Embed Size (px)
Citation preview
The 80216 The 80216 WirelessMANWirelessMANtrade MACtrade MAC
Itrsquos Done but What Is ItItrsquos Done but What Is It
creating the IEEE 80216 creating the IEEE 80216 WirelessMANWirelessMANtrade Standard for Wireless Metropolitan Area Networkstrade Standard for Wireless Metropolitan Area Networks
httphttpWirelessMANWirelessMANorgorg
IEEE 80216-0158r12001-11-12
Presentation AuthorsPresentation Authors
bullbull Roger B Marks NIST (Chair 80216)Roger B Marks NIST (Chair 80216)
bullbull Carl Carl EklundEklund Nokia (80216 TG1 MAC Chair) Nokia (80216 TG1 MAC Chair)
bullbull Ken Stanwood Ensemble CommunicationsKen Stanwood Ensemble Communications
bullbull Stanley Wang Ensemble CommunicationsStanley Wang Ensemble Communications
OutlineOutline
bullbull Overview IEEE 80216 Air Interface StandardOverview IEEE 80216 Air Interface Standardndashndash P80216P80216 Air Interface (MAC and 10 - 66 GHz PHY)Air Interface (MAC and 10 - 66 GHz PHY)ndashndash P80216aP80216a Amendment 2-11 GHz (licensed)Amendment 2-11 GHz (licensed)ndashndash P80216bP80216b Amendment (license-exempt)Amendment (license-exempt)
bullbull PHY considerations in the 80216 MACPHY considerations in the 80216 MAC
bullbull The 80216 MAC as defined in P80216D5The 80216 MAC as defined in P80216D5
bullbull MAC Enhancements under developmentMAC Enhancements under development
IEEE 80216 HistoryIEEE 80216 History
bullbull SponsorsSponsorsbullbull IEEE Computer SocietyIEEE Computer Society
bullbull IEEE Microwave Theory and Techniques SocietyIEEE Microwave Theory and Techniques Society
bullbull Project Development Summer 1998Project Development Summer 1998
bullbull IEEE 802 Tutorial November 1998IEEE 802 Tutorial November 1998
bullbull IEEE Study GroupIEEE Study Groupbullbull November 1998-March 1999November 1998-March 1999
bullbull Session 1 July 1999Session 1 July 1999
bullbull Session 16 November 2001Session 16 November 2001
IEEE 80216 by the NumbersIEEE 80216 by the Numbers
bullbull 163 Members163 Members
bullbull 67 ldquoPotential Membersrdquo67 ldquoPotential Membersrdquo
bullbull 62 Official Observers62 Official Observers
bullbull 700 different individuals have attended a700 different individuals have attended asessionsession
bullbull 28 Million file downloads in year 200028 Million file downloads in year 2000
bullbull Members and Potential Members fromMembers and Potential Members frombullbull 10 countries10 countries
bullbull gt110 companiesgt110 companies
IEEE 80216 ProjectsIEEE 80216 Projectsbullbull Air Interface (Air Interface (PHYsPHYs with common MAC) with common MAC)
bullbull P80216 10-66 GHzP80216 10-66 GHzbullbull Completed IEEE Sponsor BallotCompleted IEEE Sponsor Ballot
bullbull On On RevCom RevCom agenda for December 5 2001agenda for December 5 2001
bullbull P80216a 2-11 GHzP80216a 2-11 GHzbullbull Licensed bands onlyLicensed bands only
bullbull Expect OK to launch WG Letter Ballot this weekExpect OK to launch WG Letter Ballot this week
bullbull P80216b 5-6 GHzP80216b 5-6 GHzbullbull License-exempt (ldquoLicense-exempt (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
bullbull Expect OK to launch WG Letter Ballot this weekExpect OK to launch WG Letter Ballot this week
bullbull CoexistenceCoexistencebullbull IEEE 802162 (10-66 GHz)IEEE 802162 (10-66 GHz)
bullbull Published in September 2001Published in September 2001
bullbull P802162a amendment w 2-11 P802162a amendment w 2-11 GHz GHz licensedlicensed
IEEE P80216IEEE P80216
Standard Air Interface for FixedStandard Air Interface for FixedBroadband Wireless AccessBroadband Wireless Access
SystemsSystems
IEEE P80216 HistoryIEEE P80216 Historybullbull July-September 1999July-September 1999 Functional Requirements Functional Requirements
bullbull November 1999November 1999 Proposals (14 for MAC) Proposals (14 for MAC)
bullbull January 2000January 2000 2 Consolidated Proposals 2 Consolidated Proposalsndashndash 1 MAC proposal based on DOCSIS1 MAC proposal based on DOCSIS
ndashndash 1 not1 not
bullbull May 2000May 2000 Plan to Merge 2 Proposals Plan to Merge 2 Proposals
bullbull August 2000August 2000 Rev 0 Rev 0
bullbull until February 2001until February 2001 Working Group Review Working Group Reviewndashndash formal comment processformal comment process
bullbull February-August 2001February-August 2001 WG Letter Ballot WG Letter Ballot
bullbull August-October 2001August-October 2001 IEEE Sponsor Ballot IEEE Sponsor Ballot
bullbull 5 December 20015 December 2001 RevCom RevCom approval agendaapproval agenda
P80216 ScopeP80216 Scope
Specifies the Specifies the air interfaceair interface including the medium including the mediumaccess control layer (access control layer (MACMAC) and physical layer) and physical layer((PHYPHY) of ) of fixedfixed point-to-multipointpoint-to-multipoint broadband broadbandwireless access systems providing wireless access systems providing multiplemultipleservicesservices The medium access control layer is The medium access control layer iscapable of supporting capable of supporting multiple physical layermultiple physical layerspecifications optimized for the frequency bands ofspecifications optimized for the frequency bands ofthe application The standard includes a the application The standard includes a particularparticularphysical layerphysical layer specification broadly applicable to specification broadly applicable tosystems operating systems operating between 10 and 66 GHzbetween 10 and 66 GHz
Point-to-MultipointPoint-to-Multipoint
Wireless MAN not a LANWireless MAN not a LANbullbull Base Station (BS) connected to public networksBase Station (BS) connected to public networks
bullbull BS serves Subscriber Stations (BS serves Subscriber Stations (SSsSSs))ndashndash BS and SS are stationaryBS and SS are stationary
ndashndash SS typically serves a building (business or residence)SS typically serves a building (business or residence)
ndashndash provide SS with first-mile access to public networksprovide SS with first-mile access to public networks
bullbull Multiple services with different Multiple services with different QoSQoS priority prioritysimultaneouslysimultaneously
Reference ModelReference Model
PHY Considerations thatPHY Considerations that
Effect the MAC (10-66 Effect the MAC (10-66 GHzGHz))bullbull Broadband ChannelsBroadband Channels
ndashndash Wide channels (20 25 or 28 MHz)Wide channels (20 25 or 28 MHz)ndashndash High capacity ndash Downlink High capacity ndash Downlink AND AND UplinkUplink
bullbull Multiple AccessMultiple Accessndashndash TDMTDMATDMTDMAndashndash High rate burst modemsHigh rate burst modems
bullbull Adaptive Burst Profiles onAdaptive Burst Profiles on Uplink Uplink and and Downlink Downlinkbullbull Duplex scheme agnosticDuplex scheme agnostic
ndashndash Time-Division Duplex (TDD)Time-Division Duplex (TDD)ndashndash Frequency-Division Duplex (FDD) [including Burst FDD]Frequency-Division Duplex (FDD) [including Burst FDD]
bullbull Support for Half-Duplex TerminalsSupport for Half-Duplex Terminals
Adaptive PHYAdaptive PHY
(burst-by-burst(burst-by-burst adaptivity adaptivity not shown) not shown)
Adaptive Burst ProfilesAdaptive Burst Profiles
bullbull Burst profileBurst profilendashndash Modulation and FECModulation and FEC
bullbull Dynamically assigned according to link conditionsDynamically assigned according to link conditionsndashndash Burst by burst per subscriber stationBurst by burst per subscriber station
ndashndash Trade-off capacity vs robustness in Trade-off capacity vs robustness in real timereal time
bullbull Roughly doubled capacity for the same cell areaRoughly doubled capacity for the same cell area
bullbull Burst profile for Burst profile for downlinkdownlink broadcast channel is well- broadcast channel is well-knownknownndashndash All other burst profiles could be configured ldquoon the flyrdquoAll other burst profiles could be configured ldquoon the flyrdquo
ndashndash Subscriber station capabilities recognized at registrationSubscriber station capabilities recognized at registration
Duplex Scheme SupportDuplex Scheme Support
bullbull OnOn downlink downlink SS is associated with a specific burst SS is associated with a specific burstbullbull OnOn uplink uplink SS is allotted a variable length time slot SS is allotted a variable length time slot
for their transmissionsfor their transmissionsbullbull Time-Division Duplex (TDD)Time-Division Duplex (TDD)
ndashndash DownlinkDownlink amp amp Uplink Uplink time share the same RF channel time share the same RF channelndashndash Dynamic asymmetryDynamic asymmetryndashndash SS does not transmit amp receive simultaneously (low cost)SS does not transmit amp receive simultaneously (low cost)
bullbull Frequency-Division Duplex (FDD)Frequency-Division Duplex (FDD)ndashndash DownlinkDownlink amp amp Uplink Uplink on separate RF channels on separate RF channelsndashndash Static asymmetryStatic asymmetryndashndash Half-duplex Half-duplex SSsSSs supported supported
bullbull SS does not transmit amp receive simultaneously (low cost)SS does not transmit amp receive simultaneously (low cost)
TDD Frame (10-66 TDD Frame (10-66 GHzGHz))
TDD Downlink TDD Downlink SubframeSubframe
DIUC Downlink Interval Usage Code
Burst FDD FramingBurst FDD Framing
frame
Broadcast
Full Duplex Capable User
Half Duplex Terminal 1
Half Duplex Terminal 2
UPLINK
DOWNLINK
Allows scheduling flexibility
FDD Downlink FDD Downlink SubframeSubframe
TDMA portion transmits data to some half-duplex SSs (the onesscheduled to transmit earlier in the frame than they receive)
bull Need preamble to re-sync (carrier phase)
Baud Rates amp Channel SizeBaud Rates amp Channel Size
(10-66 (10-66 GHzGHz))bullbull Flexible plan - allows equipmentFlexible plan - allows equipment
manufactures to choose according tomanufactures to choose according tospectrum requirementsspectrum requirements
QPSK QPSK 16-QAM16-QAM 64-QAM64-QAMChannelChannel SymbolSymbol Bit Rate Bit Rate Bit Rate Bit Rate Bit RateBit RateWidthWidth RateRate (MHz)(MHz) ((MsymMsyms)s) ((MbitMbits) s) ((MbitMbits)s) ((MbitMbits)s)
2020 1616 3232 6464 969625 25 2020 40 40 80 80 12012028 28 224224 448 448 896 896 13441344
MAC RequirementsMAC Requirementsbullbull Provide Network AccessProvide Network Accessbullbull Address the Address the Wireless Wireless environmentenvironment
ndashndash eg very efficient use of spectrum eg very efficient use of spectrum
bullbull Broadband servicesBroadband servicesndashndash Very high bit rates downlink and uplinkVery high bit rates downlink and uplinkndashndash A range of QoS requirementsA range of QoS requirementsndashndash Ethernet IPv4 IPv6 ATM Ethernet IPv4 IPv6 ATM
bullbull Likelihood of terminal being sharedLikelihood of terminal being sharedndashndash Base Station may be heavily loadedBase Station may be heavily loaded
bullbull SecuritySecuritybullbull Protocol-Independent EngineProtocol-Independent Engine
ndashndash Convergence layers to ATM IP Ethernet Convergence layers to ATM IP Ethernet
bullbull Support both TDD and FDD in the PHYSupport both TDD and FDD in the PHY
80216 MAC Overview80216 MAC Overviewbullbull Point-to-MultipointPoint-to-Multipointbullbull Metropolitan Area NetworkMetropolitan Area Networkbullbull Connection-orientedConnection-orientedbullbull Supports difficult user environmentsSupports difficult user environments
ndashndash High bandwidth hundreds of users per channelHigh bandwidth hundreds of users per channelndashndash Continuous and burst trafficContinuous and burst trafficndashndash Very efficient use of spectrumVery efficient use of spectrum
bullbull Protocol-Independent core (ATM IP Ethernet hellip)Protocol-Independent core (ATM IP Ethernet hellip)bullbull Balances between stability of Balances between stability of contentionlesscontentionless and and
efficiency of contention-based operationefficiency of contention-based operationbullbull Flexible QoS offeringsFlexible QoS offerings
ndashndash CBR CBR rtrt-VBR -VBR nrtnrt-VBR BE with granularity within classes-VBR BE with granularity within classes
bullbull Supports multiple 80216 Supports multiple 80216 PHYsPHYs
Relationship to DOCSISRelationship to DOCSIS
bullbull ManagementManagementndashndash Dynamic service ldquoeditingrdquo protocol (AddChangeDelete)Dynamic service ldquoeditingrdquo protocol (AddChangeDelete)ndashndash Management message payload formatManagement message payload format
bullbull SecuritySecurityndashndash Authentication and PrivacyAuthentication and Privacy
bullbull Polling categoriesPolling categoriesbullbull Initial AccessInitial Access
ndashndash Slightly modified allowing terminal capability negotiationSlightly modified allowing terminal capability negotiation
bullbull Core MAC protocol engine is new design forCore MAC protocol engine is new design forWireless Metropolitan Area NetworksWireless Metropolitan Area Networks
DefinitionsDefinitionsbullbull Service Data Unit (SDU)Service Data Unit (SDU)
ndashndash Data units exchanged between adjacent layersData units exchanged between adjacent layers
bullbull Protocol Data Unit (PDU)Protocol Data Unit (PDU)ndashndash Data units exchanged between peer entitiesData units exchanged between peer entities
bullbull Connection and Connection IDConnection and Connection IDndashndash a unidirectional mapping between MAC peersa unidirectional mapping between MAC peers
over the over the airlinkairlink (uniquely identified by a CID) (uniquely identified by a CID)
bullbull Service Flow and Service Flow IDService Flow and Service Flow IDndashndash a unidirectional flow of MAC a unidirectional flow of MAC PDUsPDUs on a on a
connection that provides a particular QoSconnection that provides a particular QoS(uniquely identified by a SFID)(uniquely identified by a SFID)
ATM Convergence SublayerATM Convergence Sublayer
bullbull Support forSupport forndashndash VP (Virtual Path) switched connectionsVP (Virtual Path) switched connections
ndashndash VC (Virtual Channel) switched connectionsVC (Virtual Channel) switched connections
bullbull Support for end-to-end signaling ofSupport for end-to-end signaling ofdynamically created connectionsdynamically created connectionsndashndash SVCsSVCs
ndashndash soft soft PVCsPVCs
bullbull ATM header suppressionATM header suppression
bullbull Full QoS supportFull QoS support
Packet Convergence SublayerPacket Convergence Sublayer
bullbull Initial support for Ethernet IPv4 and IPv6Initial support for Ethernet IPv4 and IPv6
bullbull Payload header suppressionPayload header suppressionndashndash generic plus IP-specificgeneric plus IP-specific
bullbull Full QoS supportFull QoS support
bullbull Possible future support forPossible future support forndashndash PPPPPP
ndashndash MPLSMPLS
ndashndash etcetc
MAC AddressingMAC Addressing
bullbull SS has 48-bit IEEE MAC AddressSS has 48-bit IEEE MAC Address
bullbull BS has 48-bit Base Station IDBS has 48-bit Base Station IDndashndash Not a MAC addressNot a MAC address
ndashndash 24-bit operator indicator24-bit operator indicator
bullbull 16-bit Connection ID (CID)16-bit Connection ID (CID)ndashndash Used in MAC Used in MAC PDUsPDUs
MAC PDU TransmissionMAC PDU Transmission
bullbull MACMAC PDUs PDUs are transmitted in PHY bursts are transmitted in PHY bursts
bullbull A single PHY burst can contain multipleA single PHY burst can contain multipleConcatenated Concatenated MACMAC PDUs PDUs
bullbull The PHY burst can contain multiple FECThe PHY burst can contain multiple FECblocksblocks
bullbull MAC MAC PDUsPDUs may span FEC block boundaries may span FEC block boundaries
bullbull The TC layer between the MAC and theThe TC layer between the MAC and thePHY allows for capturing the start of the nextPHY allows for capturing the start of the nextMAC PDU in case of erroneous FEC blocksMAC PDU in case of erroneous FEC blocks
MAC PDU TransmissionMAC PDU Transmission
Preamble FEC block
Burst
MAC PDUs PDU 1 PDU 2 PDU 3 PDU 4 PDU 5
FEC 1 FEC 2 FEC 3
MAC PDUs
P
P
MAC Message SDU 1 SDU 2
MAC PDU formatMAC PDU format
bullbull The Generic MAC header has fixed formatThe Generic MAC header has fixed formatbullbull One or more MAC sub-headers may be part of theOne or more MAC sub-headers may be part of the
payloadpayloadbullbull The presence of sub-headers is indicated by a TypeThe presence of sub-headers is indicated by a Type
field in the Generic MAC headerfield in the Generic MAC header
Generic MAC HeaderGeneric MAC Header
FragmentationFragmentationbullbull Partitioning a MAC SDU into fragments transportedPartitioning a MAC SDU into fragments transported
in multiple MACin multiple MAC PDUs PDUs
bullbull Each connection can be in only a singleEach connection can be in only a singlefragmentation state at any timefragmentation state at any time
bullbull Contents of the fragmentation sub-headerContents of the fragmentation sub-header
ndashndash 2-bit Fragmentation Control (FC)2-bit Fragmentation Control (FC)bullbull UnfragmentedUnfragmented Last fragment First fragment Last fragment First fragment
Continuing fragmentContinuing fragment
ndashndash 3-bit Fragmentation Sequence Number (FSN)3-bit Fragmentation Sequence Number (FSN)bullbull required to detect missing continuing fragmentsrequired to detect missing continuing fragments
bullbull continuous counter across continuous counter across SDUsSDUs
PackingPacking
bullbull The process of combining multiple MACThe process of combining multiple MAC SDUs SDUs(or fragments thereof) into a single MAC PDU(or fragments thereof) into a single MAC PDU
bullbull On connections with variable length MAC On connections with variable length MAC SDUsSDUsndashndash Packed PDU contains a sub-header for each packedPacked PDU contains a sub-header for each packed
SDU (or fragment thereof)SDU (or fragment thereof)
bullbull On connections with fixed length MAC On connections with fixed length MAC SDUsSDUsndashndash No packing sub-header neededNo packing sub-header needed
bullbull Packing and fragmentation can be combinedPacking and fragmentation can be combined
bullbull Can in certain situations save up to 10 ofCan in certain situations save up to 10 ofsystem bandwidthsystem bandwidth
Packing Fixed-Length Packing Fixed-Length SDUsSDUs
Packing Variable-Length Packing Variable-Length SDUsSDUs
bullbull2 Byte Packing Sub-Header before each SDU2 Byte Packing Sub-Header before each SDUbullbullLength of the SDU 11 bitsLength of the SDU 11 bitsbullbullfragmentation control (FC) 2 bitsfragmentation control (FC) 2 bitsbullbullfragmentation sequence number (FS) 3 bitsfragmentation sequence number (FS) 3 bits
Packing with FragmentationPacking with Fragmentation
Downlink transmissionsDownlink transmissionsbullbull Two kinds of bursts TDM and TDMATwo kinds of bursts TDM and TDMA
bullbull All bursts are identified by a DIUCAll bursts are identified by a DIUC
ndashndash DownlinkDownlink Interval Usage Code Interval Usage Code
bullbull TDMA bursts haveTDMA bursts have resync resync preamble preamblendashndash allows for more flexible schedulingallows for more flexible scheduling
bullbull Each terminal listens to all bursts at its operationalEach terminal listens to all bursts at its operationalIUC or at a more robust one except when told toIUC or at a more robust one except when told totransmittransmit
bullbull Each burst may contain data for several terminalsEach burst may contain data for several terminals
bullbull SS must recognize the SS must recognize the PDUsPDUs with known CIDs with known CIDs
bullbull DL-MAP message signals downlink usageDL-MAP message signals downlink usage
Downlink Channel DescriptorDownlink Channel Descriptor
bullbull Used for advertising downlink burst profilesUsed for advertising downlink burst profiles
bullbull Burst profile of DL broadcast channel is well-Burst profile of DL broadcast channel is well-knownknown
bullbull All others are acquiredAll others are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the flywithout interrupting the servicewithout interrupting the servicendashndash Not intended as super-adaptive modulationNot intended as super-adaptive modulation
bullbull Establishes association between DIUC andEstablishes association between DIUC andactual PHY parametersactual PHY parameters
Burst profilesBurst profilesbullbull Each burst profile hasEach burst profile has
mandatory exit thresholdmandatory exit thresholdand minimum entryand minimum entrythresholdthreshold
bullbull SS allowed to request a lessSS allowed to request a lessrobust DIUC once above therobust DIUC once above theminimum entry levelminimum entry level
bullbull SS must request fall back toSS must request fall back tomore robust DIUC once atmore robust DIUC once atmandatory exit thresholdmandatory exit threshold
bullbull Requests to change DIUCRequests to change DIUCdone with DBPC-REQ ordone with DBPC-REQ orRNG-REQ messagesRNG-REQ messages
Downlink Map MessageDownlink Map Message
bullbull DL-MAP message defines usage ofDL-MAP message defines usage ofdownlink and contains carrier-specific datadownlink and contains carrier-specific data
bullbull DL-MAP is first message in each frameDL-MAP is first message in each frame
bullbull Decoding very time-criticalDecoding very time-criticalndashndash typically done in hardwaretypically done in hardware
bullbull Entries denote instants when the burstEntries denote instants when the burstprofile changesprofile changes
Uplink TransmissionsUplink Transmissionsbullbull Invited transmissionsInvited transmissions
bullbull Transmissions in contention slotsTransmissions in contention slotsndashndash Bandwidth requestsBandwidth requests
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Transmissions in initial ranging slotsTransmissions in initial ranging slotsndashndash Ranging Requests (RNG-REQ)Ranging Requests (RNG-REQ)
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Bursts defined by Bursts defined by UIUCsUIUCs
bullbull Transmissions allocated by the UL-MAP messageTransmissions allocated by the UL-MAP message
bullbull All transmissions have synchronization preambleAll transmissions have synchronization preamble
bullbull Ideally all data from a single SS is concatenated intoIdeally all data from a single SS is concatenated intoa single PHY bursta single PHY burst
Uplink Channel DescriptorUplink Channel Descriptor
bullbull Defines uplink burst profilesDefines uplink burst profiles
bullbull Sent regularlySent regularly
bullbull All Uplink Burst profiles are acquiredAll Uplink Burst profiles are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the fly
bullbull Establishes association between UIUCEstablishes association between UIUCand actual PHY parametersand actual PHY parameters
