include the delivery of information for the purpose of billing (both prepaid and post paid billing) and information that can be used to audit session activity by both the home NSP and visited NSP.

ASN security architecture (1/2) The mobile station transfers the X.509 digital certificate to the WiMAX network, which then forwards the certificate to a certificate authority. The certificate authority validates the certificate, thus validating the user identity.

ASN security architecture (2/2)

User/Device Authentication Protocol layering

Public key infrastructure Once the user identity is validated, the WiMAX network uses the public key to create the authorization key, and sends the authorization key to the mobile station. The mobile station and the base station use the authorization key to derive an identical encryption key that is used with the AES algorithm.

Privacy Key Management Subscriber Station Base Station 1. Authentication Information Message 2. Authorization Request (X.509(Public, Mac address), cryptographic, SS ID 3. Authentication Reply (public [AK], AK Sequence, AK lifetime, SAID) 4. Key Request (AK key Sequence, SAID, HMAC-Digest) 5. Key Reply (AK key Sequence, SAID, KEK [Old-TEK], KEK [New-TEK], HMAC-Digest) 6. TEK Encryption AK Encryption TEK Encryption

Keys in 802.16 PKMv2 Master Session Key (MSK) 512 bits, generated in EAP process Known by AAA peer, AAA server, and authenticator Pairwise Master Key (PMK) 160 bits, derived from MSK Known by authenticator and AAA peer Authorization Key (AK) 160 bits, derived from PMK(1+2), SS MAC, BS ID Key Encryption Key (KEK) 128 bits, derived from AK, SS MAC, BS ID Traffic Encryption Key (TEK) distributed by the BS refreshed periodically encrypted by KEK Traffic is encrypted / decrypted by TEK Device credential issued by manufacturer Subscriber credential issued by operator Extended Master Session Key (EMSK) 512 bits, generated in EAP known by AAA peer and server for generating Mobile IP Root Key in CSN CMAC_*KEY_* 128 bits, derived from AK, SS MAC, BS ID For Message Integrity Check

WiMAX Key Hierarchy and Distribution for ASN for CSN

PKMv2 Procedures Link activation triggers EAP Routing based on NAI realm PKMv2 three-way handshake for mutual authentication CMAC for MAC management messages protection KEK for encryption of TEK

Pairwise Key Management

User Authentication (2/2)

MS-to-Network Initial Authentication Flow (1/2)

MS-to-Network Initial Authentication Flow ( 2/2 )

IP Configuration Setup Point of Attachment (PoA) address has to be routable in the CSN and ASN, and SHALL be assigned from the CSN address space For portable and mobile access, the PoA SHALL be assigned from either Home NSP or Visited NSP, corresponding to the Home address (HoA) Fixed and nomadic access scenarios DHCP Mobile access scenarios PMIP4 / CMIP4 / PMIP6 / CMIP6

H-AAA HA

IP Configuration Setup Procedure (Proxy Mobile IP)

Proxy Mobile IP

IP Configuration Setup Procedure (Client Mobile IPv4, CMIPv4 )

Foreign Agent (FA) Home Agent (HA) Corresponded Node (CN) Mobile Node (MN) Binding Update Data Transmission Home Network Foreign Network Mobile IPv4 (MIP)

IP Configuration Setup Procedure (Client Mobile IPv6,CMIP6 )

Mobility Management MAC layer handover procedures Handoff process Three levels of association Two optional modes of HO decision and initiation Intra-ASN mobility ASN Anchored Mobility inter-ASN mobility ASN Anchored Mobility (Profile A & C) CSN Anchored Mobility

Mobility scenario

Stages of Handoff Process Cell reselection MS may use Neighbor BS information in MOB_NBR-ADV or scan Neighbor BS for handing over to potential target BS. HO Decision and Initiation A handover begins with a decision for an MS to handover from a serving BS to a target BS. The decision may originate either at the MS, the serving BS, or on the network. Termination with the Serving BS After the handover request/response handshake has completed, the MS may begin the actual HO. During the HO process, the MS terminates service with the serving BS by sending a MOB_HO-IND message. Network entry/re-entry

Three levels of association Association an optional initial ranging procedure in scanning interval enables the MS to acquire service information for proper selection of HO target and/or expediting a potential future handover to a target BS. Level 0: Scan / Association without coordination The Serving BS allocates periodic intervals where the MS may range neighboring BSs; the Target BS provides only contention-based ranging allocations. Level 1: Association with coordination The Serving BS coordinates association between the MS and neighboring BSs, with unique code and transmission opportunity to prevent collision. Level 2: Network assisted association reporting The MS is required only to transmit the CDMA ranging code at the neighbor BS. The Serving BS may aggregate all ranging related information (e.g. PHY offsets and CIDs from BSs) into a single MOB_ASC_REPORT message.