Uplink MAP MessageUplink MAP Message
bullbull UL-MAP message defines usage of the uplinkUL-MAP message defines usage of the uplink
bullbull Contains the grantsContains the grants
bullbull Grants addressed to the SSGrants addressed to the SS
bullbull Time given in mini-slotsTime given in mini-slotsndashndash unit ofunit of uplink uplink bandwidth allocation bandwidth allocation
ndashndash 22mm physical slots physical slotsbullbull in 10-66in 10-66 GHz GHz PHY physical slot is 4 symbols PHY physical slot is 4 symbols
bullbull TTime expressed as arrival time at BSime expressed as arrival time at BS
Classes of Uplink ServiceClasses of Uplink ServiceCharacteristic of the Service FlowCharacteristic of the Service Flow
bullbull Unsolicited Grant Services (UGS)Unsolicited Grant Services (UGS)ndashndash for constant bit-rate (CBR) or CBR-like servicefor constant bit-rate (CBR) or CBR-like service
flows (flows (SFsSFs) such as T1E1) such as T1E1
bullbull Real-time Polling Services (Real-time Polling Services (rtPSrtPS))ndashndash for for rtrt-VBR-like -VBR-like SFsSFs such as MPEG video such as MPEG video
bullbull Non-real-time Polling Services (Non-real-time Polling Services (nrtPSnrtPS))ndashndash for for nrtnrt SFsSFs with better than best effort service with better than best effort service
such as bandwidth-intensive file transfersuch as bandwidth-intensive file transfer
bullbull Best Effort (BE)Best Effort (BE)ndashndash for best-effort trafficfor best-effort traffic
Uplink Services - UGSUplink Services - UGS
bullbull No explicit bandwidth requests issued by SSNo explicit bandwidth requests issued by SS
bullbull Prohibited from using any contention requestsProhibited from using any contention requests
bullbull No No unicast unicast request opportunity providedrequest opportunity provided
bullbull May include a Grant Management (GM) sub-May include a Grant Management (GM) sub-header containingheader containingndashndash Slip indicator indicates that there is an backlog inSlip indicator indicates that there is an backlog in
the buffer due to clock skew or loss of mapsthe buffer due to clock skew or loss of maps
ndashndash Poll-me bit indicates that the terminal needs to bePoll-me bit indicates that the terminal needs to bepolled (allows for not polling terminals with UGS-polled (allows for not polling terminals with UGS-only services)only services)
Uplink Services - Uplink Services - rtPSrtPS
bullbull Intended for Intended for rtrt-VBR-like service flows such as-VBR-like service flows such asMPEG videoMPEG video
bullbull Prohibited from using any contention requestsProhibited from using any contention requestsbullbull Terminals polled frequently enough to meetTerminals polled frequently enough to meet
the delay requirements of the the delay requirements of the SFsSFsbullbull Bandwidth requested with BW requestBandwidth requested with BW request
messages (a special MAC PDU header)messages (a special MAC PDU header)bullbull May use Grant Management sub-headerMay use Grant Management sub-header
ndashndash new request can be piggybacked with eachnew request can be piggybacked with eachtransmitted PDUtransmitted PDU
Uplink Service - Uplink Service - nrtPSnrtPS
bullbull Intended for non-real-time service flows withIntended for non-real-time service flows withbetter than best effort servicebetter than best effort servicendashndash eg bandwidth-intensive file transfer eg bandwidth-intensive file transfer
bullbull Works like Works like rtrt-polling except that polls are-polling except that polls areissued less frequentlyissued less frequently
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
Uplink Service - BEUplink Service - BE
bullbull Generic dataGeneric datandashndash eg HTTP SMTP etceg HTTP SMTP etc
bullbull No QoS guaranteesNo QoS guarantees
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
RequestGrant SchemeRequestGrant Scheme
bullbull Self CorrectingSelf Correctingndashndash No acknowledgementNo acknowledgement
ndashndash All errors are handled in the same way ieAll errors are handled in the same way ieperiodical aggregate requestsperiodical aggregate requests
bullbull Bandwidth Requests are always per ConnectionBandwidth Requests are always per Connection
bullbull Grants are either per Connection (GPC) or perGrants are either per Connection (GPC) or perSubscriber Station (GPSS)Subscriber Station (GPSS)
ndashndash Grants (given as Grants (given as durationsdurations) are carried in the) are carried in theUL-MAP messagesUL-MAP messages
ndashndash SS needs to convert the time to amount of dataSS needs to convert the time to amount of datausing information about the UIUCusing information about the UIUC
GPSS vs GPCGPSS vs GPCbullbull Bandwidth Grant per Subscriber Station (GPSS)Bandwidth Grant per Subscriber Station (GPSS)
ndashndash Base station grants bandwidth to the subscriber stationBase station grants bandwidth to the subscriber stationndashndash Subscriber station may re-distribute bandwidth among itsSubscriber station may re-distribute bandwidth among its
connections maintaining QoS and service-levelconnections maintaining QoS and service-levelagreementsagreements
ndashndash Suitable for many connections per terminal off-loadingSuitable for many connections per terminal off-loadingbase stationrsquos workbase stationrsquos work
ndashndash Allows more sophisticated reaction to QoS needsAllows more sophisticated reaction to QoS needsndashndash Low overhead but requires intelligent subscriber stationLow overhead but requires intelligent subscriber stationndashndash Mandatory for P80216 10-66 GHz PHYMandatory for P80216 10-66 GHz PHY
bullbull Bandwidth Grant per Connection (GPC)Bandwidth Grant per Connection (GPC)ndashndash Base station grants bandwidth to a connectionBase station grants bandwidth to a connectionndashndash Mostly suitable for few users per subscriber stationMostly suitable for few users per subscriber stationndashndash Higher overhead but allows simpler subscriber stationHigher overhead but allows simpler subscriber station
Bandwidth RequestsBandwidth Requestsbullbull Come from the Come from the ConnectionConnection
bullbull Several kinds of requestsSeveral kinds of requestsndashndash Implicit requests (UGS)Implicit requests (UGS)
bullbull No actual messages negotiated at connection setupNo actual messages negotiated at connection setup
ndashndash BW request messagesBW request messagesbullbull Uses the special BW request headerUses the special BW request header
bullbull Requests up to 32 KB with a single messageRequests up to 32 KB with a single message
bullbull Incremental or aggregate as indicated by MAC headerIncremental or aggregate as indicated by MAC header
ndashndash Piggybacked request (for non-UGS services only)Piggybacked request (for non-UGS services only)bullbull Presented in GM sub-header and always incrementalPresented in GM sub-header and always incremental
bullbull Up to 32 KB per request for the CIDUp to 32 KB per request for the CID
ndashndash Poll-Me bit (for UGS services only)Poll-Me bit (for UGS services only)bullbull Used by the SS to request a bandwidth poll for non-UGS servicesUsed by the SS to request a bandwidth poll for non-UGS services
BW Request MessageBW Request Message
Maintaining QoS in GPSSMaintaining QoS in GPSSbullbull Semi-distributed approachSemi-distributed approachbullbull BS sees the requests for each connectionBS sees the requests for each connection
based on this grants bandwidth (BW) to thebased on this grants bandwidth (BW) to theSSsSSs (maintaining QoS and fairness) (maintaining QoS and fairness)
bullbull SS scheduler maintains QoS among itsSS scheduler maintains QoS among itsconnections and is responsible to share theconnections and is responsible to share theBW among the connections (maintaining QoSBW among the connections (maintaining QoSand fairness)and fairness)
bullbull Algorithm in BS and SS can be very differentAlgorithm in BS and SS can be very differentSS may use BW in a way unforeseen by theSS may use BW in a way unforeseen by theBSBS
SS initializationSS initializationbullbull Scan forScan for downlink downlink channel and establish channel and establish
synchronization with the BSsynchronization with the BS
bullbull Obtain transmit parameters (from UCD message)Obtain transmit parameters (from UCD message)
bullbull Perform rangingPerform ranging
bullbull Negotiate basic capabilitiesNegotiate basic capabilities
bullbull Authorize SS and perform key exchangeAuthorize SS and perform key exchange
bullbull Perform registrationPerform registration
bullbull Establish IP connectivityEstablish IP connectivity
bullbull Establish time of dayEstablish time of day
bullbull Transfer operational parametersTransfer operational parameters
bullbull Set up connectionsSet up connections
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
Presentation AuthorsPresentation Authors
bullbull Roger B Marks NIST (Chair 80216)Roger B Marks NIST (Chair 80216)
bullbull Carl Carl EklundEklund Nokia (80216 TG1 MAC Chair) Nokia (80216 TG1 MAC Chair)
bullbull Ken Stanwood Ensemble CommunicationsKen Stanwood Ensemble Communications
bullbull Stanley Wang Ensemble CommunicationsStanley Wang Ensemble Communications
OutlineOutline
bullbull Overview IEEE 80216 Air Interface StandardOverview IEEE 80216 Air Interface Standardndashndash P80216P80216 Air Interface (MAC and 10 - 66 GHz PHY)Air Interface (MAC and 10 - 66 GHz PHY)ndashndash P80216aP80216a Amendment 2-11 GHz (licensed)Amendment 2-11 GHz (licensed)ndashndash P80216bP80216b Amendment (license-exempt)Amendment (license-exempt)
bullbull PHY considerations in the 80216 MACPHY considerations in the 80216 MAC
bullbull The 80216 MAC as defined in P80216D5The 80216 MAC as defined in P80216D5
bullbull MAC Enhancements under developmentMAC Enhancements under development
IEEE 80216 HistoryIEEE 80216 History
bullbull SponsorsSponsorsbullbull IEEE Computer SocietyIEEE Computer Society
bullbull IEEE Microwave Theory and Techniques SocietyIEEE Microwave Theory and Techniques Society
bullbull Project Development Summer 1998Project Development Summer 1998
bullbull IEEE 802 Tutorial November 1998IEEE 802 Tutorial November 1998
bullbull IEEE Study GroupIEEE Study Groupbullbull November 1998-March 1999November 1998-March 1999
bullbull Session 1 July 1999Session 1 July 1999
bullbull Session 16 November 2001Session 16 November 2001
IEEE 80216 by the NumbersIEEE 80216 by the Numbers
bullbull 163 Members163 Members
bullbull 67 ldquoPotential Membersrdquo67 ldquoPotential Membersrdquo
bullbull 62 Official Observers62 Official Observers
bullbull 700 different individuals have attended a700 different individuals have attended asessionsession
bullbull 28 Million file downloads in year 200028 Million file downloads in year 2000
bullbull Members and Potential Members fromMembers and Potential Members frombullbull 10 countries10 countries
bullbull gt110 companiesgt110 companies
IEEE 80216 ProjectsIEEE 80216 Projectsbullbull Air Interface (Air Interface (PHYsPHYs with common MAC) with common MAC)
bullbull P80216 10-66 GHzP80216 10-66 GHzbullbull Completed IEEE Sponsor BallotCompleted IEEE Sponsor Ballot
bullbull On On RevCom RevCom agenda for December 5 2001agenda for December 5 2001
bullbull P80216a 2-11 GHzP80216a 2-11 GHzbullbull Licensed bands onlyLicensed bands only
bullbull Expect OK to launch WG Letter Ballot this weekExpect OK to launch WG Letter Ballot this week
bullbull P80216b 5-6 GHzP80216b 5-6 GHzbullbull License-exempt (ldquoLicense-exempt (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
bullbull Expect OK to launch WG Letter Ballot this weekExpect OK to launch WG Letter Ballot this week
bullbull CoexistenceCoexistencebullbull IEEE 802162 (10-66 GHz)IEEE 802162 (10-66 GHz)
bullbull Published in September 2001Published in September 2001
bullbull P802162a amendment w 2-11 P802162a amendment w 2-11 GHz GHz licensedlicensed
IEEE P80216IEEE P80216
Standard Air Interface for FixedStandard Air Interface for FixedBroadband Wireless AccessBroadband Wireless Access
SystemsSystems
IEEE P80216 HistoryIEEE P80216 Historybullbull July-September 1999July-September 1999 Functional Requirements Functional Requirements
bullbull November 1999November 1999 Proposals (14 for MAC) Proposals (14 for MAC)
bullbull January 2000January 2000 2 Consolidated Proposals 2 Consolidated Proposalsndashndash 1 MAC proposal based on DOCSIS1 MAC proposal based on DOCSIS
ndashndash 1 not1 not
bullbull May 2000May 2000 Plan to Merge 2 Proposals Plan to Merge 2 Proposals
bullbull August 2000August 2000 Rev 0 Rev 0
bullbull until February 2001until February 2001 Working Group Review Working Group Reviewndashndash formal comment processformal comment process
bullbull February-August 2001February-August 2001 WG Letter Ballot WG Letter Ballot
bullbull August-October 2001August-October 2001 IEEE Sponsor Ballot IEEE Sponsor Ballot
bullbull 5 December 20015 December 2001 RevCom RevCom approval agendaapproval agenda
P80216 ScopeP80216 Scope
Specifies the Specifies the air interfaceair interface including the medium including the mediumaccess control layer (access control layer (MACMAC) and physical layer) and physical layer((PHYPHY) of ) of fixedfixed point-to-multipointpoint-to-multipoint broadband broadbandwireless access systems providing wireless access systems providing multiplemultipleservicesservices The medium access control layer is The medium access control layer iscapable of supporting capable of supporting multiple physical layermultiple physical layerspecifications optimized for the frequency bands ofspecifications optimized for the frequency bands ofthe application The standard includes a the application The standard includes a particularparticularphysical layerphysical layer specification broadly applicable to specification broadly applicable tosystems operating systems operating between 10 and 66 GHzbetween 10 and 66 GHz
Point-to-MultipointPoint-to-Multipoint
Wireless MAN not a LANWireless MAN not a LANbullbull Base Station (BS) connected to public networksBase Station (BS) connected to public networks
bullbull BS serves Subscriber Stations (BS serves Subscriber Stations (SSsSSs))ndashndash BS and SS are stationaryBS and SS are stationary
ndashndash SS typically serves a building (business or residence)SS typically serves a building (business or residence)
ndashndash provide SS with first-mile access to public networksprovide SS with first-mile access to public networks
bullbull Multiple services with different Multiple services with different QoSQoS priority prioritysimultaneouslysimultaneously
Reference ModelReference Model
PHY Considerations thatPHY Considerations that
Effect the MAC (10-66 Effect the MAC (10-66 GHzGHz))bullbull Broadband ChannelsBroadband Channels
ndashndash Wide channels (20 25 or 28 MHz)Wide channels (20 25 or 28 MHz)ndashndash High capacity ndash Downlink High capacity ndash Downlink AND AND UplinkUplink
bullbull Multiple AccessMultiple Accessndashndash TDMTDMATDMTDMAndashndash High rate burst modemsHigh rate burst modems
bullbull Adaptive Burst Profiles onAdaptive Burst Profiles on Uplink Uplink and and Downlink Downlinkbullbull Duplex scheme agnosticDuplex scheme agnostic
ndashndash Time-Division Duplex (TDD)Time-Division Duplex (TDD)ndashndash Frequency-Division Duplex (FDD) [including Burst FDD]Frequency-Division Duplex (FDD) [including Burst FDD]
bullbull Support for Half-Duplex TerminalsSupport for Half-Duplex Terminals
Adaptive PHYAdaptive PHY
(burst-by-burst(burst-by-burst adaptivity adaptivity not shown) not shown)
Adaptive Burst ProfilesAdaptive Burst Profiles
bullbull Burst profileBurst profilendashndash Modulation and FECModulation and FEC
bullbull Dynamically assigned according to link conditionsDynamically assigned according to link conditionsndashndash Burst by burst per subscriber stationBurst by burst per subscriber station
ndashndash Trade-off capacity vs robustness in Trade-off capacity vs robustness in real timereal time
bullbull Roughly doubled capacity for the same cell areaRoughly doubled capacity for the same cell area
bullbull Burst profile for Burst profile for downlinkdownlink broadcast channel is well- broadcast channel is well-knownknownndashndash All other burst profiles could be configured ldquoon the flyrdquoAll other burst profiles could be configured ldquoon the flyrdquo
ndashndash Subscriber station capabilities recognized at registrationSubscriber station capabilities recognized at registration
Duplex Scheme SupportDuplex Scheme Support
bullbull OnOn downlink downlink SS is associated with a specific burst SS is associated with a specific burstbullbull OnOn uplink uplink SS is allotted a variable length time slot SS is allotted a variable length time slot
for their transmissionsfor their transmissionsbullbull Time-Division Duplex (TDD)Time-Division Duplex (TDD)
ndashndash DownlinkDownlink amp amp Uplink Uplink time share the same RF channel time share the same RF channelndashndash Dynamic asymmetryDynamic asymmetryndashndash SS does not transmit amp receive simultaneously (low cost)SS does not transmit amp receive simultaneously (low cost)
bullbull Frequency-Division Duplex (FDD)Frequency-Division Duplex (FDD)ndashndash DownlinkDownlink amp amp Uplink Uplink on separate RF channels on separate RF channelsndashndash Static asymmetryStatic asymmetryndashndash Half-duplex Half-duplex SSsSSs supported supported
bullbull SS does not transmit amp receive simultaneously (low cost)SS does not transmit amp receive simultaneously (low cost)
TDD Frame (10-66 TDD Frame (10-66 GHzGHz))
TDD Downlink TDD Downlink SubframeSubframe
DIUC Downlink Interval Usage Code
Burst FDD FramingBurst FDD Framing
frame
Broadcast
Full Duplex Capable User
Half Duplex Terminal 1
Half Duplex Terminal 2
UPLINK
DOWNLINK
Allows scheduling flexibility
FDD Downlink FDD Downlink SubframeSubframe
TDMA portion transmits data to some half-duplex SSs (the onesscheduled to transmit earlier in the frame than they receive)
bull Need preamble to re-sync (carrier phase)
Baud Rates amp Channel SizeBaud Rates amp Channel Size
(10-66 (10-66 GHzGHz))bullbull Flexible plan - allows equipmentFlexible plan - allows equipment
manufactures to choose according tomanufactures to choose according tospectrum requirementsspectrum requirements
QPSK QPSK 16-QAM16-QAM 64-QAM64-QAMChannelChannel SymbolSymbol Bit Rate Bit Rate Bit Rate Bit Rate Bit RateBit RateWidthWidth RateRate (MHz)(MHz) ((MsymMsyms)s) ((MbitMbits) s) ((MbitMbits)s) ((MbitMbits)s)
2020 1616 3232 6464 969625 25 2020 40 40 80 80 12012028 28 224224 448 448 896 896 13441344
MAC RequirementsMAC Requirementsbullbull Provide Network AccessProvide Network Accessbullbull Address the Address the Wireless Wireless environmentenvironment
ndashndash eg very efficient use of spectrum eg very efficient use of spectrum
bullbull Broadband servicesBroadband servicesndashndash Very high bit rates downlink and uplinkVery high bit rates downlink and uplinkndashndash A range of QoS requirementsA range of QoS requirementsndashndash Ethernet IPv4 IPv6 ATM Ethernet IPv4 IPv6 ATM
bullbull Likelihood of terminal being sharedLikelihood of terminal being sharedndashndash Base Station may be heavily loadedBase Station may be heavily loaded
bullbull SecuritySecuritybullbull Protocol-Independent EngineProtocol-Independent Engine
ndashndash Convergence layers to ATM IP Ethernet Convergence layers to ATM IP Ethernet
bullbull Support both TDD and FDD in the PHYSupport both TDD and FDD in the PHY
80216 MAC Overview80216 MAC Overviewbullbull Point-to-MultipointPoint-to-Multipointbullbull Metropolitan Area NetworkMetropolitan Area Networkbullbull Connection-orientedConnection-orientedbullbull Supports difficult user environmentsSupports difficult user environments
ndashndash High bandwidth hundreds of users per channelHigh bandwidth hundreds of users per channelndashndash Continuous and burst trafficContinuous and burst trafficndashndash Very efficient use of spectrumVery efficient use of spectrum
bullbull Protocol-Independent core (ATM IP Ethernet hellip)Protocol-Independent core (ATM IP Ethernet hellip)bullbull Balances between stability of Balances between stability of contentionlesscontentionless and and
efficiency of contention-based operationefficiency of contention-based operationbullbull Flexible QoS offeringsFlexible QoS offerings
ndashndash CBR CBR rtrt-VBR -VBR nrtnrt-VBR BE with granularity within classes-VBR BE with granularity within classes
bullbull Supports multiple 80216 Supports multiple 80216 PHYsPHYs
Relationship to DOCSISRelationship to DOCSIS
bullbull ManagementManagementndashndash Dynamic service ldquoeditingrdquo protocol (AddChangeDelete)Dynamic service ldquoeditingrdquo protocol (AddChangeDelete)ndashndash Management message payload formatManagement message payload format
bullbull SecuritySecurityndashndash Authentication and PrivacyAuthentication and Privacy
bullbull Polling categoriesPolling categoriesbullbull Initial AccessInitial Access
ndashndash Slightly modified allowing terminal capability negotiationSlightly modified allowing terminal capability negotiation
bullbull Core MAC protocol engine is new design forCore MAC protocol engine is new design forWireless Metropolitan Area NetworksWireless Metropolitan Area Networks
DefinitionsDefinitionsbullbull Service Data Unit (SDU)Service Data Unit (SDU)
ndashndash Data units exchanged between adjacent layersData units exchanged between adjacent layers
bullbull Protocol Data Unit (PDU)Protocol Data Unit (PDU)ndashndash Data units exchanged between peer entitiesData units exchanged between peer entities
bullbull Connection and Connection IDConnection and Connection IDndashndash a unidirectional mapping between MAC peersa unidirectional mapping between MAC peers
over the over the airlinkairlink (uniquely identified by a CID) (uniquely identified by a CID)
bullbull Service Flow and Service Flow IDService Flow and Service Flow IDndashndash a unidirectional flow of MAC a unidirectional flow of MAC PDUsPDUs on a on a
connection that provides a particular QoSconnection that provides a particular QoS(uniquely identified by a SFID)(uniquely identified by a SFID)
ATM Convergence SublayerATM Convergence Sublayer
bullbull Support forSupport forndashndash VP (Virtual Path) switched connectionsVP (Virtual Path) switched connections
ndashndash VC (Virtual Channel) switched connectionsVC (Virtual Channel) switched connections
bullbull Support for end-to-end signaling ofSupport for end-to-end signaling ofdynamically created connectionsdynamically created connectionsndashndash SVCsSVCs
ndashndash soft soft PVCsPVCs
bullbull ATM header suppressionATM header suppression
bullbull Full QoS supportFull QoS support
Packet Convergence SublayerPacket Convergence Sublayer
bullbull Initial support for Ethernet IPv4 and IPv6Initial support for Ethernet IPv4 and IPv6
bullbull Payload header suppressionPayload header suppressionndashndash generic plus IP-specificgeneric plus IP-specific
bullbull Full QoS supportFull QoS support
bullbull Possible future support forPossible future support forndashndash PPPPPP
ndashndash MPLSMPLS
ndashndash etcetc
MAC AddressingMAC Addressing
bullbull SS has 48-bit IEEE MAC AddressSS has 48-bit IEEE MAC Address
bullbull BS has 48-bit Base Station IDBS has 48-bit Base Station IDndashndash Not a MAC addressNot a MAC address
ndashndash 24-bit operator indicator24-bit operator indicator
bullbull 16-bit Connection ID (CID)16-bit Connection ID (CID)ndashndash Used in MAC Used in MAC PDUsPDUs
MAC PDU TransmissionMAC PDU Transmission
bullbull MACMAC PDUs PDUs are transmitted in PHY bursts are transmitted in PHY bursts
bullbull A single PHY burst can contain multipleA single PHY burst can contain multipleConcatenated Concatenated MACMAC PDUs PDUs
bullbull The PHY burst can contain multiple FECThe PHY burst can contain multiple FECblocksblocks
bullbull MAC MAC PDUsPDUs may span FEC block boundaries may span FEC block boundaries
bullbull The TC layer between the MAC and theThe TC layer between the MAC and thePHY allows for capturing the start of the nextPHY allows for capturing the start of the nextMAC PDU in case of erroneous FEC blocksMAC PDU in case of erroneous FEC blocks
MAC PDU TransmissionMAC PDU Transmission
Preamble FEC block
Burst
MAC PDUs PDU 1 PDU 2 PDU 3 PDU 4 PDU 5
FEC 1 FEC 2 FEC 3
MAC PDUs
P
P
MAC Message SDU 1 SDU 2
MAC PDU formatMAC PDU format
bullbull The Generic MAC header has fixed formatThe Generic MAC header has fixed formatbullbull One or more MAC sub-headers may be part of theOne or more MAC sub-headers may be part of the
payloadpayloadbullbull The presence of sub-headers is indicated by a TypeThe presence of sub-headers is indicated by a Type
field in the Generic MAC headerfield in the Generic MAC header
Generic MAC HeaderGeneric MAC Header
FragmentationFragmentationbullbull Partitioning a MAC SDU into fragments transportedPartitioning a MAC SDU into fragments transported
in multiple MACin multiple MAC PDUs PDUs
bullbull Each connection can be in only a singleEach connection can be in only a singlefragmentation state at any timefragmentation state at any time
bullbull Contents of the fragmentation sub-headerContents of the fragmentation sub-header
ndashndash 2-bit Fragmentation Control (FC)2-bit Fragmentation Control (FC)bullbull UnfragmentedUnfragmented Last fragment First fragment Last fragment First fragment
Continuing fragmentContinuing fragment
ndashndash 3-bit Fragmentation Sequence Number (FSN)3-bit Fragmentation Sequence Number (FSN)bullbull required to detect missing continuing fragmentsrequired to detect missing continuing fragments
bullbull continuous counter across continuous counter across SDUsSDUs
PackingPacking
bullbull The process of combining multiple MACThe process of combining multiple MAC SDUs SDUs(or fragments thereof) into a single MAC PDU(or fragments thereof) into a single MAC PDU
bullbull On connections with variable length MAC On connections with variable length MAC SDUsSDUsndashndash Packed PDU contains a sub-header for each packedPacked PDU contains a sub-header for each packed
SDU (or fragment thereof)SDU (or fragment thereof)
bullbull On connections with fixed length MAC On connections with fixed length MAC SDUsSDUsndashndash No packing sub-header neededNo packing sub-header needed
bullbull Packing and fragmentation can be combinedPacking and fragmentation can be combined
bullbull Can in certain situations save up to 10 ofCan in certain situations save up to 10 ofsystem bandwidthsystem bandwidth
Packing Fixed-Length Packing Fixed-Length SDUsSDUs
Packing Variable-Length Packing Variable-Length SDUsSDUs
bullbull2 Byte Packing Sub-Header before each SDU2 Byte Packing Sub-Header before each SDUbullbullLength of the SDU 11 bitsLength of the SDU 11 bitsbullbullfragmentation control (FC) 2 bitsfragmentation control (FC) 2 bitsbullbullfragmentation sequence number (FS) 3 bitsfragmentation sequence number (FS) 3 bits
Packing with FragmentationPacking with Fragmentation
Downlink transmissionsDownlink transmissionsbullbull Two kinds of bursts TDM and TDMATwo kinds of bursts TDM and TDMA
bullbull All bursts are identified by a DIUCAll bursts are identified by a DIUC
ndashndash DownlinkDownlink Interval Usage Code Interval Usage Code
bullbull TDMA bursts haveTDMA bursts have resync resync preamble preamblendashndash allows for more flexible schedulingallows for more flexible scheduling
bullbull Each terminal listens to all bursts at its operationalEach terminal listens to all bursts at its operationalIUC or at a more robust one except when told toIUC or at a more robust one except when told totransmittransmit
bullbull Each burst may contain data for several terminalsEach burst may contain data for several terminals
bullbull SS must recognize the SS must recognize the PDUsPDUs with known CIDs with known CIDs
bullbull DL-MAP message signals downlink usageDL-MAP message signals downlink usage
Downlink Channel DescriptorDownlink Channel Descriptor
bullbull Used for advertising downlink burst profilesUsed for advertising downlink burst profiles
bullbull Burst profile of DL broadcast channel is well-Burst profile of DL broadcast channel is well-knownknown
bullbull All others are acquiredAll others are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the flywithout interrupting the servicewithout interrupting the servicendashndash Not intended as super-adaptive modulationNot intended as super-adaptive modulation
bullbull Establishes association between DIUC andEstablishes association between DIUC andactual PHY parametersactual PHY parameters
Burst profilesBurst profilesbullbull Each burst profile hasEach burst profile has
mandatory exit thresholdmandatory exit thresholdand minimum entryand minimum entrythresholdthreshold
bullbull SS allowed to request a lessSS allowed to request a lessrobust DIUC once above therobust DIUC once above theminimum entry levelminimum entry level
bullbull SS must request fall back toSS must request fall back tomore robust DIUC once atmore robust DIUC once atmandatory exit thresholdmandatory exit threshold
bullbull Requests to change DIUCRequests to change DIUCdone with DBPC-REQ ordone with DBPC-REQ orRNG-REQ messagesRNG-REQ messages
Downlink Map MessageDownlink Map Message
bullbull DL-MAP message defines usage ofDL-MAP message defines usage ofdownlink and contains carrier-specific datadownlink and contains carrier-specific data
bullbull DL-MAP is first message in each frameDL-MAP is first message in each frame
bullbull Decoding very time-criticalDecoding very time-criticalndashndash typically done in hardwaretypically done in hardware
bullbull Entries denote instants when the burstEntries denote instants when the burstprofile changesprofile changes
Uplink TransmissionsUplink Transmissionsbullbull Invited transmissionsInvited transmissions
bullbull Transmissions in contention slotsTransmissions in contention slotsndashndash Bandwidth requestsBandwidth requests
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Transmissions in initial ranging slotsTransmissions in initial ranging slotsndashndash Ranging Requests (RNG-REQ)Ranging Requests (RNG-REQ)
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Bursts defined by Bursts defined by UIUCsUIUCs
bullbull Transmissions allocated by the UL-MAP messageTransmissions allocated by the UL-MAP message
bullbull All transmissions have synchronization preambleAll transmissions have synchronization preamble
bullbull Ideally all data from a single SS is concatenated intoIdeally all data from a single SS is concatenated intoa single PHY bursta single PHY burst
Uplink Channel DescriptorUplink Channel Descriptor
bullbull Defines uplink burst profilesDefines uplink burst profiles
bullbull Sent regularlySent regularly
bullbull All Uplink Burst profiles are acquiredAll Uplink Burst profiles are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the fly
bullbull Establishes association between UIUCEstablishes association between UIUCand actual PHY parametersand actual PHY parameters
Uplink MAP MessageUplink MAP Message
bullbull UL-MAP message defines usage of the uplinkUL-MAP message defines usage of the uplink
bullbull Contains the grantsContains the grants
bullbull Grants addressed to the SSGrants addressed to the SS
bullbull Time given in mini-slotsTime given in mini-slotsndashndash unit ofunit of uplink uplink bandwidth allocation bandwidth allocation
ndashndash 22mm physical slots physical slotsbullbull in 10-66in 10-66 GHz GHz PHY physical slot is 4 symbols PHY physical slot is 4 symbols
bullbull TTime expressed as arrival time at BSime expressed as arrival time at BS
Classes of Uplink ServiceClasses of Uplink ServiceCharacteristic of the Service FlowCharacteristic of the Service Flow
bullbull Unsolicited Grant Services (UGS)Unsolicited Grant Services (UGS)ndashndash for constant bit-rate (CBR) or CBR-like servicefor constant bit-rate (CBR) or CBR-like service
flows (flows (SFsSFs) such as T1E1) such as T1E1
bullbull Real-time Polling Services (Real-time Polling Services (rtPSrtPS))ndashndash for for rtrt-VBR-like -VBR-like SFsSFs such as MPEG video such as MPEG video
bullbull Non-real-time Polling Services (Non-real-time Polling Services (nrtPSnrtPS))ndashndash for for nrtnrt SFsSFs with better than best effort service with better than best effort service
such as bandwidth-intensive file transfersuch as bandwidth-intensive file transfer
bullbull Best Effort (BE)Best Effort (BE)ndashndash for best-effort trafficfor best-effort traffic
Uplink Services - UGSUplink Services - UGS
bullbull No explicit bandwidth requests issued by SSNo explicit bandwidth requests issued by SS
bullbull Prohibited from using any contention requestsProhibited from using any contention requests
bullbull No No unicast unicast request opportunity providedrequest opportunity provided
bullbull May include a Grant Management (GM) sub-May include a Grant Management (GM) sub-header containingheader containingndashndash Slip indicator indicates that there is an backlog inSlip indicator indicates that there is an backlog in
the buffer due to clock skew or loss of mapsthe buffer due to clock skew or loss of maps
ndashndash Poll-me bit indicates that the terminal needs to bePoll-me bit indicates that the terminal needs to bepolled (allows for not polling terminals with UGS-polled (allows for not polling terminals with UGS-only services)only services)
Uplink Services - Uplink Services - rtPSrtPS
bullbull Intended for Intended for rtrt-VBR-like service flows such as-VBR-like service flows such asMPEG videoMPEG video
bullbull Prohibited from using any contention requestsProhibited from using any contention requestsbullbull Terminals polled frequently enough to meetTerminals polled frequently enough to meet
the delay requirements of the the delay requirements of the SFsSFsbullbull Bandwidth requested with BW requestBandwidth requested with BW request
messages (a special MAC PDU header)messages (a special MAC PDU header)bullbull May use Grant Management sub-headerMay use Grant Management sub-header
ndashndash new request can be piggybacked with eachnew request can be piggybacked with eachtransmitted PDUtransmitted PDU
Uplink Service - Uplink Service - nrtPSnrtPS
bullbull Intended for non-real-time service flows withIntended for non-real-time service flows withbetter than best effort servicebetter than best effort servicendashndash eg bandwidth-intensive file transfer eg bandwidth-intensive file transfer
bullbull Works like Works like rtrt-polling except that polls are-polling except that polls areissued less frequentlyissued less frequently
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
Uplink Service - BEUplink Service - BE
bullbull Generic dataGeneric datandashndash eg HTTP SMTP etceg HTTP SMTP etc
bullbull No QoS guaranteesNo QoS guarantees
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
RequestGrant SchemeRequestGrant Scheme
bullbull Self CorrectingSelf Correctingndashndash No acknowledgementNo acknowledgement
ndashndash All errors are handled in the same way ieAll errors are handled in the same way ieperiodical aggregate requestsperiodical aggregate requests
bullbull Bandwidth Requests are always per ConnectionBandwidth Requests are always per Connection
bullbull Grants are either per Connection (GPC) or perGrants are either per Connection (GPC) or perSubscriber Station (GPSS)Subscriber Station (GPSS)
ndashndash Grants (given as Grants (given as durationsdurations) are carried in the) are carried in theUL-MAP messagesUL-MAP messages
ndashndash SS needs to convert the time to amount of dataSS needs to convert the time to amount of datausing information about the UIUCusing information about the UIUC
GPSS vs GPCGPSS vs GPCbullbull Bandwidth Grant per Subscriber Station (GPSS)Bandwidth Grant per Subscriber Station (GPSS)
ndashndash Base station grants bandwidth to the subscriber stationBase station grants bandwidth to the subscriber stationndashndash Subscriber station may re-distribute bandwidth among itsSubscriber station may re-distribute bandwidth among its
connections maintaining QoS and service-levelconnections maintaining QoS and service-levelagreementsagreements
ndashndash Suitable for many connections per terminal off-loadingSuitable for many connections per terminal off-loadingbase stationrsquos workbase stationrsquos work
ndashndash Allows more sophisticated reaction to QoS needsAllows more sophisticated reaction to QoS needsndashndash Low overhead but requires intelligent subscriber stationLow overhead but requires intelligent subscriber stationndashndash Mandatory for P80216 10-66 GHz PHYMandatory for P80216 10-66 GHz PHY
bullbull Bandwidth Grant per Connection (GPC)Bandwidth Grant per Connection (GPC)ndashndash Base station grants bandwidth to a connectionBase station grants bandwidth to a connectionndashndash Mostly suitable for few users per subscriber stationMostly suitable for few users per subscriber stationndashndash Higher overhead but allows simpler subscriber stationHigher overhead but allows simpler subscriber station
Bandwidth RequestsBandwidth Requestsbullbull Come from the Come from the ConnectionConnection
bullbull Several kinds of requestsSeveral kinds of requestsndashndash Implicit requests (UGS)Implicit requests (UGS)
bullbull No actual messages negotiated at connection setupNo actual messages negotiated at connection setup
ndashndash BW request messagesBW request messagesbullbull Uses the special BW request headerUses the special BW request header
bullbull Requests up to 32 KB with a single messageRequests up to 32 KB with a single message
bullbull Incremental or aggregate as indicated by MAC headerIncremental or aggregate as indicated by MAC header
ndashndash Piggybacked request (for non-UGS services only)Piggybacked request (for non-UGS services only)bullbull Presented in GM sub-header and always incrementalPresented in GM sub-header and always incremental
bullbull Up to 32 KB per request for the CIDUp to 32 KB per request for the CID
ndashndash Poll-Me bit (for UGS services only)Poll-Me bit (for UGS services only)bullbull Used by the SS to request a bandwidth poll for non-UGS servicesUsed by the SS to request a bandwidth poll for non-UGS services
BW Request MessageBW Request Message
Maintaining QoS in GPSSMaintaining QoS in GPSSbullbull Semi-distributed approachSemi-distributed approachbullbull BS sees the requests for each connectionBS sees the requests for each connection
based on this grants bandwidth (BW) to thebased on this grants bandwidth (BW) to theSSsSSs (maintaining QoS and fairness) (maintaining QoS and fairness)
bullbull SS scheduler maintains QoS among itsSS scheduler maintains QoS among itsconnections and is responsible to share theconnections and is responsible to share theBW among the connections (maintaining QoSBW among the connections (maintaining QoSand fairness)and fairness)
bullbull Algorithm in BS and SS can be very differentAlgorithm in BS and SS can be very differentSS may use BW in a way unforeseen by theSS may use BW in a way unforeseen by theBSBS
SS initializationSS initializationbullbull Scan forScan for downlink downlink channel and establish channel and establish
synchronization with the BSsynchronization with the BS
bullbull Obtain transmit parameters (from UCD message)Obtain transmit parameters (from UCD message)
bullbull Perform rangingPerform ranging
bullbull Negotiate basic capabilitiesNegotiate basic capabilities
bullbull Authorize SS and perform key exchangeAuthorize SS and perform key exchange
bullbull Perform registrationPerform registration
bullbull Establish IP connectivityEstablish IP connectivity
bullbull Establish time of dayEstablish time of day
bullbull Transfer operational parametersTransfer operational parameters
bullbull Set up connectionsSet up connections
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
OutlineOutline
bullbull Overview IEEE 80216 Air Interface StandardOverview IEEE 80216 Air Interface Standardndashndash P80216P80216 Air Interface (MAC and 10 - 66 GHz PHY)Air Interface (MAC and 10 - 66 GHz PHY)ndashndash P80216aP80216a Amendment 2-11 GHz (licensed)Amendment 2-11 GHz (licensed)ndashndash P80216bP80216b Amendment (license-exempt)Amendment (license-exempt)
bullbull PHY considerations in the 80216 MACPHY considerations in the 80216 MAC
bullbull The 80216 MAC as defined in P80216D5The 80216 MAC as defined in P80216D5
bullbull MAC Enhancements under developmentMAC Enhancements under development
IEEE 80216 HistoryIEEE 80216 History
bullbull SponsorsSponsorsbullbull IEEE Computer SocietyIEEE Computer Society
bullbull IEEE Microwave Theory and Techniques SocietyIEEE Microwave Theory and Techniques Society
bullbull Project Development Summer 1998Project Development Summer 1998
bullbull IEEE 802 Tutorial November 1998IEEE 802 Tutorial November 1998
bullbull IEEE Study GroupIEEE Study Groupbullbull November 1998-March 1999November 1998-March 1999
bullbull Session 1 July 1999Session 1 July 1999
bullbull Session 16 November 2001Session 16 November 2001
IEEE 80216 by the NumbersIEEE 80216 by the Numbers
bullbull 163 Members163 Members
bullbull 67 ldquoPotential Membersrdquo67 ldquoPotential Membersrdquo
bullbull 62 Official Observers62 Official Observers
bullbull 700 different individuals have attended a700 different individuals have attended asessionsession
bullbull 28 Million file downloads in year 200028 Million file downloads in year 2000
bullbull Members and Potential Members fromMembers and Potential Members frombullbull 10 countries10 countries
bullbull gt110 companiesgt110 companies
IEEE 80216 ProjectsIEEE 80216 Projectsbullbull Air Interface (Air Interface (PHYsPHYs with common MAC) with common MAC)
bullbull P80216 10-66 GHzP80216 10-66 GHzbullbull Completed IEEE Sponsor BallotCompleted IEEE Sponsor Ballot
bullbull On On RevCom RevCom agenda for December 5 2001agenda for December 5 2001
bullbull P80216a 2-11 GHzP80216a 2-11 GHzbullbull Licensed bands onlyLicensed bands only
bullbull Expect OK to launch WG Letter Ballot this weekExpect OK to launch WG Letter Ballot this week
bullbull P80216b 5-6 GHzP80216b 5-6 GHzbullbull License-exempt (ldquoLicense-exempt (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
bullbull Expect OK to launch WG Letter Ballot this weekExpect OK to launch WG Letter Ballot this week
bullbull CoexistenceCoexistencebullbull IEEE 802162 (10-66 GHz)IEEE 802162 (10-66 GHz)
bullbull Published in September 2001Published in September 2001
bullbull P802162a amendment w 2-11 P802162a amendment w 2-11 GHz GHz licensedlicensed
IEEE P80216IEEE P80216
Standard Air Interface for FixedStandard Air Interface for FixedBroadband Wireless AccessBroadband Wireless Access
SystemsSystems
IEEE P80216 HistoryIEEE P80216 Historybullbull July-September 1999July-September 1999 Functional Requirements Functional Requirements
bullbull November 1999November 1999 Proposals (14 for MAC) Proposals (14 for MAC)
bullbull January 2000January 2000 2 Consolidated Proposals 2 Consolidated Proposalsndashndash 1 MAC proposal based on DOCSIS1 MAC proposal based on DOCSIS
ndashndash 1 not1 not
bullbull May 2000May 2000 Plan to Merge 2 Proposals Plan to Merge 2 Proposals
bullbull August 2000August 2000 Rev 0 Rev 0
bullbull until February 2001until February 2001 Working Group Review Working Group Reviewndashndash formal comment processformal comment process
bullbull February-August 2001February-August 2001 WG Letter Ballot WG Letter Ballot
bullbull August-October 2001August-October 2001 IEEE Sponsor Ballot IEEE Sponsor Ballot
bullbull 5 December 20015 December 2001 RevCom RevCom approval agendaapproval agenda
P80216 ScopeP80216 Scope
Specifies the Specifies the air interfaceair interface including the medium including the mediumaccess control layer (access control layer (MACMAC) and physical layer) and physical layer((PHYPHY) of ) of fixedfixed point-to-multipointpoint-to-multipoint broadband broadbandwireless access systems providing wireless access systems providing multiplemultipleservicesservices The medium access control layer is The medium access control layer iscapable of supporting capable of supporting multiple physical layermultiple physical layerspecifications optimized for the frequency bands ofspecifications optimized for the frequency bands ofthe application The standard includes a the application The standard includes a particularparticularphysical layerphysical layer specification broadly applicable to specification broadly applicable tosystems operating systems operating between 10 and 66 GHzbetween 10 and 66 GHz
Point-to-MultipointPoint-to-Multipoint
Wireless MAN not a LANWireless MAN not a LANbullbull Base Station (BS) connected to public networksBase Station (BS) connected to public networks
bullbull BS serves Subscriber Stations (BS serves Subscriber Stations (SSsSSs))ndashndash BS and SS are stationaryBS and SS are stationary
ndashndash SS typically serves a building (business or residence)SS typically serves a building (business or residence)
ndashndash provide SS with first-mile access to public networksprovide SS with first-mile access to public networks
bullbull Multiple services with different Multiple services with different QoSQoS priority prioritysimultaneouslysimultaneously
Reference ModelReference Model
PHY Considerations thatPHY Considerations that
Effect the MAC (10-66 Effect the MAC (10-66 GHzGHz))bullbull Broadband ChannelsBroadband Channels
ndashndash Wide channels (20 25 or 28 MHz)Wide channels (20 25 or 28 MHz)ndashndash High capacity ndash Downlink High capacity ndash Downlink AND AND UplinkUplink
bullbull Multiple AccessMultiple Accessndashndash TDMTDMATDMTDMAndashndash High rate burst modemsHigh rate burst modems
bullbull Adaptive Burst Profiles onAdaptive Burst Profiles on Uplink Uplink and and Downlink Downlinkbullbull Duplex scheme agnosticDuplex scheme agnostic
ndashndash Time-Division Duplex (TDD)Time-Division Duplex (TDD)ndashndash Frequency-Division Duplex (FDD) [including Burst FDD]Frequency-Division Duplex (FDD) [including Burst FDD]
bullbull Support for Half-Duplex TerminalsSupport for Half-Duplex Terminals
Adaptive PHYAdaptive PHY
(burst-by-burst(burst-by-burst adaptivity adaptivity not shown) not shown)
Adaptive Burst ProfilesAdaptive Burst Profiles
bullbull Burst profileBurst profilendashndash Modulation and FECModulation and FEC
bullbull Dynamically assigned according to link conditionsDynamically assigned according to link conditionsndashndash Burst by burst per subscriber stationBurst by burst per subscriber station
ndashndash Trade-off capacity vs robustness in Trade-off capacity vs robustness in real timereal time
bullbull Roughly doubled capacity for the same cell areaRoughly doubled capacity for the same cell area
bullbull Burst profile for Burst profile for downlinkdownlink broadcast channel is well- broadcast channel is well-knownknownndashndash All other burst profiles could be configured ldquoon the flyrdquoAll other burst profiles could be configured ldquoon the flyrdquo
ndashndash Subscriber station capabilities recognized at registrationSubscriber station capabilities recognized at registration
Duplex Scheme SupportDuplex Scheme Support
bullbull OnOn downlink downlink SS is associated with a specific burst SS is associated with a specific burstbullbull OnOn uplink uplink SS is allotted a variable length time slot SS is allotted a variable length time slot
for their transmissionsfor their transmissionsbullbull Time-Division Duplex (TDD)Time-Division Duplex (TDD)
ndashndash DownlinkDownlink amp amp Uplink Uplink time share the same RF channel time share the same RF channelndashndash Dynamic asymmetryDynamic asymmetryndashndash SS does not transmit amp receive simultaneously (low cost)SS does not transmit amp receive simultaneously (low cost)
bullbull Frequency-Division Duplex (FDD)Frequency-Division Duplex (FDD)ndashndash DownlinkDownlink amp amp Uplink Uplink on separate RF channels on separate RF channelsndashndash Static asymmetryStatic asymmetryndashndash Half-duplex Half-duplex SSsSSs supported supported
bullbull SS does not transmit amp receive simultaneously (low cost)SS does not transmit amp receive simultaneously (low cost)
TDD Frame (10-66 TDD Frame (10-66 GHzGHz))
TDD Downlink TDD Downlink SubframeSubframe
DIUC Downlink Interval Usage Code
Burst FDD FramingBurst FDD Framing
frame
Broadcast
Full Duplex Capable User
Half Duplex Terminal 1
Half Duplex Terminal 2
UPLINK
DOWNLINK
Allows scheduling flexibility
FDD Downlink FDD Downlink SubframeSubframe
TDMA portion transmits data to some half-duplex SSs (the onesscheduled to transmit earlier in the frame than they receive)
bull Need preamble to re-sync (carrier phase)
Baud Rates amp Channel SizeBaud Rates amp Channel Size
(10-66 (10-66 GHzGHz))bullbull Flexible plan - allows equipmentFlexible plan - allows equipment
manufactures to choose according tomanufactures to choose according tospectrum requirementsspectrum requirements
QPSK QPSK 16-QAM16-QAM 64-QAM64-QAMChannelChannel SymbolSymbol Bit Rate Bit Rate Bit Rate Bit Rate Bit RateBit RateWidthWidth RateRate (MHz)(MHz) ((MsymMsyms)s) ((MbitMbits) s) ((MbitMbits)s) ((MbitMbits)s)
2020 1616 3232 6464 969625 25 2020 40 40 80 80 12012028 28 224224 448 448 896 896 13441344
MAC RequirementsMAC Requirementsbullbull Provide Network AccessProvide Network Accessbullbull Address the Address the Wireless Wireless environmentenvironment
ndashndash eg very efficient use of spectrum eg very efficient use of spectrum
bullbull Broadband servicesBroadband servicesndashndash Very high bit rates downlink and uplinkVery high bit rates downlink and uplinkndashndash A range of QoS requirementsA range of QoS requirementsndashndash Ethernet IPv4 IPv6 ATM Ethernet IPv4 IPv6 ATM
bullbull Likelihood of terminal being sharedLikelihood of terminal being sharedndashndash Base Station may be heavily loadedBase Station may be heavily loaded
bullbull SecuritySecuritybullbull Protocol-Independent EngineProtocol-Independent Engine
ndashndash Convergence layers to ATM IP Ethernet Convergence layers to ATM IP Ethernet
bullbull Support both TDD and FDD in the PHYSupport both TDD and FDD in the PHY
80216 MAC Overview80216 MAC Overviewbullbull Point-to-MultipointPoint-to-Multipointbullbull Metropolitan Area NetworkMetropolitan Area Networkbullbull Connection-orientedConnection-orientedbullbull Supports difficult user environmentsSupports difficult user environments
ndashndash High bandwidth hundreds of users per channelHigh bandwidth hundreds of users per channelndashndash Continuous and burst trafficContinuous and burst trafficndashndash Very efficient use of spectrumVery efficient use of spectrum
bullbull Protocol-Independent core (ATM IP Ethernet hellip)Protocol-Independent core (ATM IP Ethernet hellip)bullbull Balances between stability of Balances between stability of contentionlesscontentionless and and
efficiency of contention-based operationefficiency of contention-based operationbullbull Flexible QoS offeringsFlexible QoS offerings
ndashndash CBR CBR rtrt-VBR -VBR nrtnrt-VBR BE with granularity within classes-VBR BE with granularity within classes
bullbull Supports multiple 80216 Supports multiple 80216 PHYsPHYs
Relationship to DOCSISRelationship to DOCSIS
bullbull ManagementManagementndashndash Dynamic service ldquoeditingrdquo protocol (AddChangeDelete)Dynamic service ldquoeditingrdquo protocol (AddChangeDelete)ndashndash Management message payload formatManagement message payload format
bullbull SecuritySecurityndashndash Authentication and PrivacyAuthentication and Privacy
bullbull Polling categoriesPolling categoriesbullbull Initial AccessInitial Access
ndashndash Slightly modified allowing terminal capability negotiationSlightly modified allowing terminal capability negotiation
bullbull Core MAC protocol engine is new design forCore MAC protocol engine is new design forWireless Metropolitan Area NetworksWireless Metropolitan Area Networks
DefinitionsDefinitionsbullbull Service Data Unit (SDU)Service Data Unit (SDU)
ndashndash Data units exchanged between adjacent layersData units exchanged between adjacent layers
bullbull Protocol Data Unit (PDU)Protocol Data Unit (PDU)ndashndash Data units exchanged between peer entitiesData units exchanged between peer entities
bullbull Connection and Connection IDConnection and Connection IDndashndash a unidirectional mapping between MAC peersa unidirectional mapping between MAC peers
over the over the airlinkairlink (uniquely identified by a CID) (uniquely identified by a CID)
bullbull Service Flow and Service Flow IDService Flow and Service Flow IDndashndash a unidirectional flow of MAC a unidirectional flow of MAC PDUsPDUs on a on a
connection that provides a particular QoSconnection that provides a particular QoS(uniquely identified by a SFID)(uniquely identified by a SFID)
ATM Convergence SublayerATM Convergence Sublayer
bullbull Support forSupport forndashndash VP (Virtual Path) switched connectionsVP (Virtual Path) switched connections
ndashndash VC (Virtual Channel) switched connectionsVC (Virtual Channel) switched connections
bullbull Support for end-to-end signaling ofSupport for end-to-end signaling ofdynamically created connectionsdynamically created connectionsndashndash SVCsSVCs
ndashndash soft soft PVCsPVCs
bullbull ATM header suppressionATM header suppression
bullbull Full QoS supportFull QoS support
Packet Convergence SublayerPacket Convergence Sublayer
bullbull Initial support for Ethernet IPv4 and IPv6Initial support for Ethernet IPv4 and IPv6
bullbull Payload header suppressionPayload header suppressionndashndash generic plus IP-specificgeneric plus IP-specific
bullbull Full QoS supportFull QoS support
bullbull Possible future support forPossible future support forndashndash PPPPPP
ndashndash MPLSMPLS
ndashndash etcetc
MAC AddressingMAC Addressing
bullbull SS has 48-bit IEEE MAC AddressSS has 48-bit IEEE MAC Address
bullbull BS has 48-bit Base Station IDBS has 48-bit Base Station IDndashndash Not a MAC addressNot a MAC address
ndashndash 24-bit operator indicator24-bit operator indicator
bullbull 16-bit Connection ID (CID)16-bit Connection ID (CID)ndashndash Used in MAC Used in MAC PDUsPDUs
MAC PDU TransmissionMAC PDU Transmission
bullbull MACMAC PDUs PDUs are transmitted in PHY bursts are transmitted in PHY bursts
bullbull A single PHY burst can contain multipleA single PHY burst can contain multipleConcatenated Concatenated MACMAC PDUs PDUs
bullbull The PHY burst can contain multiple FECThe PHY burst can contain multiple FECblocksblocks
bullbull MAC MAC PDUsPDUs may span FEC block boundaries may span FEC block boundaries
bullbull The TC layer between the MAC and theThe TC layer between the MAC and thePHY allows for capturing the start of the nextPHY allows for capturing the start of the nextMAC PDU in case of erroneous FEC blocksMAC PDU in case of erroneous FEC blocks
MAC PDU TransmissionMAC PDU Transmission
Preamble FEC block
Burst
MAC PDUs PDU 1 PDU 2 PDU 3 PDU 4 PDU 5
FEC 1 FEC 2 FEC 3
MAC PDUs
P
P
MAC Message SDU 1 SDU 2
MAC PDU formatMAC PDU format
bullbull The Generic MAC header has fixed formatThe Generic MAC header has fixed formatbullbull One or more MAC sub-headers may be part of theOne or more MAC sub-headers may be part of the
payloadpayloadbullbull The presence of sub-headers is indicated by a TypeThe presence of sub-headers is indicated by a Type
field in the Generic MAC headerfield in the Generic MAC header
Generic MAC HeaderGeneric MAC Header
FragmentationFragmentationbullbull Partitioning a MAC SDU into fragments transportedPartitioning a MAC SDU into fragments transported
in multiple MACin multiple MAC PDUs PDUs
bullbull Each connection can be in only a singleEach connection can be in only a singlefragmentation state at any timefragmentation state at any time
bullbull Contents of the fragmentation sub-headerContents of the fragmentation sub-header
ndashndash 2-bit Fragmentation Control (FC)2-bit Fragmentation Control (FC)bullbull UnfragmentedUnfragmented Last fragment First fragment Last fragment First fragment
Continuing fragmentContinuing fragment
ndashndash 3-bit Fragmentation Sequence Number (FSN)3-bit Fragmentation Sequence Number (FSN)bullbull required to detect missing continuing fragmentsrequired to detect missing continuing fragments
bullbull continuous counter across continuous counter across SDUsSDUs
PackingPacking
bullbull The process of combining multiple MACThe process of combining multiple MAC SDUs SDUs(or fragments thereof) into a single MAC PDU(or fragments thereof) into a single MAC PDU
bullbull On connections with variable length MAC On connections with variable length MAC SDUsSDUsndashndash Packed PDU contains a sub-header for each packedPacked PDU contains a sub-header for each packed
SDU (or fragment thereof)SDU (or fragment thereof)
bullbull On connections with fixed length MAC On connections with fixed length MAC SDUsSDUsndashndash No packing sub-header neededNo packing sub-header needed
bullbull Packing and fragmentation can be combinedPacking and fragmentation can be combined
bullbull Can in certain situations save up to 10 ofCan in certain situations save up to 10 ofsystem bandwidthsystem bandwidth
Packing Fixed-Length Packing Fixed-Length SDUsSDUs
Packing Variable-Length Packing Variable-Length SDUsSDUs
bullbull2 Byte Packing Sub-Header before each SDU2 Byte Packing Sub-Header before each SDUbullbullLength of the SDU 11 bitsLength of the SDU 11 bitsbullbullfragmentation control (FC) 2 bitsfragmentation control (FC) 2 bitsbullbullfragmentation sequence number (FS) 3 bitsfragmentation sequence number (FS) 3 bits
Packing with FragmentationPacking with Fragmentation
Downlink transmissionsDownlink transmissionsbullbull Two kinds of bursts TDM and TDMATwo kinds of bursts TDM and TDMA
bullbull All bursts are identified by a DIUCAll bursts are identified by a DIUC
ndashndash DownlinkDownlink Interval Usage Code Interval Usage Code
bullbull TDMA bursts haveTDMA bursts have resync resync preamble preamblendashndash allows for more flexible schedulingallows for more flexible scheduling
bullbull Each terminal listens to all bursts at its operationalEach terminal listens to all bursts at its operationalIUC or at a more robust one except when told toIUC or at a more robust one except when told totransmittransmit
bullbull Each burst may contain data for several terminalsEach burst may contain data for several terminals
bullbull SS must recognize the SS must recognize the PDUsPDUs with known CIDs with known CIDs
bullbull DL-MAP message signals downlink usageDL-MAP message signals downlink usage
Downlink Channel DescriptorDownlink Channel Descriptor
bullbull Used for advertising downlink burst profilesUsed for advertising downlink burst profiles
bullbull Burst profile of DL broadcast channel is well-Burst profile of DL broadcast channel is well-knownknown
bullbull All others are acquiredAll others are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the flywithout interrupting the servicewithout interrupting the servicendashndash Not intended as super-adaptive modulationNot intended as super-adaptive modulation
bullbull Establishes association between DIUC andEstablishes association between DIUC andactual PHY parametersactual PHY parameters
Burst profilesBurst profilesbullbull Each burst profile hasEach burst profile has
mandatory exit thresholdmandatory exit thresholdand minimum entryand minimum entrythresholdthreshold
bullbull SS allowed to request a lessSS allowed to request a lessrobust DIUC once above therobust DIUC once above theminimum entry levelminimum entry level
bullbull SS must request fall back toSS must request fall back tomore robust DIUC once atmore robust DIUC once atmandatory exit thresholdmandatory exit threshold
bullbull Requests to change DIUCRequests to change DIUCdone with DBPC-REQ ordone with DBPC-REQ orRNG-REQ messagesRNG-REQ messages
Downlink Map MessageDownlink Map Message
bullbull DL-MAP message defines usage ofDL-MAP message defines usage ofdownlink and contains carrier-specific datadownlink and contains carrier-specific data
bullbull DL-MAP is first message in each frameDL-MAP is first message in each frame
bullbull Decoding very time-criticalDecoding very time-criticalndashndash typically done in hardwaretypically done in hardware
bullbull Entries denote instants when the burstEntries denote instants when the burstprofile changesprofile changes
Uplink TransmissionsUplink Transmissionsbullbull Invited transmissionsInvited transmissions
bullbull Transmissions in contention slotsTransmissions in contention slotsndashndash Bandwidth requestsBandwidth requests
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Transmissions in initial ranging slotsTransmissions in initial ranging slotsndashndash Ranging Requests (RNG-REQ)Ranging Requests (RNG-REQ)
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Bursts defined by Bursts defined by UIUCsUIUCs
bullbull Transmissions allocated by the UL-MAP messageTransmissions allocated by the UL-MAP message
bullbull All transmissions have synchronization preambleAll transmissions have synchronization preamble
bullbull Ideally all data from a single SS is concatenated intoIdeally all data from a single SS is concatenated intoa single PHY bursta single PHY burst
Uplink Channel DescriptorUplink Channel Descriptor
bullbull Defines uplink burst profilesDefines uplink burst profiles
bullbull Sent regularlySent regularly
bullbull All Uplink Burst profiles are acquiredAll Uplink Burst profiles are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the fly
bullbull Establishes association between UIUCEstablishes association between UIUCand actual PHY parametersand actual PHY parameters
Uplink MAP MessageUplink MAP Message
bullbull UL-MAP message defines usage of the uplinkUL-MAP message defines usage of the uplink
bullbull Contains the grantsContains the grants
bullbull Grants addressed to the SSGrants addressed to the SS
bullbull Time given in mini-slotsTime given in mini-slotsndashndash unit ofunit of uplink uplink bandwidth allocation bandwidth allocation
ndashndash 22mm physical slots physical slotsbullbull in 10-66in 10-66 GHz GHz PHY physical slot is 4 symbols PHY physical slot is 4 symbols
bullbull TTime expressed as arrival time at BSime expressed as arrival time at BS
Classes of Uplink ServiceClasses of Uplink ServiceCharacteristic of the Service FlowCharacteristic of the Service Flow
bullbull Unsolicited Grant Services (UGS)Unsolicited Grant Services (UGS)ndashndash for constant bit-rate (CBR) or CBR-like servicefor constant bit-rate (CBR) or CBR-like service
flows (flows (SFsSFs) such as T1E1) such as T1E1
bullbull Real-time Polling Services (Real-time Polling Services (rtPSrtPS))ndashndash for for rtrt-VBR-like -VBR-like SFsSFs such as MPEG video such as MPEG video
bullbull Non-real-time Polling Services (Non-real-time Polling Services (nrtPSnrtPS))ndashndash for for nrtnrt SFsSFs with better than best effort service with better than best effort service
such as bandwidth-intensive file transfersuch as bandwidth-intensive file transfer
bullbull Best Effort (BE)Best Effort (BE)ndashndash for best-effort trafficfor best-effort traffic
Uplink Services - UGSUplink Services - UGS
bullbull No explicit bandwidth requests issued by SSNo explicit bandwidth requests issued by SS
bullbull Prohibited from using any contention requestsProhibited from using any contention requests
bullbull No No unicast unicast request opportunity providedrequest opportunity provided
bullbull May include a Grant Management (GM) sub-May include a Grant Management (GM) sub-header containingheader containingndashndash Slip indicator indicates that there is an backlog inSlip indicator indicates that there is an backlog in
the buffer due to clock skew or loss of mapsthe buffer due to clock skew or loss of maps
ndashndash Poll-me bit indicates that the terminal needs to bePoll-me bit indicates that the terminal needs to bepolled (allows for not polling terminals with UGS-polled (allows for not polling terminals with UGS-only services)only services)
Uplink Services - Uplink Services - rtPSrtPS
bullbull Intended for Intended for rtrt-VBR-like service flows such as-VBR-like service flows such asMPEG videoMPEG video
bullbull Prohibited from using any contention requestsProhibited from using any contention requestsbullbull Terminals polled frequently enough to meetTerminals polled frequently enough to meet
the delay requirements of the the delay requirements of the SFsSFsbullbull Bandwidth requested with BW requestBandwidth requested with BW request
messages (a special MAC PDU header)messages (a special MAC PDU header)bullbull May use Grant Management sub-headerMay use Grant Management sub-header
ndashndash new request can be piggybacked with eachnew request can be piggybacked with eachtransmitted PDUtransmitted PDU
Uplink Service - Uplink Service - nrtPSnrtPS
bullbull Intended for non-real-time service flows withIntended for non-real-time service flows withbetter than best effort servicebetter than best effort servicendashndash eg bandwidth-intensive file transfer eg bandwidth-intensive file transfer
bullbull Works like Works like rtrt-polling except that polls are-polling except that polls areissued less frequentlyissued less frequently
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
Uplink Service - BEUplink Service - BE
bullbull Generic dataGeneric datandashndash eg HTTP SMTP etceg HTTP SMTP etc
bullbull No QoS guaranteesNo QoS guarantees
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
RequestGrant SchemeRequestGrant Scheme
bullbull Self CorrectingSelf Correctingndashndash No acknowledgementNo acknowledgement
ndashndash All errors are handled in the same way ieAll errors are handled in the same way ieperiodical aggregate requestsperiodical aggregate requests
bullbull Bandwidth Requests are always per ConnectionBandwidth Requests are always per Connection
bullbull Grants are either per Connection (GPC) or perGrants are either per Connection (GPC) or perSubscriber Station (GPSS)Subscriber Station (GPSS)
ndashndash Grants (given as Grants (given as durationsdurations) are carried in the) are carried in theUL-MAP messagesUL-MAP messages
ndashndash SS needs to convert the time to amount of dataSS needs to convert the time to amount of datausing information about the UIUCusing information about the UIUC
GPSS vs GPCGPSS vs GPCbullbull Bandwidth Grant per Subscriber Station (GPSS)Bandwidth Grant per Subscriber Station (GPSS)
ndashndash Base station grants bandwidth to the subscriber stationBase station grants bandwidth to the subscriber stationndashndash Subscriber station may re-distribute bandwidth among itsSubscriber station may re-distribute bandwidth among its
connections maintaining QoS and service-levelconnections maintaining QoS and service-levelagreementsagreements
ndashndash Suitable for many connections per terminal off-loadingSuitable for many connections per terminal off-loadingbase stationrsquos workbase stationrsquos work
ndashndash Allows more sophisticated reaction to QoS needsAllows more sophisticated reaction to QoS needsndashndash Low overhead but requires intelligent subscriber stationLow overhead but requires intelligent subscriber stationndashndash Mandatory for P80216 10-66 GHz PHYMandatory for P80216 10-66 GHz PHY
bullbull Bandwidth Grant per Connection (GPC)Bandwidth Grant per Connection (GPC)ndashndash Base station grants bandwidth to a connectionBase station grants bandwidth to a connectionndashndash Mostly suitable for few users per subscriber stationMostly suitable for few users per subscriber stationndashndash Higher overhead but allows simpler subscriber stationHigher overhead but allows simpler subscriber station
Bandwidth RequestsBandwidth Requestsbullbull Come from the Come from the ConnectionConnection
bullbull Several kinds of requestsSeveral kinds of requestsndashndash Implicit requests (UGS)Implicit requests (UGS)
bullbull No actual messages negotiated at connection setupNo actual messages negotiated at connection setup
ndashndash BW request messagesBW request messagesbullbull Uses the special BW request headerUses the special BW request header
bullbull Requests up to 32 KB with a single messageRequests up to 32 KB with a single message
bullbull Incremental or aggregate as indicated by MAC headerIncremental or aggregate as indicated by MAC header
ndashndash Piggybacked request (for non-UGS services only)Piggybacked request (for non-UGS services only)bullbull Presented in GM sub-header and always incrementalPresented in GM sub-header and always incremental
bullbull Up to 32 KB per request for the CIDUp to 32 KB per request for the CID
ndashndash Poll-Me bit (for UGS services only)Poll-Me bit (for UGS services only)bullbull Used by the SS to request a bandwidth poll for non-UGS servicesUsed by the SS to request a bandwidth poll for non-UGS services
BW Request MessageBW Request Message
Maintaining QoS in GPSSMaintaining QoS in GPSSbullbull Semi-distributed approachSemi-distributed approachbullbull BS sees the requests for each connectionBS sees the requests for each connection
based on this grants bandwidth (BW) to thebased on this grants bandwidth (BW) to theSSsSSs (maintaining QoS and fairness) (maintaining QoS and fairness)
bullbull SS scheduler maintains QoS among itsSS scheduler maintains QoS among itsconnections and is responsible to share theconnections and is responsible to share theBW among the connections (maintaining QoSBW among the connections (maintaining QoSand fairness)and fairness)
bullbull Algorithm in BS and SS can be very differentAlgorithm in BS and SS can be very differentSS may use BW in a way unforeseen by theSS may use BW in a way unforeseen by theBSBS
SS initializationSS initializationbullbull Scan forScan for downlink downlink channel and establish channel and establish
synchronization with the BSsynchronization with the BS
bullbull Obtain transmit parameters (from UCD message)Obtain transmit parameters (from UCD message)
bullbull Perform rangingPerform ranging
bullbull Negotiate basic capabilitiesNegotiate basic capabilities
bullbull Authorize SS and perform key exchangeAuthorize SS and perform key exchange
bullbull Perform registrationPerform registration
bullbull Establish IP connectivityEstablish IP connectivity
bullbull Establish time of dayEstablish time of day
bullbull Transfer operational parametersTransfer operational parameters
bullbull Set up connectionsSet up connections
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
IEEE 80216 HistoryIEEE 80216 History
bullbull SponsorsSponsorsbullbull IEEE Computer SocietyIEEE Computer Society
bullbull IEEE Microwave Theory and Techniques SocietyIEEE Microwave Theory and Techniques Society
bullbull Project Development Summer 1998Project Development Summer 1998
bullbull IEEE 802 Tutorial November 1998IEEE 802 Tutorial November 1998
bullbull IEEE Study GroupIEEE Study Groupbullbull November 1998-March 1999November 1998-March 1999
bullbull Session 1 July 1999Session 1 July 1999
bullbull Session 16 November 2001Session 16 November 2001
IEEE 80216 by the NumbersIEEE 80216 by the Numbers
bullbull 163 Members163 Members
bullbull 67 ldquoPotential Membersrdquo67 ldquoPotential Membersrdquo
bullbull 62 Official Observers62 Official Observers
bullbull 700 different individuals have attended a700 different individuals have attended asessionsession
bullbull 28 Million file downloads in year 200028 Million file downloads in year 2000
bullbull Members and Potential Members fromMembers and Potential Members frombullbull 10 countries10 countries
bullbull gt110 companiesgt110 companies
IEEE 80216 ProjectsIEEE 80216 Projectsbullbull Air Interface (Air Interface (PHYsPHYs with common MAC) with common MAC)
bullbull P80216 10-66 GHzP80216 10-66 GHzbullbull Completed IEEE Sponsor BallotCompleted IEEE Sponsor Ballot
bullbull On On RevCom RevCom agenda for December 5 2001agenda for December 5 2001
bullbull P80216a 2-11 GHzP80216a 2-11 GHzbullbull Licensed bands onlyLicensed bands only
bullbull Expect OK to launch WG Letter Ballot this weekExpect OK to launch WG Letter Ballot this week
bullbull P80216b 5-6 GHzP80216b 5-6 GHzbullbull License-exempt (ldquoLicense-exempt (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
bullbull Expect OK to launch WG Letter Ballot this weekExpect OK to launch WG Letter Ballot this week
bullbull CoexistenceCoexistencebullbull IEEE 802162 (10-66 GHz)IEEE 802162 (10-66 GHz)
bullbull Published in September 2001Published in September 2001
bullbull P802162a amendment w 2-11 P802162a amendment w 2-11 GHz GHz licensedlicensed
IEEE P80216IEEE P80216
Standard Air Interface for FixedStandard Air Interface for FixedBroadband Wireless AccessBroadband Wireless Access
SystemsSystems
IEEE P80216 HistoryIEEE P80216 Historybullbull July-September 1999July-September 1999 Functional Requirements Functional Requirements
bullbull November 1999November 1999 Proposals (14 for MAC) Proposals (14 for MAC)
bullbull January 2000January 2000 2 Consolidated Proposals 2 Consolidated Proposalsndashndash 1 MAC proposal based on DOCSIS1 MAC proposal based on DOCSIS
ndashndash 1 not1 not
bullbull May 2000May 2000 Plan to Merge 2 Proposals Plan to Merge 2 Proposals
bullbull August 2000August 2000 Rev 0 Rev 0
bullbull until February 2001until February 2001 Working Group Review Working Group Reviewndashndash formal comment processformal comment process
bullbull February-August 2001February-August 2001 WG Letter Ballot WG Letter Ballot
bullbull August-October 2001August-October 2001 IEEE Sponsor Ballot IEEE Sponsor Ballot
bullbull 5 December 20015 December 2001 RevCom RevCom approval agendaapproval agenda
P80216 ScopeP80216 Scope
Specifies the Specifies the air interfaceair interface including the medium including the mediumaccess control layer (access control layer (MACMAC) and physical layer) and physical layer((PHYPHY) of ) of fixedfixed point-to-multipointpoint-to-multipoint broadband broadbandwireless access systems providing wireless access systems providing multiplemultipleservicesservices The medium access control layer is The medium access control layer iscapable of supporting capable of supporting multiple physical layermultiple physical layerspecifications optimized for the frequency bands ofspecifications optimized for the frequency bands ofthe application The standard includes a the application The standard includes a particularparticularphysical layerphysical layer specification broadly applicable to specification broadly applicable tosystems operating systems operating between 10 and 66 GHzbetween 10 and 66 GHz
Point-to-MultipointPoint-to-Multipoint
Wireless MAN not a LANWireless MAN not a LANbullbull Base Station (BS) connected to public networksBase Station (BS) connected to public networks
bullbull BS serves Subscriber Stations (BS serves Subscriber Stations (SSsSSs))ndashndash BS and SS are stationaryBS and SS are stationary
ndashndash SS typically serves a building (business or residence)SS typically serves a building (business or residence)
ndashndash provide SS with first-mile access to public networksprovide SS with first-mile access to public networks
bullbull Multiple services with different Multiple services with different QoSQoS priority prioritysimultaneouslysimultaneously
Reference ModelReference Model
PHY Considerations thatPHY Considerations that
Effect the MAC (10-66 Effect the MAC (10-66 GHzGHz))bullbull Broadband ChannelsBroadband Channels
ndashndash Wide channels (20 25 or 28 MHz)Wide channels (20 25 or 28 MHz)ndashndash High capacity ndash Downlink High capacity ndash Downlink AND AND UplinkUplink
bullbull Multiple AccessMultiple Accessndashndash TDMTDMATDMTDMAndashndash High rate burst modemsHigh rate burst modems
bullbull Adaptive Burst Profiles onAdaptive Burst Profiles on Uplink Uplink and and Downlink Downlinkbullbull Duplex scheme agnosticDuplex scheme agnostic
ndashndash Time-Division Duplex (TDD)Time-Division Duplex (TDD)ndashndash Frequency-Division Duplex (FDD) [including Burst FDD]Frequency-Division Duplex (FDD) [including Burst FDD]
bullbull Support for Half-Duplex TerminalsSupport for Half-Duplex Terminals
Adaptive PHYAdaptive PHY
(burst-by-burst(burst-by-burst adaptivity adaptivity not shown) not shown)
Adaptive Burst ProfilesAdaptive Burst Profiles
bullbull Burst profileBurst profilendashndash Modulation and FECModulation and FEC
bullbull Dynamically assigned according to link conditionsDynamically assigned according to link conditionsndashndash Burst by burst per subscriber stationBurst by burst per subscriber station
ndashndash Trade-off capacity vs robustness in Trade-off capacity vs robustness in real timereal time
bullbull Roughly doubled capacity for the same cell areaRoughly doubled capacity for the same cell area
bullbull Burst profile for Burst profile for downlinkdownlink broadcast channel is well- broadcast channel is well-knownknownndashndash All other burst profiles could be configured ldquoon the flyrdquoAll other burst profiles could be configured ldquoon the flyrdquo
ndashndash Subscriber station capabilities recognized at registrationSubscriber station capabilities recognized at registration
Duplex Scheme SupportDuplex Scheme Support
bullbull OnOn downlink downlink SS is associated with a specific burst SS is associated with a specific burstbullbull OnOn uplink uplink SS is allotted a variable length time slot SS is allotted a variable length time slot
for their transmissionsfor their transmissionsbullbull Time-Division Duplex (TDD)Time-Division Duplex (TDD)
ndashndash DownlinkDownlink amp amp Uplink Uplink time share the same RF channel time share the same RF channelndashndash Dynamic asymmetryDynamic asymmetryndashndash SS does not transmit amp receive simultaneously (low cost)SS does not transmit amp receive simultaneously (low cost)
bullbull Frequency-Division Duplex (FDD)Frequency-Division Duplex (FDD)ndashndash DownlinkDownlink amp amp Uplink Uplink on separate RF channels on separate RF channelsndashndash Static asymmetryStatic asymmetryndashndash Half-duplex Half-duplex SSsSSs supported supported
bullbull SS does not transmit amp receive simultaneously (low cost)SS does not transmit amp receive simultaneously (low cost)
TDD Frame (10-66 TDD Frame (10-66 GHzGHz))
TDD Downlink TDD Downlink SubframeSubframe
DIUC Downlink Interval Usage Code
Burst FDD FramingBurst FDD Framing
frame
Broadcast
Full Duplex Capable User
Half Duplex Terminal 1
Half Duplex Terminal 2
UPLINK
DOWNLINK
Allows scheduling flexibility
FDD Downlink FDD Downlink SubframeSubframe
TDMA portion transmits data to some half-duplex SSs (the onesscheduled to transmit earlier in the frame than they receive)
bull Need preamble to re-sync (carrier phase)
Baud Rates amp Channel SizeBaud Rates amp Channel Size
(10-66 (10-66 GHzGHz))bullbull Flexible plan - allows equipmentFlexible plan - allows equipment
manufactures to choose according tomanufactures to choose according tospectrum requirementsspectrum requirements
QPSK QPSK 16-QAM16-QAM 64-QAM64-QAMChannelChannel SymbolSymbol Bit Rate Bit Rate Bit Rate Bit Rate Bit RateBit RateWidthWidth RateRate (MHz)(MHz) ((MsymMsyms)s) ((MbitMbits) s) ((MbitMbits)s) ((MbitMbits)s)
2020 1616 3232 6464 969625 25 2020 40 40 80 80 12012028 28 224224 448 448 896 896 13441344
MAC RequirementsMAC Requirementsbullbull Provide Network AccessProvide Network Accessbullbull Address the Address the Wireless Wireless environmentenvironment
ndashndash eg very efficient use of spectrum eg very efficient use of spectrum
bullbull Broadband servicesBroadband servicesndashndash Very high bit rates downlink and uplinkVery high bit rates downlink and uplinkndashndash A range of QoS requirementsA range of QoS requirementsndashndash Ethernet IPv4 IPv6 ATM Ethernet IPv4 IPv6 ATM
bullbull Likelihood of terminal being sharedLikelihood of terminal being sharedndashndash Base Station may be heavily loadedBase Station may be heavily loaded
bullbull SecuritySecuritybullbull Protocol-Independent EngineProtocol-Independent Engine
ndashndash Convergence layers to ATM IP Ethernet Convergence layers to ATM IP Ethernet
bullbull Support both TDD and FDD in the PHYSupport both TDD and FDD in the PHY
80216 MAC Overview80216 MAC Overviewbullbull Point-to-MultipointPoint-to-Multipointbullbull Metropolitan Area NetworkMetropolitan Area Networkbullbull Connection-orientedConnection-orientedbullbull Supports difficult user environmentsSupports difficult user environments
ndashndash High bandwidth hundreds of users per channelHigh bandwidth hundreds of users per channelndashndash Continuous and burst trafficContinuous and burst trafficndashndash Very efficient use of spectrumVery efficient use of spectrum
bullbull Protocol-Independent core (ATM IP Ethernet hellip)Protocol-Independent core (ATM IP Ethernet hellip)bullbull Balances between stability of Balances between stability of contentionlesscontentionless and and
efficiency of contention-based operationefficiency of contention-based operationbullbull Flexible QoS offeringsFlexible QoS offerings
ndashndash CBR CBR rtrt-VBR -VBR nrtnrt-VBR BE with granularity within classes-VBR BE with granularity within classes
bullbull Supports multiple 80216 Supports multiple 80216 PHYsPHYs
Relationship to DOCSISRelationship to DOCSIS
bullbull ManagementManagementndashndash Dynamic service ldquoeditingrdquo protocol (AddChangeDelete)Dynamic service ldquoeditingrdquo protocol (AddChangeDelete)ndashndash Management message payload formatManagement message payload format
bullbull SecuritySecurityndashndash Authentication and PrivacyAuthentication and Privacy
bullbull Polling categoriesPolling categoriesbullbull Initial AccessInitial Access
ndashndash Slightly modified allowing terminal capability negotiationSlightly modified allowing terminal capability negotiation
bullbull Core MAC protocol engine is new design forCore MAC protocol engine is new design forWireless Metropolitan Area NetworksWireless Metropolitan Area Networks
DefinitionsDefinitionsbullbull Service Data Unit (SDU)Service Data Unit (SDU)
ndashndash Data units exchanged between adjacent layersData units exchanged between adjacent layers
bullbull Protocol Data Unit (PDU)Protocol Data Unit (PDU)ndashndash Data units exchanged between peer entitiesData units exchanged between peer entities
bullbull Connection and Connection IDConnection and Connection IDndashndash a unidirectional mapping between MAC peersa unidirectional mapping between MAC peers
over the over the airlinkairlink (uniquely identified by a CID) (uniquely identified by a CID)
bullbull Service Flow and Service Flow IDService Flow and Service Flow IDndashndash a unidirectional flow of MAC a unidirectional flow of MAC PDUsPDUs on a on a
connection that provides a particular QoSconnection that provides a particular QoS(uniquely identified by a SFID)(uniquely identified by a SFID)
ATM Convergence SublayerATM Convergence Sublayer
bullbull Support forSupport forndashndash VP (Virtual Path) switched connectionsVP (Virtual Path) switched connections
ndashndash VC (Virtual Channel) switched connectionsVC (Virtual Channel) switched connections
bullbull Support for end-to-end signaling ofSupport for end-to-end signaling ofdynamically created connectionsdynamically created connectionsndashndash SVCsSVCs
ndashndash soft soft PVCsPVCs
bullbull ATM header suppressionATM header suppression
bullbull Full QoS supportFull QoS support
Packet Convergence SublayerPacket Convergence Sublayer
bullbull Initial support for Ethernet IPv4 and IPv6Initial support for Ethernet IPv4 and IPv6
bullbull Payload header suppressionPayload header suppressionndashndash generic plus IP-specificgeneric plus IP-specific
bullbull Full QoS supportFull QoS support
bullbull Possible future support forPossible future support forndashndash PPPPPP
ndashndash MPLSMPLS
ndashndash etcetc
MAC AddressingMAC Addressing
bullbull SS has 48-bit IEEE MAC AddressSS has 48-bit IEEE MAC Address
bullbull BS has 48-bit Base Station IDBS has 48-bit Base Station IDndashndash Not a MAC addressNot a MAC address
ndashndash 24-bit operator indicator24-bit operator indicator
bullbull 16-bit Connection ID (CID)16-bit Connection ID (CID)ndashndash Used in MAC Used in MAC PDUsPDUs
MAC PDU TransmissionMAC PDU Transmission
bullbull MACMAC PDUs PDUs are transmitted in PHY bursts are transmitted in PHY bursts
bullbull A single PHY burst can contain multipleA single PHY burst can contain multipleConcatenated Concatenated MACMAC PDUs PDUs
bullbull The PHY burst can contain multiple FECThe PHY burst can contain multiple FECblocksblocks
bullbull MAC MAC PDUsPDUs may span FEC block boundaries may span FEC block boundaries
bullbull The TC layer between the MAC and theThe TC layer between the MAC and thePHY allows for capturing the start of the nextPHY allows for capturing the start of the nextMAC PDU in case of erroneous FEC blocksMAC PDU in case of erroneous FEC blocks
MAC PDU TransmissionMAC PDU Transmission
Preamble FEC block
Burst
MAC PDUs PDU 1 PDU 2 PDU 3 PDU 4 PDU 5
FEC 1 FEC 2 FEC 3
MAC PDUs
P
P
MAC Message SDU 1 SDU 2
MAC PDU formatMAC PDU format
bullbull The Generic MAC header has fixed formatThe Generic MAC header has fixed formatbullbull One or more MAC sub-headers may be part of theOne or more MAC sub-headers may be part of the
payloadpayloadbullbull The presence of sub-headers is indicated by a TypeThe presence of sub-headers is indicated by a Type
field in the Generic MAC headerfield in the Generic MAC header
Generic MAC HeaderGeneric MAC Header
FragmentationFragmentationbullbull Partitioning a MAC SDU into fragments transportedPartitioning a MAC SDU into fragments transported
in multiple MACin multiple MAC PDUs PDUs
bullbull Each connection can be in only a singleEach connection can be in only a singlefragmentation state at any timefragmentation state at any time
bullbull Contents of the fragmentation sub-headerContents of the fragmentation sub-header
ndashndash 2-bit Fragmentation Control (FC)2-bit Fragmentation Control (FC)bullbull UnfragmentedUnfragmented Last fragment First fragment Last fragment First fragment
Continuing fragmentContinuing fragment
ndashndash 3-bit Fragmentation Sequence Number (FSN)3-bit Fragmentation Sequence Number (FSN)bullbull required to detect missing continuing fragmentsrequired to detect missing continuing fragments
bullbull continuous counter across continuous counter across SDUsSDUs
PackingPacking
bullbull The process of combining multiple MACThe process of combining multiple MAC SDUs SDUs(or fragments thereof) into a single MAC PDU(or fragments thereof) into a single MAC PDU
bullbull On connections with variable length MAC On connections with variable length MAC SDUsSDUsndashndash Packed PDU contains a sub-header for each packedPacked PDU contains a sub-header for each packed
SDU (or fragment thereof)SDU (or fragment thereof)
bullbull On connections with fixed length MAC On connections with fixed length MAC SDUsSDUsndashndash No packing sub-header neededNo packing sub-header needed
bullbull Packing and fragmentation can be combinedPacking and fragmentation can be combined
bullbull Can in certain situations save up to 10 ofCan in certain situations save up to 10 ofsystem bandwidthsystem bandwidth
Packing Fixed-Length Packing Fixed-Length SDUsSDUs
Packing Variable-Length Packing Variable-Length SDUsSDUs
bullbull2 Byte Packing Sub-Header before each SDU2 Byte Packing Sub-Header before each SDUbullbullLength of the SDU 11 bitsLength of the SDU 11 bitsbullbullfragmentation control (FC) 2 bitsfragmentation control (FC) 2 bitsbullbullfragmentation sequence number (FS) 3 bitsfragmentation sequence number (FS) 3 bits
Packing with FragmentationPacking with Fragmentation
Downlink transmissionsDownlink transmissionsbullbull Two kinds of bursts TDM and TDMATwo kinds of bursts TDM and TDMA
bullbull All bursts are identified by a DIUCAll bursts are identified by a DIUC
ndashndash DownlinkDownlink Interval Usage Code Interval Usage Code
bullbull TDMA bursts haveTDMA bursts have resync resync preamble preamblendashndash allows for more flexible schedulingallows for more flexible scheduling
bullbull Each terminal listens to all bursts at its operationalEach terminal listens to all bursts at its operationalIUC or at a more robust one except when told toIUC or at a more robust one except when told totransmittransmit
bullbull Each burst may contain data for several terminalsEach burst may contain data for several terminals
bullbull SS must recognize the SS must recognize the PDUsPDUs with known CIDs with known CIDs
bullbull DL-MAP message signals downlink usageDL-MAP message signals downlink usage
Downlink Channel DescriptorDownlink Channel Descriptor
bullbull Used for advertising downlink burst profilesUsed for advertising downlink burst profiles
bullbull Burst profile of DL broadcast channel is well-Burst profile of DL broadcast channel is well-knownknown
bullbull All others are acquiredAll others are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the flywithout interrupting the servicewithout interrupting the servicendashndash Not intended as super-adaptive modulationNot intended as super-adaptive modulation
bullbull Establishes association between DIUC andEstablishes association between DIUC andactual PHY parametersactual PHY parameters
Burst profilesBurst profilesbullbull Each burst profile hasEach burst profile has
mandatory exit thresholdmandatory exit thresholdand minimum entryand minimum entrythresholdthreshold
bullbull SS allowed to request a lessSS allowed to request a lessrobust DIUC once above therobust DIUC once above theminimum entry levelminimum entry level
bullbull SS must request fall back toSS must request fall back tomore robust DIUC once atmore robust DIUC once atmandatory exit thresholdmandatory exit threshold
bullbull Requests to change DIUCRequests to change DIUCdone with DBPC-REQ ordone with DBPC-REQ orRNG-REQ messagesRNG-REQ messages
Downlink Map MessageDownlink Map Message
bullbull DL-MAP message defines usage ofDL-MAP message defines usage ofdownlink and contains carrier-specific datadownlink and contains carrier-specific data
bullbull DL-MAP is first message in each frameDL-MAP is first message in each frame
bullbull Decoding very time-criticalDecoding very time-criticalndashndash typically done in hardwaretypically done in hardware
bullbull Entries denote instants when the burstEntries denote instants when the burstprofile changesprofile changes
Uplink TransmissionsUplink Transmissionsbullbull Invited transmissionsInvited transmissions
bullbull Transmissions in contention slotsTransmissions in contention slotsndashndash Bandwidth requestsBandwidth requests
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Transmissions in initial ranging slotsTransmissions in initial ranging slotsndashndash Ranging Requests (RNG-REQ)Ranging Requests (RNG-REQ)
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Bursts defined by Bursts defined by UIUCsUIUCs
bullbull Transmissions allocated by the UL-MAP messageTransmissions allocated by the UL-MAP message
bullbull All transmissions have synchronization preambleAll transmissions have synchronization preamble
bullbull Ideally all data from a single SS is concatenated intoIdeally all data from a single SS is concatenated intoa single PHY bursta single PHY burst
Uplink Channel DescriptorUplink Channel Descriptor
bullbull Defines uplink burst profilesDefines uplink burst profiles
bullbull Sent regularlySent regularly
bullbull All Uplink Burst profiles are acquiredAll Uplink Burst profiles are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the fly
bullbull Establishes association between UIUCEstablishes association between UIUCand actual PHY parametersand actual PHY parameters
Uplink MAP MessageUplink MAP Message
bullbull UL-MAP message defines usage of the uplinkUL-MAP message defines usage of the uplink
bullbull Contains the grantsContains the grants
bullbull Grants addressed to the SSGrants addressed to the SS
bullbull Time given in mini-slotsTime given in mini-slotsndashndash unit ofunit of uplink uplink bandwidth allocation bandwidth allocation
ndashndash 22mm physical slots physical slotsbullbull in 10-66in 10-66 GHz GHz PHY physical slot is 4 symbols PHY physical slot is 4 symbols
bullbull TTime expressed as arrival time at BSime expressed as arrival time at BS
Classes of Uplink ServiceClasses of Uplink ServiceCharacteristic of the Service FlowCharacteristic of the Service Flow
bullbull Unsolicited Grant Services (UGS)Unsolicited Grant Services (UGS)ndashndash for constant bit-rate (CBR) or CBR-like servicefor constant bit-rate (CBR) or CBR-like service
flows (flows (SFsSFs) such as T1E1) such as T1E1
bullbull Real-time Polling Services (Real-time Polling Services (rtPSrtPS))ndashndash for for rtrt-VBR-like -VBR-like SFsSFs such as MPEG video such as MPEG video
bullbull Non-real-time Polling Services (Non-real-time Polling Services (nrtPSnrtPS))ndashndash for for nrtnrt SFsSFs with better than best effort service with better than best effort service
such as bandwidth-intensive file transfersuch as bandwidth-intensive file transfer
bullbull Best Effort (BE)Best Effort (BE)ndashndash for best-effort trafficfor best-effort traffic
Uplink Services - UGSUplink Services - UGS
bullbull No explicit bandwidth requests issued by SSNo explicit bandwidth requests issued by SS
bullbull Prohibited from using any contention requestsProhibited from using any contention requests
bullbull No No unicast unicast request opportunity providedrequest opportunity provided
bullbull May include a Grant Management (GM) sub-May include a Grant Management (GM) sub-header containingheader containingndashndash Slip indicator indicates that there is an backlog inSlip indicator indicates that there is an backlog in
the buffer due to clock skew or loss of mapsthe buffer due to clock skew or loss of maps
ndashndash Poll-me bit indicates that the terminal needs to bePoll-me bit indicates that the terminal needs to bepolled (allows for not polling terminals with UGS-polled (allows for not polling terminals with UGS-only services)only services)
Uplink Services - Uplink Services - rtPSrtPS
bullbull Intended for Intended for rtrt-VBR-like service flows such as-VBR-like service flows such asMPEG videoMPEG video
bullbull Prohibited from using any contention requestsProhibited from using any contention requestsbullbull Terminals polled frequently enough to meetTerminals polled frequently enough to meet
the delay requirements of the the delay requirements of the SFsSFsbullbull Bandwidth requested with BW requestBandwidth requested with BW request
messages (a special MAC PDU header)messages (a special MAC PDU header)bullbull May use Grant Management sub-headerMay use Grant Management sub-header
ndashndash new request can be piggybacked with eachnew request can be piggybacked with eachtransmitted PDUtransmitted PDU
Uplink Service - Uplink Service - nrtPSnrtPS
bullbull Intended for non-real-time service flows withIntended for non-real-time service flows withbetter than best effort servicebetter than best effort servicendashndash eg bandwidth-intensive file transfer eg bandwidth-intensive file transfer
bullbull Works like Works like rtrt-polling except that polls are-polling except that polls areissued less frequentlyissued less frequently
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
Uplink Service - BEUplink Service - BE
bullbull Generic dataGeneric datandashndash eg HTTP SMTP etceg HTTP SMTP etc
bullbull No QoS guaranteesNo QoS guarantees
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
RequestGrant SchemeRequestGrant Scheme
bullbull Self CorrectingSelf Correctingndashndash No acknowledgementNo acknowledgement
ndashndash All errors are handled in the same way ieAll errors are handled in the same way ieperiodical aggregate requestsperiodical aggregate requests
bullbull Bandwidth Requests are always per ConnectionBandwidth Requests are always per Connection
bullbull Grants are either per Connection (GPC) or perGrants are either per Connection (GPC) or perSubscriber Station (GPSS)Subscriber Station (GPSS)
ndashndash Grants (given as Grants (given as durationsdurations) are carried in the) are carried in theUL-MAP messagesUL-MAP messages
ndashndash SS needs to convert the time to amount of dataSS needs to convert the time to amount of datausing information about the UIUCusing information about the UIUC
GPSS vs GPCGPSS vs GPCbullbull Bandwidth Grant per Subscriber Station (GPSS)Bandwidth Grant per Subscriber Station (GPSS)
ndashndash Base station grants bandwidth to the subscriber stationBase station grants bandwidth to the subscriber stationndashndash Subscriber station may re-distribute bandwidth among itsSubscriber station may re-distribute bandwidth among its
connections maintaining QoS and service-levelconnections maintaining QoS and service-levelagreementsagreements
ndashndash Suitable for many connections per terminal off-loadingSuitable for many connections per terminal off-loadingbase stationrsquos workbase stationrsquos work
ndashndash Allows more sophisticated reaction to QoS needsAllows more sophisticated reaction to QoS needsndashndash Low overhead but requires intelligent subscriber stationLow overhead but requires intelligent subscriber stationndashndash Mandatory for P80216 10-66 GHz PHYMandatory for P80216 10-66 GHz PHY
bullbull Bandwidth Grant per Connection (GPC)Bandwidth Grant per Connection (GPC)ndashndash Base station grants bandwidth to a connectionBase station grants bandwidth to a connectionndashndash Mostly suitable for few users per subscriber stationMostly suitable for few users per subscriber stationndashndash Higher overhead but allows simpler subscriber stationHigher overhead but allows simpler subscriber station
Bandwidth RequestsBandwidth Requestsbullbull Come from the Come from the ConnectionConnection
bullbull Several kinds of requestsSeveral kinds of requestsndashndash Implicit requests (UGS)Implicit requests (UGS)
bullbull No actual messages negotiated at connection setupNo actual messages negotiated at connection setup
ndashndash BW request messagesBW request messagesbullbull Uses the special BW request headerUses the special BW request header
bullbull Requests up to 32 KB with a single messageRequests up to 32 KB with a single message
bullbull Incremental or aggregate as indicated by MAC headerIncremental or aggregate as indicated by MAC header
ndashndash Piggybacked request (for non-UGS services only)Piggybacked request (for non-UGS services only)bullbull Presented in GM sub-header and always incrementalPresented in GM sub-header and always incremental
bullbull Up to 32 KB per request for the CIDUp to 32 KB per request for the CID
ndashndash Poll-Me bit (for UGS services only)Poll-Me bit (for UGS services only)bullbull Used by the SS to request a bandwidth poll for non-UGS servicesUsed by the SS to request a bandwidth poll for non-UGS services
BW Request MessageBW Request Message
Maintaining QoS in GPSSMaintaining QoS in GPSSbullbull Semi-distributed approachSemi-distributed approachbullbull BS sees the requests for each connectionBS sees the requests for each connection
based on this grants bandwidth (BW) to thebased on this grants bandwidth (BW) to theSSsSSs (maintaining QoS and fairness) (maintaining QoS and fairness)
bullbull SS scheduler maintains QoS among itsSS scheduler maintains QoS among itsconnections and is responsible to share theconnections and is responsible to share theBW among the connections (maintaining QoSBW among the connections (maintaining QoSand fairness)and fairness)
bullbull Algorithm in BS and SS can be very differentAlgorithm in BS and SS can be very differentSS may use BW in a way unforeseen by theSS may use BW in a way unforeseen by theBSBS
SS initializationSS initializationbullbull Scan forScan for downlink downlink channel and establish channel and establish
synchronization with the BSsynchronization with the BS
bullbull Obtain transmit parameters (from UCD message)Obtain transmit parameters (from UCD message)
bullbull Perform rangingPerform ranging
bullbull Negotiate basic capabilitiesNegotiate basic capabilities
bullbull Authorize SS and perform key exchangeAuthorize SS and perform key exchange
bullbull Perform registrationPerform registration
bullbull Establish IP connectivityEstablish IP connectivity
bullbull Establish time of dayEstablish time of day
bullbull Transfer operational parametersTransfer operational parameters
bullbull Set up connectionsSet up connections
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
IEEE 80216 by the NumbersIEEE 80216 by the Numbers
bullbull 163 Members163 Members
bullbull 67 ldquoPotential Membersrdquo67 ldquoPotential Membersrdquo
bullbull 62 Official Observers62 Official Observers
bullbull 700 different individuals have attended a700 different individuals have attended asessionsession
bullbull 28 Million file downloads in year 200028 Million file downloads in year 2000
bullbull Members and Potential Members fromMembers and Potential Members frombullbull 10 countries10 countries
bullbull gt110 companiesgt110 companies
IEEE 80216 ProjectsIEEE 80216 Projectsbullbull Air Interface (Air Interface (PHYsPHYs with common MAC) with common MAC)
bullbull P80216 10-66 GHzP80216 10-66 GHzbullbull Completed IEEE Sponsor BallotCompleted IEEE Sponsor Ballot
bullbull On On RevCom RevCom agenda for December 5 2001agenda for December 5 2001
bullbull P80216a 2-11 GHzP80216a 2-11 GHzbullbull Licensed bands onlyLicensed bands only
bullbull Expect OK to launch WG Letter Ballot this weekExpect OK to launch WG Letter Ballot this week
bullbull P80216b 5-6 GHzP80216b 5-6 GHzbullbull License-exempt (ldquoLicense-exempt (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
bullbull Expect OK to launch WG Letter Ballot this weekExpect OK to launch WG Letter Ballot this week
bullbull CoexistenceCoexistencebullbull IEEE 802162 (10-66 GHz)IEEE 802162 (10-66 GHz)
bullbull Published in September 2001Published in September 2001
bullbull P802162a amendment w 2-11 P802162a amendment w 2-11 GHz GHz licensedlicensed
IEEE P80216IEEE P80216
Standard Air Interface for FixedStandard Air Interface for FixedBroadband Wireless AccessBroadband Wireless Access
SystemsSystems
IEEE P80216 HistoryIEEE P80216 Historybullbull July-September 1999July-September 1999 Functional Requirements Functional Requirements
bullbull November 1999November 1999 Proposals (14 for MAC) Proposals (14 for MAC)
bullbull January 2000January 2000 2 Consolidated Proposals 2 Consolidated Proposalsndashndash 1 MAC proposal based on DOCSIS1 MAC proposal based on DOCSIS
ndashndash 1 not1 not
bullbull May 2000May 2000 Plan to Merge 2 Proposals Plan to Merge 2 Proposals
bullbull August 2000August 2000 Rev 0 Rev 0
bullbull until February 2001until February 2001 Working Group Review Working Group Reviewndashndash formal comment processformal comment process
bullbull February-August 2001February-August 2001 WG Letter Ballot WG Letter Ballot
bullbull August-October 2001August-October 2001 IEEE Sponsor Ballot IEEE Sponsor Ballot
bullbull 5 December 20015 December 2001 RevCom RevCom approval agendaapproval agenda
P80216 ScopeP80216 Scope
Specifies the Specifies the air interfaceair interface including the medium including the mediumaccess control layer (access control layer (MACMAC) and physical layer) and physical layer((PHYPHY) of ) of fixedfixed point-to-multipointpoint-to-multipoint broadband broadbandwireless access systems providing wireless access systems providing multiplemultipleservicesservices The medium access control layer is The medium access control layer iscapable of supporting capable of supporting multiple physical layermultiple physical layerspecifications optimized for the frequency bands ofspecifications optimized for the frequency bands ofthe application The standard includes a the application The standard includes a particularparticularphysical layerphysical layer specification broadly applicable to specification broadly applicable tosystems operating systems operating between 10 and 66 GHzbetween 10 and 66 GHz
Point-to-MultipointPoint-to-Multipoint
Wireless MAN not a LANWireless MAN not a LANbullbull Base Station (BS) connected to public networksBase Station (BS) connected to public networks
bullbull BS serves Subscriber Stations (BS serves Subscriber Stations (SSsSSs))ndashndash BS and SS are stationaryBS and SS are stationary
ndashndash SS typically serves a building (business or residence)SS typically serves a building (business or residence)
ndashndash provide SS with first-mile access to public networksprovide SS with first-mile access to public networks
bullbull Multiple services with different Multiple services with different QoSQoS priority prioritysimultaneouslysimultaneously
Reference ModelReference Model
PHY Considerations thatPHY Considerations that
Effect the MAC (10-66 Effect the MAC (10-66 GHzGHz))bullbull Broadband ChannelsBroadband Channels
ndashndash Wide channels (20 25 or 28 MHz)Wide channels (20 25 or 28 MHz)ndashndash High capacity ndash Downlink High capacity ndash Downlink AND AND UplinkUplink
bullbull Multiple AccessMultiple Accessndashndash TDMTDMATDMTDMAndashndash High rate burst modemsHigh rate burst modems
bullbull Adaptive Burst Profiles onAdaptive Burst Profiles on Uplink Uplink and and Downlink Downlinkbullbull Duplex scheme agnosticDuplex scheme agnostic
ndashndash Time-Division Duplex (TDD)Time-Division Duplex (TDD)ndashndash Frequency-Division Duplex (FDD) [including Burst FDD]Frequency-Division Duplex (FDD) [including Burst FDD]
bullbull Support for Half-Duplex TerminalsSupport for Half-Duplex Terminals
Adaptive PHYAdaptive PHY
(burst-by-burst(burst-by-burst adaptivity adaptivity not shown) not shown)
Adaptive Burst ProfilesAdaptive Burst Profiles
bullbull Burst profileBurst profilendashndash Modulation and FECModulation and FEC
bullbull Dynamically assigned according to link conditionsDynamically assigned according to link conditionsndashndash Burst by burst per subscriber stationBurst by burst per subscriber station
ndashndash Trade-off capacity vs robustness in Trade-off capacity vs robustness in real timereal time
bullbull Roughly doubled capacity for the same cell areaRoughly doubled capacity for the same cell area
bullbull Burst profile for Burst profile for downlinkdownlink broadcast channel is well- broadcast channel is well-knownknownndashndash All other burst profiles could be configured ldquoon the flyrdquoAll other burst profiles could be configured ldquoon the flyrdquo
ndashndash Subscriber station capabilities recognized at registrationSubscriber station capabilities recognized at registration
Duplex Scheme SupportDuplex Scheme Support
bullbull OnOn downlink downlink SS is associated with a specific burst SS is associated with a specific burstbullbull OnOn uplink uplink SS is allotted a variable length time slot SS is allotted a variable length time slot
for their transmissionsfor their transmissionsbullbull Time-Division Duplex (TDD)Time-Division Duplex (TDD)
ndashndash DownlinkDownlink amp amp Uplink Uplink time share the same RF channel time share the same RF channelndashndash Dynamic asymmetryDynamic asymmetryndashndash SS does not transmit amp receive simultaneously (low cost)SS does not transmit amp receive simultaneously (low cost)
bullbull Frequency-Division Duplex (FDD)Frequency-Division Duplex (FDD)ndashndash DownlinkDownlink amp amp Uplink Uplink on separate RF channels on separate RF channelsndashndash Static asymmetryStatic asymmetryndashndash Half-duplex Half-duplex SSsSSs supported supported
bullbull SS does not transmit amp receive simultaneously (low cost)SS does not transmit amp receive simultaneously (low cost)
TDD Frame (10-66 TDD Frame (10-66 GHzGHz))
TDD Downlink TDD Downlink SubframeSubframe
DIUC Downlink Interval Usage Code
Burst FDD FramingBurst FDD Framing
frame
Broadcast
Full Duplex Capable User
Half Duplex Terminal 1
Half Duplex Terminal 2
UPLINK
DOWNLINK
Allows scheduling flexibility
FDD Downlink FDD Downlink SubframeSubframe
TDMA portion transmits data to some half-duplex SSs (the onesscheduled to transmit earlier in the frame than they receive)
bull Need preamble to re-sync (carrier phase)
Baud Rates amp Channel SizeBaud Rates amp Channel Size
(10-66 (10-66 GHzGHz))bullbull Flexible plan - allows equipmentFlexible plan - allows equipment
manufactures to choose according tomanufactures to choose according tospectrum requirementsspectrum requirements
QPSK QPSK 16-QAM16-QAM 64-QAM64-QAMChannelChannel SymbolSymbol Bit Rate Bit Rate Bit Rate Bit Rate Bit RateBit RateWidthWidth RateRate (MHz)(MHz) ((MsymMsyms)s) ((MbitMbits) s) ((MbitMbits)s) ((MbitMbits)s)
2020 1616 3232 6464 969625 25 2020 40 40 80 80 12012028 28 224224 448 448 896 896 13441344
MAC RequirementsMAC Requirementsbullbull Provide Network AccessProvide Network Accessbullbull Address the Address the Wireless Wireless environmentenvironment
ndashndash eg very efficient use of spectrum eg very efficient use of spectrum
bullbull Broadband servicesBroadband servicesndashndash Very high bit rates downlink and uplinkVery high bit rates downlink and uplinkndashndash A range of QoS requirementsA range of QoS requirementsndashndash Ethernet IPv4 IPv6 ATM Ethernet IPv4 IPv6 ATM
bullbull Likelihood of terminal being sharedLikelihood of terminal being sharedndashndash Base Station may be heavily loadedBase Station may be heavily loaded
bullbull SecuritySecuritybullbull Protocol-Independent EngineProtocol-Independent Engine
ndashndash Convergence layers to ATM IP Ethernet Convergence layers to ATM IP Ethernet
bullbull Support both TDD and FDD in the PHYSupport both TDD and FDD in the PHY
80216 MAC Overview80216 MAC Overviewbullbull Point-to-MultipointPoint-to-Multipointbullbull Metropolitan Area NetworkMetropolitan Area Networkbullbull Connection-orientedConnection-orientedbullbull Supports difficult user environmentsSupports difficult user environments
ndashndash High bandwidth hundreds of users per channelHigh bandwidth hundreds of users per channelndashndash Continuous and burst trafficContinuous and burst trafficndashndash Very efficient use of spectrumVery efficient use of spectrum
bullbull Protocol-Independent core (ATM IP Ethernet hellip)Protocol-Independent core (ATM IP Ethernet hellip)bullbull Balances between stability of Balances between stability of contentionlesscontentionless and and
efficiency of contention-based operationefficiency of contention-based operationbullbull Flexible QoS offeringsFlexible QoS offerings
ndashndash CBR CBR rtrt-VBR -VBR nrtnrt-VBR BE with granularity within classes-VBR BE with granularity within classes
bullbull Supports multiple 80216 Supports multiple 80216 PHYsPHYs
Relationship to DOCSISRelationship to DOCSIS
bullbull ManagementManagementndashndash Dynamic service ldquoeditingrdquo protocol (AddChangeDelete)Dynamic service ldquoeditingrdquo protocol (AddChangeDelete)ndashndash Management message payload formatManagement message payload format
bullbull SecuritySecurityndashndash Authentication and PrivacyAuthentication and Privacy
bullbull Polling categoriesPolling categoriesbullbull Initial AccessInitial Access
ndashndash Slightly modified allowing terminal capability negotiationSlightly modified allowing terminal capability negotiation
bullbull Core MAC protocol engine is new design forCore MAC protocol engine is new design forWireless Metropolitan Area NetworksWireless Metropolitan Area Networks
DefinitionsDefinitionsbullbull Service Data Unit (SDU)Service Data Unit (SDU)
ndashndash Data units exchanged between adjacent layersData units exchanged between adjacent layers
bullbull Protocol Data Unit (PDU)Protocol Data Unit (PDU)ndashndash Data units exchanged between peer entitiesData units exchanged between peer entities
bullbull Connection and Connection IDConnection and Connection IDndashndash a unidirectional mapping between MAC peersa unidirectional mapping between MAC peers
over the over the airlinkairlink (uniquely identified by a CID) (uniquely identified by a CID)
bullbull Service Flow and Service Flow IDService Flow and Service Flow IDndashndash a unidirectional flow of MAC a unidirectional flow of MAC PDUsPDUs on a on a
connection that provides a particular QoSconnection that provides a particular QoS(uniquely identified by a SFID)(uniquely identified by a SFID)
ATM Convergence SublayerATM Convergence Sublayer
bullbull Support forSupport forndashndash VP (Virtual Path) switched connectionsVP (Virtual Path) switched connections
ndashndash VC (Virtual Channel) switched connectionsVC (Virtual Channel) switched connections
bullbull Support for end-to-end signaling ofSupport for end-to-end signaling ofdynamically created connectionsdynamically created connectionsndashndash SVCsSVCs
ndashndash soft soft PVCsPVCs
bullbull ATM header suppressionATM header suppression
bullbull Full QoS supportFull QoS support
Packet Convergence SublayerPacket Convergence Sublayer
bullbull Initial support for Ethernet IPv4 and IPv6Initial support for Ethernet IPv4 and IPv6
bullbull Payload header suppressionPayload header suppressionndashndash generic plus IP-specificgeneric plus IP-specific
bullbull Full QoS supportFull QoS support
bullbull Possible future support forPossible future support forndashndash PPPPPP
ndashndash MPLSMPLS
ndashndash etcetc
MAC AddressingMAC Addressing
bullbull SS has 48-bit IEEE MAC AddressSS has 48-bit IEEE MAC Address
bullbull BS has 48-bit Base Station IDBS has 48-bit Base Station IDndashndash Not a MAC addressNot a MAC address
ndashndash 24-bit operator indicator24-bit operator indicator
bullbull 16-bit Connection ID (CID)16-bit Connection ID (CID)ndashndash Used in MAC Used in MAC PDUsPDUs
MAC PDU TransmissionMAC PDU Transmission
bullbull MACMAC PDUs PDUs are transmitted in PHY bursts are transmitted in PHY bursts
bullbull A single PHY burst can contain multipleA single PHY burst can contain multipleConcatenated Concatenated MACMAC PDUs PDUs
bullbull The PHY burst can contain multiple FECThe PHY burst can contain multiple FECblocksblocks
bullbull MAC MAC PDUsPDUs may span FEC block boundaries may span FEC block boundaries
bullbull The TC layer between the MAC and theThe TC layer between the MAC and thePHY allows for capturing the start of the nextPHY allows for capturing the start of the nextMAC PDU in case of erroneous FEC blocksMAC PDU in case of erroneous FEC blocks
MAC PDU TransmissionMAC PDU Transmission
Preamble FEC block
Burst
MAC PDUs PDU 1 PDU 2 PDU 3 PDU 4 PDU 5
FEC 1 FEC 2 FEC 3
MAC PDUs
P
P
MAC Message SDU 1 SDU 2
MAC PDU formatMAC PDU format
bullbull The Generic MAC header has fixed formatThe Generic MAC header has fixed formatbullbull One or more MAC sub-headers may be part of theOne or more MAC sub-headers may be part of the
payloadpayloadbullbull The presence of sub-headers is indicated by a TypeThe presence of sub-headers is indicated by a Type
field in the Generic MAC headerfield in the Generic MAC header
Generic MAC HeaderGeneric MAC Header
FragmentationFragmentationbullbull Partitioning a MAC SDU into fragments transportedPartitioning a MAC SDU into fragments transported
in multiple MACin multiple MAC PDUs PDUs
bullbull Each connection can be in only a singleEach connection can be in only a singlefragmentation state at any timefragmentation state at any time
bullbull Contents of the fragmentation sub-headerContents of the fragmentation sub-header
ndashndash 2-bit Fragmentation Control (FC)2-bit Fragmentation Control (FC)bullbull UnfragmentedUnfragmented Last fragment First fragment Last fragment First fragment
Continuing fragmentContinuing fragment
ndashndash 3-bit Fragmentation Sequence Number (FSN)3-bit Fragmentation Sequence Number (FSN)bullbull required to detect missing continuing fragmentsrequired to detect missing continuing fragments
bullbull continuous counter across continuous counter across SDUsSDUs
PackingPacking
bullbull The process of combining multiple MACThe process of combining multiple MAC SDUs SDUs(or fragments thereof) into a single MAC PDU(or fragments thereof) into a single MAC PDU
bullbull On connections with variable length MAC On connections with variable length MAC SDUsSDUsndashndash Packed PDU contains a sub-header for each packedPacked PDU contains a sub-header for each packed
SDU (or fragment thereof)SDU (or fragment thereof)
bullbull On connections with fixed length MAC On connections with fixed length MAC SDUsSDUsndashndash No packing sub-header neededNo packing sub-header needed
bullbull Packing and fragmentation can be combinedPacking and fragmentation can be combined
bullbull Can in certain situations save up to 10 ofCan in certain situations save up to 10 ofsystem bandwidthsystem bandwidth
Packing Fixed-Length Packing Fixed-Length SDUsSDUs
Packing Variable-Length Packing Variable-Length SDUsSDUs
bullbull2 Byte Packing Sub-Header before each SDU2 Byte Packing Sub-Header before each SDUbullbullLength of the SDU 11 bitsLength of the SDU 11 bitsbullbullfragmentation control (FC) 2 bitsfragmentation control (FC) 2 bitsbullbullfragmentation sequence number (FS) 3 bitsfragmentation sequence number (FS) 3 bits
Packing with FragmentationPacking with Fragmentation
Downlink transmissionsDownlink transmissionsbullbull Two kinds of bursts TDM and TDMATwo kinds of bursts TDM and TDMA
bullbull All bursts are identified by a DIUCAll bursts are identified by a DIUC
ndashndash DownlinkDownlink Interval Usage Code Interval Usage Code
bullbull TDMA bursts haveTDMA bursts have resync resync preamble preamblendashndash allows for more flexible schedulingallows for more flexible scheduling
bullbull Each terminal listens to all bursts at its operationalEach terminal listens to all bursts at its operationalIUC or at a more robust one except when told toIUC or at a more robust one except when told totransmittransmit
bullbull Each burst may contain data for several terminalsEach burst may contain data for several terminals
bullbull SS must recognize the SS must recognize the PDUsPDUs with known CIDs with known CIDs
bullbull DL-MAP message signals downlink usageDL-MAP message signals downlink usage
Downlink Channel DescriptorDownlink Channel Descriptor
bullbull Used for advertising downlink burst profilesUsed for advertising downlink burst profiles
bullbull Burst profile of DL broadcast channel is well-Burst profile of DL broadcast channel is well-knownknown
bullbull All others are acquiredAll others are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the flywithout interrupting the servicewithout interrupting the servicendashndash Not intended as super-adaptive modulationNot intended as super-adaptive modulation
bullbull Establishes association between DIUC andEstablishes association between DIUC andactual PHY parametersactual PHY parameters
Burst profilesBurst profilesbullbull Each burst profile hasEach burst profile has
mandatory exit thresholdmandatory exit thresholdand minimum entryand minimum entrythresholdthreshold
bullbull SS allowed to request a lessSS allowed to request a lessrobust DIUC once above therobust DIUC once above theminimum entry levelminimum entry level
bullbull SS must request fall back toSS must request fall back tomore robust DIUC once atmore robust DIUC once atmandatory exit thresholdmandatory exit threshold
bullbull Requests to change DIUCRequests to change DIUCdone with DBPC-REQ ordone with DBPC-REQ orRNG-REQ messagesRNG-REQ messages
Downlink Map MessageDownlink Map Message
bullbull DL-MAP message defines usage ofDL-MAP message defines usage ofdownlink and contains carrier-specific datadownlink and contains carrier-specific data
bullbull DL-MAP is first message in each frameDL-MAP is first message in each frame
bullbull Decoding very time-criticalDecoding very time-criticalndashndash typically done in hardwaretypically done in hardware
bullbull Entries denote instants when the burstEntries denote instants when the burstprofile changesprofile changes
Uplink TransmissionsUplink Transmissionsbullbull Invited transmissionsInvited transmissions
bullbull Transmissions in contention slotsTransmissions in contention slotsndashndash Bandwidth requestsBandwidth requests
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Transmissions in initial ranging slotsTransmissions in initial ranging slotsndashndash Ranging Requests (RNG-REQ)Ranging Requests (RNG-REQ)
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Bursts defined by Bursts defined by UIUCsUIUCs
bullbull Transmissions allocated by the UL-MAP messageTransmissions allocated by the UL-MAP message
bullbull All transmissions have synchronization preambleAll transmissions have synchronization preamble
bullbull Ideally all data from a single SS is concatenated intoIdeally all data from a single SS is concatenated intoa single PHY bursta single PHY burst
Uplink Channel DescriptorUplink Channel Descriptor
bullbull Defines uplink burst profilesDefines uplink burst profiles
bullbull Sent regularlySent regularly
bullbull All Uplink Burst profiles are acquiredAll Uplink Burst profiles are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the fly
bullbull Establishes association between UIUCEstablishes association between UIUCand actual PHY parametersand actual PHY parameters
Uplink MAP MessageUplink MAP Message
bullbull UL-MAP message defines usage of the uplinkUL-MAP message defines usage of the uplink
bullbull Contains the grantsContains the grants
bullbull Grants addressed to the SSGrants addressed to the SS
bullbull Time given in mini-slotsTime given in mini-slotsndashndash unit ofunit of uplink uplink bandwidth allocation bandwidth allocation
ndashndash 22mm physical slots physical slotsbullbull in 10-66in 10-66 GHz GHz PHY physical slot is 4 symbols PHY physical slot is 4 symbols
bullbull TTime expressed as arrival time at BSime expressed as arrival time at BS
Classes of Uplink ServiceClasses of Uplink ServiceCharacteristic of the Service FlowCharacteristic of the Service Flow
bullbull Unsolicited Grant Services (UGS)Unsolicited Grant Services (UGS)ndashndash for constant bit-rate (CBR) or CBR-like servicefor constant bit-rate (CBR) or CBR-like service
flows (flows (SFsSFs) such as T1E1) such as T1E1
bullbull Real-time Polling Services (Real-time Polling Services (rtPSrtPS))ndashndash for for rtrt-VBR-like -VBR-like SFsSFs such as MPEG video such as MPEG video
bullbull Non-real-time Polling Services (Non-real-time Polling Services (nrtPSnrtPS))ndashndash for for nrtnrt SFsSFs with better than best effort service with better than best effort service
such as bandwidth-intensive file transfersuch as bandwidth-intensive file transfer
bullbull Best Effort (BE)Best Effort (BE)ndashndash for best-effort trafficfor best-effort traffic
Uplink Services - UGSUplink Services - UGS
bullbull No explicit bandwidth requests issued by SSNo explicit bandwidth requests issued by SS
bullbull Prohibited from using any contention requestsProhibited from using any contention requests
bullbull No No unicast unicast request opportunity providedrequest opportunity provided
bullbull May include a Grant Management (GM) sub-May include a Grant Management (GM) sub-header containingheader containingndashndash Slip indicator indicates that there is an backlog inSlip indicator indicates that there is an backlog in
the buffer due to clock skew or loss of mapsthe buffer due to clock skew or loss of maps
ndashndash Poll-me bit indicates that the terminal needs to bePoll-me bit indicates that the terminal needs to bepolled (allows for not polling terminals with UGS-polled (allows for not polling terminals with UGS-only services)only services)
Uplink Services - Uplink Services - rtPSrtPS
bullbull Intended for Intended for rtrt-VBR-like service flows such as-VBR-like service flows such asMPEG videoMPEG video
bullbull Prohibited from using any contention requestsProhibited from using any contention requestsbullbull Terminals polled frequently enough to meetTerminals polled frequently enough to meet
the delay requirements of the the delay requirements of the SFsSFsbullbull Bandwidth requested with BW requestBandwidth requested with BW request
messages (a special MAC PDU header)messages (a special MAC PDU header)bullbull May use Grant Management sub-headerMay use Grant Management sub-header
ndashndash new request can be piggybacked with eachnew request can be piggybacked with eachtransmitted PDUtransmitted PDU
Uplink Service - Uplink Service - nrtPSnrtPS
bullbull Intended for non-real-time service flows withIntended for non-real-time service flows withbetter than best effort servicebetter than best effort servicendashndash eg bandwidth-intensive file transfer eg bandwidth-intensive file transfer
bullbull Works like Works like rtrt-polling except that polls are-polling except that polls areissued less frequentlyissued less frequently
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
Uplink Service - BEUplink Service - BE
bullbull Generic dataGeneric datandashndash eg HTTP SMTP etceg HTTP SMTP etc
bullbull No QoS guaranteesNo QoS guarantees
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
RequestGrant SchemeRequestGrant Scheme
bullbull Self CorrectingSelf Correctingndashndash No acknowledgementNo acknowledgement
ndashndash All errors are handled in the same way ieAll errors are handled in the same way ieperiodical aggregate requestsperiodical aggregate requests
bullbull Bandwidth Requests are always per ConnectionBandwidth Requests are always per Connection
bullbull Grants are either per Connection (GPC) or perGrants are either per Connection (GPC) or perSubscriber Station (GPSS)Subscriber Station (GPSS)
ndashndash Grants (given as Grants (given as durationsdurations) are carried in the) are carried in theUL-MAP messagesUL-MAP messages
ndashndash SS needs to convert the time to amount of dataSS needs to convert the time to amount of datausing information about the UIUCusing information about the UIUC
GPSS vs GPCGPSS vs GPCbullbull Bandwidth Grant per Subscriber Station (GPSS)Bandwidth Grant per Subscriber Station (GPSS)
ndashndash Base station grants bandwidth to the subscriber stationBase station grants bandwidth to the subscriber stationndashndash Subscriber station may re-distribute bandwidth among itsSubscriber station may re-distribute bandwidth among its
connections maintaining QoS and service-levelconnections maintaining QoS and service-levelagreementsagreements
ndashndash Suitable for many connections per terminal off-loadingSuitable for many connections per terminal off-loadingbase stationrsquos workbase stationrsquos work
ndashndash Allows more sophisticated reaction to QoS needsAllows more sophisticated reaction to QoS needsndashndash Low overhead but requires intelligent subscriber stationLow overhead but requires intelligent subscriber stationndashndash Mandatory for P80216 10-66 GHz PHYMandatory for P80216 10-66 GHz PHY
bullbull Bandwidth Grant per Connection (GPC)Bandwidth Grant per Connection (GPC)ndashndash Base station grants bandwidth to a connectionBase station grants bandwidth to a connectionndashndash Mostly suitable for few users per subscriber stationMostly suitable for few users per subscriber stationndashndash Higher overhead but allows simpler subscriber stationHigher overhead but allows simpler subscriber station
Bandwidth RequestsBandwidth Requestsbullbull Come from the Come from the ConnectionConnection
bullbull Several kinds of requestsSeveral kinds of requestsndashndash Implicit requests (UGS)Implicit requests (UGS)
bullbull No actual messages negotiated at connection setupNo actual messages negotiated at connection setup
ndashndash BW request messagesBW request messagesbullbull Uses the special BW request headerUses the special BW request header
bullbull Requests up to 32 KB with a single messageRequests up to 32 KB with a single message
bullbull Incremental or aggregate as indicated by MAC headerIncremental or aggregate as indicated by MAC header
ndashndash Piggybacked request (for non-UGS services only)Piggybacked request (for non-UGS services only)bullbull Presented in GM sub-header and always incrementalPresented in GM sub-header and always incremental
bullbull Up to 32 KB per request for the CIDUp to 32 KB per request for the CID
ndashndash Poll-Me bit (for UGS services only)Poll-Me bit (for UGS services only)bullbull Used by the SS to request a bandwidth poll for non-UGS servicesUsed by the SS to request a bandwidth poll for non-UGS services
BW Request MessageBW Request Message
Maintaining QoS in GPSSMaintaining QoS in GPSSbullbull Semi-distributed approachSemi-distributed approachbullbull BS sees the requests for each connectionBS sees the requests for each connection
based on this grants bandwidth (BW) to thebased on this grants bandwidth (BW) to theSSsSSs (maintaining QoS and fairness) (maintaining QoS and fairness)
bullbull SS scheduler maintains QoS among itsSS scheduler maintains QoS among itsconnections and is responsible to share theconnections and is responsible to share theBW among the connections (maintaining QoSBW among the connections (maintaining QoSand fairness)and fairness)
bullbull Algorithm in BS and SS can be very differentAlgorithm in BS and SS can be very differentSS may use BW in a way unforeseen by theSS may use BW in a way unforeseen by theBSBS
SS initializationSS initializationbullbull Scan forScan for downlink downlink channel and establish channel and establish
synchronization with the BSsynchronization with the BS
bullbull Obtain transmit parameters (from UCD message)Obtain transmit parameters (from UCD message)
bullbull Perform rangingPerform ranging
bullbull Negotiate basic capabilitiesNegotiate basic capabilities
bullbull Authorize SS and perform key exchangeAuthorize SS and perform key exchange
bullbull Perform registrationPerform registration
bullbull Establish IP connectivityEstablish IP connectivity
bullbull Establish time of dayEstablish time of day
bullbull Transfer operational parametersTransfer operational parameters
bullbull Set up connectionsSet up connections
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
IEEE 80216 ProjectsIEEE 80216 Projectsbullbull Air Interface (Air Interface (PHYsPHYs with common MAC) with common MAC)
bullbull P80216 10-66 GHzP80216 10-66 GHzbullbull Completed IEEE Sponsor BallotCompleted IEEE Sponsor Ballot
bullbull On On RevCom RevCom agenda for December 5 2001agenda for December 5 2001
bullbull P80216a 2-11 GHzP80216a 2-11 GHzbullbull Licensed bands onlyLicensed bands only
bullbull Expect OK to launch WG Letter Ballot this weekExpect OK to launch WG Letter Ballot this week
bullbull P80216b 5-6 GHzP80216b 5-6 GHzbullbull License-exempt (ldquoLicense-exempt (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
bullbull Expect OK to launch WG Letter Ballot this weekExpect OK to launch WG Letter Ballot this week
bullbull CoexistenceCoexistencebullbull IEEE 802162 (10-66 GHz)IEEE 802162 (10-66 GHz)
bullbull Published in September 2001Published in September 2001
bullbull P802162a amendment w 2-11 P802162a amendment w 2-11 GHz GHz licensedlicensed
IEEE P80216IEEE P80216
Standard Air Interface for FixedStandard Air Interface for FixedBroadband Wireless AccessBroadband Wireless Access
SystemsSystems
IEEE P80216 HistoryIEEE P80216 Historybullbull July-September 1999July-September 1999 Functional Requirements Functional Requirements
bullbull November 1999November 1999 Proposals (14 for MAC) Proposals (14 for MAC)
bullbull January 2000January 2000 2 Consolidated Proposals 2 Consolidated Proposalsndashndash 1 MAC proposal based on DOCSIS1 MAC proposal based on DOCSIS
ndashndash 1 not1 not
bullbull May 2000May 2000 Plan to Merge 2 Proposals Plan to Merge 2 Proposals
bullbull August 2000August 2000 Rev 0 Rev 0
bullbull until February 2001until February 2001 Working Group Review Working Group Reviewndashndash formal comment processformal comment process
bullbull February-August 2001February-August 2001 WG Letter Ballot WG Letter Ballot
bullbull August-October 2001August-October 2001 IEEE Sponsor Ballot IEEE Sponsor Ballot
bullbull 5 December 20015 December 2001 RevCom RevCom approval agendaapproval agenda
P80216 ScopeP80216 Scope
Specifies the Specifies the air interfaceair interface including the medium including the mediumaccess control layer (access control layer (MACMAC) and physical layer) and physical layer((PHYPHY) of ) of fixedfixed point-to-multipointpoint-to-multipoint broadband broadbandwireless access systems providing wireless access systems providing multiplemultipleservicesservices The medium access control layer is The medium access control layer iscapable of supporting capable of supporting multiple physical layermultiple physical layerspecifications optimized for the frequency bands ofspecifications optimized for the frequency bands ofthe application The standard includes a the application The standard includes a particularparticularphysical layerphysical layer specification broadly applicable to specification broadly applicable tosystems operating systems operating between 10 and 66 GHzbetween 10 and 66 GHz
Point-to-MultipointPoint-to-Multipoint
Wireless MAN not a LANWireless MAN not a LANbullbull Base Station (BS) connected to public networksBase Station (BS) connected to public networks
bullbull BS serves Subscriber Stations (BS serves Subscriber Stations (SSsSSs))ndashndash BS and SS are stationaryBS and SS are stationary
ndashndash SS typically serves a building (business or residence)SS typically serves a building (business or residence)
ndashndash provide SS with first-mile access to public networksprovide SS with first-mile access to public networks
bullbull Multiple services with different Multiple services with different QoSQoS priority prioritysimultaneouslysimultaneously
Reference ModelReference Model
PHY Considerations thatPHY Considerations that
Effect the MAC (10-66 Effect the MAC (10-66 GHzGHz))bullbull Broadband ChannelsBroadband Channels
ndashndash Wide channels (20 25 or 28 MHz)Wide channels (20 25 or 28 MHz)ndashndash High capacity ndash Downlink High capacity ndash Downlink AND AND UplinkUplink
bullbull Multiple AccessMultiple Accessndashndash TDMTDMATDMTDMAndashndash High rate burst modemsHigh rate burst modems
bullbull Adaptive Burst Profiles onAdaptive Burst Profiles on Uplink Uplink and and Downlink Downlinkbullbull Duplex scheme agnosticDuplex scheme agnostic
ndashndash Time-Division Duplex (TDD)Time-Division Duplex (TDD)ndashndash Frequency-Division Duplex (FDD) [including Burst FDD]Frequency-Division Duplex (FDD) [including Burst FDD]
bullbull Support for Half-Duplex TerminalsSupport for Half-Duplex Terminals
Adaptive PHYAdaptive PHY
(burst-by-burst(burst-by-burst adaptivity adaptivity not shown) not shown)
Adaptive Burst ProfilesAdaptive Burst Profiles
bullbull Burst profileBurst profilendashndash Modulation and FECModulation and FEC
bullbull Dynamically assigned according to link conditionsDynamically assigned according to link conditionsndashndash Burst by burst per subscriber stationBurst by burst per subscriber station
ndashndash Trade-off capacity vs robustness in Trade-off capacity vs robustness in real timereal time
bullbull Roughly doubled capacity for the same cell areaRoughly doubled capacity for the same cell area
bullbull Burst profile for Burst profile for downlinkdownlink broadcast channel is well- broadcast channel is well-knownknownndashndash All other burst profiles could be configured ldquoon the flyrdquoAll other burst profiles could be configured ldquoon the flyrdquo
ndashndash Subscriber station capabilities recognized at registrationSubscriber station capabilities recognized at registration
Duplex Scheme SupportDuplex Scheme Support
bullbull OnOn downlink downlink SS is associated with a specific burst SS is associated with a specific burstbullbull OnOn uplink uplink SS is allotted a variable length time slot SS is allotted a variable length time slot
for their transmissionsfor their transmissionsbullbull Time-Division Duplex (TDD)Time-Division Duplex (TDD)
ndashndash DownlinkDownlink amp amp Uplink Uplink time share the same RF channel time share the same RF channelndashndash Dynamic asymmetryDynamic asymmetryndashndash SS does not transmit amp receive simultaneously (low cost)SS does not transmit amp receive simultaneously (low cost)
bullbull Frequency-Division Duplex (FDD)Frequency-Division Duplex (FDD)ndashndash DownlinkDownlink amp amp Uplink Uplink on separate RF channels on separate RF channelsndashndash Static asymmetryStatic asymmetryndashndash Half-duplex Half-duplex SSsSSs supported supported
bullbull SS does not transmit amp receive simultaneously (low cost)SS does not transmit amp receive simultaneously (low cost)
TDD Frame (10-66 TDD Frame (10-66 GHzGHz))
TDD Downlink TDD Downlink SubframeSubframe
DIUC Downlink Interval Usage Code
Burst FDD FramingBurst FDD Framing
frame
Broadcast
Full Duplex Capable User
Half Duplex Terminal 1
Half Duplex Terminal 2
UPLINK
DOWNLINK
Allows scheduling flexibility
FDD Downlink FDD Downlink SubframeSubframe
TDMA portion transmits data to some half-duplex SSs (the onesscheduled to transmit earlier in the frame than they receive)
bull Need preamble to re-sync (carrier phase)
Baud Rates amp Channel SizeBaud Rates amp Channel Size
(10-66 (10-66 GHzGHz))bullbull Flexible plan - allows equipmentFlexible plan - allows equipment
manufactures to choose according tomanufactures to choose according tospectrum requirementsspectrum requirements
QPSK QPSK 16-QAM16-QAM 64-QAM64-QAMChannelChannel SymbolSymbol Bit Rate Bit Rate Bit Rate Bit Rate Bit RateBit RateWidthWidth RateRate (MHz)(MHz) ((MsymMsyms)s) ((MbitMbits) s) ((MbitMbits)s) ((MbitMbits)s)
2020 1616 3232 6464 969625 25 2020 40 40 80 80 12012028 28 224224 448 448 896 896 13441344
MAC RequirementsMAC Requirementsbullbull Provide Network AccessProvide Network Accessbullbull Address the Address the Wireless Wireless environmentenvironment
ndashndash eg very efficient use of spectrum eg very efficient use of spectrum
bullbull Broadband servicesBroadband servicesndashndash Very high bit rates downlink and uplinkVery high bit rates downlink and uplinkndashndash A range of QoS requirementsA range of QoS requirementsndashndash Ethernet IPv4 IPv6 ATM Ethernet IPv4 IPv6 ATM
bullbull Likelihood of terminal being sharedLikelihood of terminal being sharedndashndash Base Station may be heavily loadedBase Station may be heavily loaded
bullbull SecuritySecuritybullbull Protocol-Independent EngineProtocol-Independent Engine
ndashndash Convergence layers to ATM IP Ethernet Convergence layers to ATM IP Ethernet
bullbull Support both TDD and FDD in the PHYSupport both TDD and FDD in the PHY
80216 MAC Overview80216 MAC Overviewbullbull Point-to-MultipointPoint-to-Multipointbullbull Metropolitan Area NetworkMetropolitan Area Networkbullbull Connection-orientedConnection-orientedbullbull Supports difficult user environmentsSupports difficult user environments
ndashndash High bandwidth hundreds of users per channelHigh bandwidth hundreds of users per channelndashndash Continuous and burst trafficContinuous and burst trafficndashndash Very efficient use of spectrumVery efficient use of spectrum
bullbull Protocol-Independent core (ATM IP Ethernet hellip)Protocol-Independent core (ATM IP Ethernet hellip)bullbull Balances between stability of Balances between stability of contentionlesscontentionless and and
efficiency of contention-based operationefficiency of contention-based operationbullbull Flexible QoS offeringsFlexible QoS offerings
ndashndash CBR CBR rtrt-VBR -VBR nrtnrt-VBR BE with granularity within classes-VBR BE with granularity within classes
bullbull Supports multiple 80216 Supports multiple 80216 PHYsPHYs
Relationship to DOCSISRelationship to DOCSIS
bullbull ManagementManagementndashndash Dynamic service ldquoeditingrdquo protocol (AddChangeDelete)Dynamic service ldquoeditingrdquo protocol (AddChangeDelete)ndashndash Management message payload formatManagement message payload format
bullbull SecuritySecurityndashndash Authentication and PrivacyAuthentication and Privacy
bullbull Polling categoriesPolling categoriesbullbull Initial AccessInitial Access
ndashndash Slightly modified allowing terminal capability negotiationSlightly modified allowing terminal capability negotiation
bullbull Core MAC protocol engine is new design forCore MAC protocol engine is new design forWireless Metropolitan Area NetworksWireless Metropolitan Area Networks
DefinitionsDefinitionsbullbull Service Data Unit (SDU)Service Data Unit (SDU)
ndashndash Data units exchanged between adjacent layersData units exchanged between adjacent layers
bullbull Protocol Data Unit (PDU)Protocol Data Unit (PDU)ndashndash Data units exchanged between peer entitiesData units exchanged between peer entities
bullbull Connection and Connection IDConnection and Connection IDndashndash a unidirectional mapping between MAC peersa unidirectional mapping between MAC peers
over the over the airlinkairlink (uniquely identified by a CID) (uniquely identified by a CID)
bullbull Service Flow and Service Flow IDService Flow and Service Flow IDndashndash a unidirectional flow of MAC a unidirectional flow of MAC PDUsPDUs on a on a
connection that provides a particular QoSconnection that provides a particular QoS(uniquely identified by a SFID)(uniquely identified by a SFID)
ATM Convergence SublayerATM Convergence Sublayer
bullbull Support forSupport forndashndash VP (Virtual Path) switched connectionsVP (Virtual Path) switched connections
ndashndash VC (Virtual Channel) switched connectionsVC (Virtual Channel) switched connections
bullbull Support for end-to-end signaling ofSupport for end-to-end signaling ofdynamically created connectionsdynamically created connectionsndashndash SVCsSVCs
ndashndash soft soft PVCsPVCs
bullbull ATM header suppressionATM header suppression
bullbull Full QoS supportFull QoS support
Packet Convergence SublayerPacket Convergence Sublayer
bullbull Initial support for Ethernet IPv4 and IPv6Initial support for Ethernet IPv4 and IPv6
bullbull Payload header suppressionPayload header suppressionndashndash generic plus IP-specificgeneric plus IP-specific
bullbull Full QoS supportFull QoS support
bullbull Possible future support forPossible future support forndashndash PPPPPP
ndashndash MPLSMPLS
ndashndash etcetc
MAC AddressingMAC Addressing
bullbull SS has 48-bit IEEE MAC AddressSS has 48-bit IEEE MAC Address
bullbull BS has 48-bit Base Station IDBS has 48-bit Base Station IDndashndash Not a MAC addressNot a MAC address
ndashndash 24-bit operator indicator24-bit operator indicator
bullbull 16-bit Connection ID (CID)16-bit Connection ID (CID)ndashndash Used in MAC Used in MAC PDUsPDUs
MAC PDU TransmissionMAC PDU Transmission
bullbull MACMAC PDUs PDUs are transmitted in PHY bursts are transmitted in PHY bursts
bullbull A single PHY burst can contain multipleA single PHY burst can contain multipleConcatenated Concatenated MACMAC PDUs PDUs
bullbull The PHY burst can contain multiple FECThe PHY burst can contain multiple FECblocksblocks
bullbull MAC MAC PDUsPDUs may span FEC block boundaries may span FEC block boundaries
bullbull The TC layer between the MAC and theThe TC layer between the MAC and thePHY allows for capturing the start of the nextPHY allows for capturing the start of the nextMAC PDU in case of erroneous FEC blocksMAC PDU in case of erroneous FEC blocks
MAC PDU TransmissionMAC PDU Transmission
Preamble FEC block
Burst
MAC PDUs PDU 1 PDU 2 PDU 3 PDU 4 PDU 5
FEC 1 FEC 2 FEC 3
MAC PDUs
P
P
MAC Message SDU 1 SDU 2
MAC PDU formatMAC PDU format
bullbull The Generic MAC header has fixed formatThe Generic MAC header has fixed formatbullbull One or more MAC sub-headers may be part of theOne or more MAC sub-headers may be part of the
payloadpayloadbullbull The presence of sub-headers is indicated by a TypeThe presence of sub-headers is indicated by a Type
field in the Generic MAC headerfield in the Generic MAC header
Generic MAC HeaderGeneric MAC Header
FragmentationFragmentationbullbull Partitioning a MAC SDU into fragments transportedPartitioning a MAC SDU into fragments transported
in multiple MACin multiple MAC PDUs PDUs
bullbull Each connection can be in only a singleEach connection can be in only a singlefragmentation state at any timefragmentation state at any time
bullbull Contents of the fragmentation sub-headerContents of the fragmentation sub-header
ndashndash 2-bit Fragmentation Control (FC)2-bit Fragmentation Control (FC)bullbull UnfragmentedUnfragmented Last fragment First fragment Last fragment First fragment
Continuing fragmentContinuing fragment
ndashndash 3-bit Fragmentation Sequence Number (FSN)3-bit Fragmentation Sequence Number (FSN)bullbull required to detect missing continuing fragmentsrequired to detect missing continuing fragments
bullbull continuous counter across continuous counter across SDUsSDUs
PackingPacking
bullbull The process of combining multiple MACThe process of combining multiple MAC SDUs SDUs(or fragments thereof) into a single MAC PDU(or fragments thereof) into a single MAC PDU
bullbull On connections with variable length MAC On connections with variable length MAC SDUsSDUsndashndash Packed PDU contains a sub-header for each packedPacked PDU contains a sub-header for each packed
SDU (or fragment thereof)SDU (or fragment thereof)
bullbull On connections with fixed length MAC On connections with fixed length MAC SDUsSDUsndashndash No packing sub-header neededNo packing sub-header needed
bullbull Packing and fragmentation can be combinedPacking and fragmentation can be combined
bullbull Can in certain situations save up to 10 ofCan in certain situations save up to 10 ofsystem bandwidthsystem bandwidth
Packing Fixed-Length Packing Fixed-Length SDUsSDUs
Packing Variable-Length Packing Variable-Length SDUsSDUs
bullbull2 Byte Packing Sub-Header before each SDU2 Byte Packing Sub-Header before each SDUbullbullLength of the SDU 11 bitsLength of the SDU 11 bitsbullbullfragmentation control (FC) 2 bitsfragmentation control (FC) 2 bitsbullbullfragmentation sequence number (FS) 3 bitsfragmentation sequence number (FS) 3 bits
Packing with FragmentationPacking with Fragmentation
Downlink transmissionsDownlink transmissionsbullbull Two kinds of bursts TDM and TDMATwo kinds of bursts TDM and TDMA
bullbull All bursts are identified by a DIUCAll bursts are identified by a DIUC
ndashndash DownlinkDownlink Interval Usage Code Interval Usage Code
bullbull TDMA bursts haveTDMA bursts have resync resync preamble preamblendashndash allows for more flexible schedulingallows for more flexible scheduling
bullbull Each terminal listens to all bursts at its operationalEach terminal listens to all bursts at its operationalIUC or at a more robust one except when told toIUC or at a more robust one except when told totransmittransmit
bullbull Each burst may contain data for several terminalsEach burst may contain data for several terminals
bullbull SS must recognize the SS must recognize the PDUsPDUs with known CIDs with known CIDs
bullbull DL-MAP message signals downlink usageDL-MAP message signals downlink usage
Downlink Channel DescriptorDownlink Channel Descriptor
bullbull Used for advertising downlink burst profilesUsed for advertising downlink burst profiles
bullbull Burst profile of DL broadcast channel is well-Burst profile of DL broadcast channel is well-knownknown
bullbull All others are acquiredAll others are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the flywithout interrupting the servicewithout interrupting the servicendashndash Not intended as super-adaptive modulationNot intended as super-adaptive modulation
bullbull Establishes association between DIUC andEstablishes association between DIUC andactual PHY parametersactual PHY parameters
Burst profilesBurst profilesbullbull Each burst profile hasEach burst profile has
mandatory exit thresholdmandatory exit thresholdand minimum entryand minimum entrythresholdthreshold
bullbull SS allowed to request a lessSS allowed to request a lessrobust DIUC once above therobust DIUC once above theminimum entry levelminimum entry level
bullbull SS must request fall back toSS must request fall back tomore robust DIUC once atmore robust DIUC once atmandatory exit thresholdmandatory exit threshold
bullbull Requests to change DIUCRequests to change DIUCdone with DBPC-REQ ordone with DBPC-REQ orRNG-REQ messagesRNG-REQ messages
Downlink Map MessageDownlink Map Message
bullbull DL-MAP message defines usage ofDL-MAP message defines usage ofdownlink and contains carrier-specific datadownlink and contains carrier-specific data
bullbull DL-MAP is first message in each frameDL-MAP is first message in each frame
bullbull Decoding very time-criticalDecoding very time-criticalndashndash typically done in hardwaretypically done in hardware
bullbull Entries denote instants when the burstEntries denote instants when the burstprofile changesprofile changes
Uplink TransmissionsUplink Transmissionsbullbull Invited transmissionsInvited transmissions
bullbull Transmissions in contention slotsTransmissions in contention slotsndashndash Bandwidth requestsBandwidth requests
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Transmissions in initial ranging slotsTransmissions in initial ranging slotsndashndash Ranging Requests (RNG-REQ)Ranging Requests (RNG-REQ)
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Bursts defined by Bursts defined by UIUCsUIUCs
bullbull Transmissions allocated by the UL-MAP messageTransmissions allocated by the UL-MAP message
bullbull All transmissions have synchronization preambleAll transmissions have synchronization preamble
bullbull Ideally all data from a single SS is concatenated intoIdeally all data from a single SS is concatenated intoa single PHY bursta single PHY burst
Uplink Channel DescriptorUplink Channel Descriptor
bullbull Defines uplink burst profilesDefines uplink burst profiles
bullbull Sent regularlySent regularly
bullbull All Uplink Burst profiles are acquiredAll Uplink Burst profiles are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the fly
bullbull Establishes association between UIUCEstablishes association between UIUCand actual PHY parametersand actual PHY parameters
Uplink MAP MessageUplink MAP Message
bullbull UL-MAP message defines usage of the uplinkUL-MAP message defines usage of the uplink
bullbull Contains the grantsContains the grants
bullbull Grants addressed to the SSGrants addressed to the SS
bullbull Time given in mini-slotsTime given in mini-slotsndashndash unit ofunit of uplink uplink bandwidth allocation bandwidth allocation
ndashndash 22mm physical slots physical slotsbullbull in 10-66in 10-66 GHz GHz PHY physical slot is 4 symbols PHY physical slot is 4 symbols
bullbull TTime expressed as arrival time at BSime expressed as arrival time at BS
Classes of Uplink ServiceClasses of Uplink ServiceCharacteristic of the Service FlowCharacteristic of the Service Flow
bullbull Unsolicited Grant Services (UGS)Unsolicited Grant Services (UGS)ndashndash for constant bit-rate (CBR) or CBR-like servicefor constant bit-rate (CBR) or CBR-like service
flows (flows (SFsSFs) such as T1E1) such as T1E1
bullbull Real-time Polling Services (Real-time Polling Services (rtPSrtPS))ndashndash for for rtrt-VBR-like -VBR-like SFsSFs such as MPEG video such as MPEG video
bullbull Non-real-time Polling Services (Non-real-time Polling Services (nrtPSnrtPS))ndashndash for for nrtnrt SFsSFs with better than best effort service with better than best effort service
such as bandwidth-intensive file transfersuch as bandwidth-intensive file transfer
bullbull Best Effort (BE)Best Effort (BE)ndashndash for best-effort trafficfor best-effort traffic
Uplink Services - UGSUplink Services - UGS
bullbull No explicit bandwidth requests issued by SSNo explicit bandwidth requests issued by SS
bullbull Prohibited from using any contention requestsProhibited from using any contention requests
bullbull No No unicast unicast request opportunity providedrequest opportunity provided
bullbull May include a Grant Management (GM) sub-May include a Grant Management (GM) sub-header containingheader containingndashndash Slip indicator indicates that there is an backlog inSlip indicator indicates that there is an backlog in
the buffer due to clock skew or loss of mapsthe buffer due to clock skew or loss of maps
ndashndash Poll-me bit indicates that the terminal needs to bePoll-me bit indicates that the terminal needs to bepolled (allows for not polling terminals with UGS-polled (allows for not polling terminals with UGS-only services)only services)
Uplink Services - Uplink Services - rtPSrtPS
bullbull Intended for Intended for rtrt-VBR-like service flows such as-VBR-like service flows such asMPEG videoMPEG video
bullbull Prohibited from using any contention requestsProhibited from using any contention requestsbullbull Terminals polled frequently enough to meetTerminals polled frequently enough to meet
the delay requirements of the the delay requirements of the SFsSFsbullbull Bandwidth requested with BW requestBandwidth requested with BW request
messages (a special MAC PDU header)messages (a special MAC PDU header)bullbull May use Grant Management sub-headerMay use Grant Management sub-header
ndashndash new request can be piggybacked with eachnew request can be piggybacked with eachtransmitted PDUtransmitted PDU
Uplink Service - Uplink Service - nrtPSnrtPS
bullbull Intended for non-real-time service flows withIntended for non-real-time service flows withbetter than best effort servicebetter than best effort servicendashndash eg bandwidth-intensive file transfer eg bandwidth-intensive file transfer
bullbull Works like Works like rtrt-polling except that polls are-polling except that polls areissued less frequentlyissued less frequently
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
Uplink Service - BEUplink Service - BE
bullbull Generic dataGeneric datandashndash eg HTTP SMTP etceg HTTP SMTP etc
bullbull No QoS guaranteesNo QoS guarantees
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
RequestGrant SchemeRequestGrant Scheme
bullbull Self CorrectingSelf Correctingndashndash No acknowledgementNo acknowledgement
ndashndash All errors are handled in the same way ieAll errors are handled in the same way ieperiodical aggregate requestsperiodical aggregate requests
bullbull Bandwidth Requests are always per ConnectionBandwidth Requests are always per Connection
bullbull Grants are either per Connection (GPC) or perGrants are either per Connection (GPC) or perSubscriber Station (GPSS)Subscriber Station (GPSS)
ndashndash Grants (given as Grants (given as durationsdurations) are carried in the) are carried in theUL-MAP messagesUL-MAP messages
ndashndash SS needs to convert the time to amount of dataSS needs to convert the time to amount of datausing information about the UIUCusing information about the UIUC
GPSS vs GPCGPSS vs GPCbullbull Bandwidth Grant per Subscriber Station (GPSS)Bandwidth Grant per Subscriber Station (GPSS)
ndashndash Base station grants bandwidth to the subscriber stationBase station grants bandwidth to the subscriber stationndashndash Subscriber station may re-distribute bandwidth among itsSubscriber station may re-distribute bandwidth among its
connections maintaining QoS and service-levelconnections maintaining QoS and service-levelagreementsagreements
ndashndash Suitable for many connections per terminal off-loadingSuitable for many connections per terminal off-loadingbase stationrsquos workbase stationrsquos work
ndashndash Allows more sophisticated reaction to QoS needsAllows more sophisticated reaction to QoS needsndashndash Low overhead but requires intelligent subscriber stationLow overhead but requires intelligent subscriber stationndashndash Mandatory for P80216 10-66 GHz PHYMandatory for P80216 10-66 GHz PHY
bullbull Bandwidth Grant per Connection (GPC)Bandwidth Grant per Connection (GPC)ndashndash Base station grants bandwidth to a connectionBase station grants bandwidth to a connectionndashndash Mostly suitable for few users per subscriber stationMostly suitable for few users per subscriber stationndashndash Higher overhead but allows simpler subscriber stationHigher overhead but allows simpler subscriber station
Bandwidth RequestsBandwidth Requestsbullbull Come from the Come from the ConnectionConnection
bullbull Several kinds of requestsSeveral kinds of requestsndashndash Implicit requests (UGS)Implicit requests (UGS)
bullbull No actual messages negotiated at connection setupNo actual messages negotiated at connection setup
ndashndash BW request messagesBW request messagesbullbull Uses the special BW request headerUses the special BW request header
bullbull Requests up to 32 KB with a single messageRequests up to 32 KB with a single message
bullbull Incremental or aggregate as indicated by MAC headerIncremental or aggregate as indicated by MAC header
ndashndash Piggybacked request (for non-UGS services only)Piggybacked request (for non-UGS services only)bullbull Presented in GM sub-header and always incrementalPresented in GM sub-header and always incremental
bullbull Up to 32 KB per request for the CIDUp to 32 KB per request for the CID
ndashndash Poll-Me bit (for UGS services only)Poll-Me bit (for UGS services only)bullbull Used by the SS to request a bandwidth poll for non-UGS servicesUsed by the SS to request a bandwidth poll for non-UGS services
BW Request MessageBW Request Message
Maintaining QoS in GPSSMaintaining QoS in GPSSbullbull Semi-distributed approachSemi-distributed approachbullbull BS sees the requests for each connectionBS sees the requests for each connection
based on this grants bandwidth (BW) to thebased on this grants bandwidth (BW) to theSSsSSs (maintaining QoS and fairness) (maintaining QoS and fairness)
bullbull SS scheduler maintains QoS among itsSS scheduler maintains QoS among itsconnections and is responsible to share theconnections