Two optional modes of HO decision and initiation Diversity Set A list of BSs that are involved in handoff process with MS Macro Diversity Handover (MDHO) MS may transmit to and receive from BSs in Diversity Set at the same time Fast BS Switching (FBSS) An Anchor BS is defined among the BSs in Diversity Set MS only communicates with the Anchor BS for UL and DL messages including management and traffic connections. Transition from one Anchor BS to another (“switching”) in Diversity Set is performed without invocating HO procedure

Two Mobility Levels in WiMAX ASN anchored mobility or micro mobility The MS moves between Data Path Functions while maintaining the same anchor FA sitting at the northbound edge of the ASN network The data flow between CSN and Data Path Functions pivots at the anchor FA. CSN is unaware of any mobility that occurs between ASN Data Plane Functions CSN Anchored Mobility Management or macro mobility The MS changes to a new anchor FA The new FA and CSN exchange signaling messages to establish data forwarding path

ASN Anchored Mobility Management(1/3) ASN Anchored Mobility Management is defined as mobility of an MS not involving a CoA update (MIP re-registration)

ASN anchor Mobility (2/3)

ASN anchored mobility (3/3)

HO Function Network Transaction

CSN Anchored mobility For CSN Anchored Mobility Management two variants of the MIP protocols are supported: Client MIP (CMIP) CMIP is an IETF compliant MIP solution based on a Mobile IP enabled MS. CSN Anchored Mobility Management will cover CMIP based mobility schemes for IPv4 and IPv6. Proxy MIP (PMIP) Proxy MIP is an embodiment of the standard Mobile IP framework in which an MN is transparently instanced in the access network on behalf of a client that is not MIP-aware or MIP-capable.

CSN Anchor mobility ( R3-mobility ) Re-anchoring of the current FA to a new FA and the consequent binding updates to update the upstream and downstream data forwarding paths.

CSN to ASN Anchored Mobility Management Relationship (1/2)

CSN to ASN Anchored Mobility Management Relationship (2/2)

QOS IEEE 802.16 MAC is connection oriented. Each connection, upon establishment, subscribes to one of the scheduled services Resource allocation, admission, and scheduling is controlled the base station

QoS Functional Elements Service Flow Management (SFM) responsible for the creation, admission, activation, modification and deletion of 802.16 service flows. Service Flow Authorization (SFA) Evaluate any service request against user QoS profile. AF: Application Function e.g., SIP Proxy PF: Policy Function Maintained information includes H-NSP's general policy rules LPF: Local Policy Function enforce admission control based on available resources

Pre-provisioned service flow

References Applications for 802.16-2004 and 802.16e WiMAX Networks, WiMAX Forum. Air Interface for Fixed Broadband Wireless Access Systems, IEEE Standard. (IEEE 802.16-2004) Air Interface for Fixed and Mobile Broadband Wireless Access Systems, IEEE Standard. (IEEE 802.16e-2005) Wimax forum WiMAX End-to-End Network Systems Architecture (Stage 2), Release 1, Version 1.3.0, September 21, 2008 Wimax forum WiMAX End-to-End Network Systems Architecture (Stage 3: Detailed Protocols and Procedures), Release 1, Version 1.3.0 September 21, 2008

WiMAX Network Architecture 潘仁義國立中正大學通訊工程學系

Similar presentations

Presentation on theme: "WiMAX Network Architecture 潘仁義國立中正大學通訊工程學系"— Presentation transcript:

Similar presentations

About project

Feedback

Log in

Auth with social network:

WiMAX Network Architecture 潘仁義 國立中正大學通訊工程學系

Similar presentations

Presentation on theme: "WiMAX Network Architecture 潘仁義 國立中正大學通訊工程學系"— Presentation transcript:

Similar presentations

About project

Feedback

WiMAX Network Architecture 潘仁義國立中正大學通訊工程學系

Presentation on theme: "WiMAX Network Architecture 潘仁義國立中正大學通訊工程學系"— Presentation transcript: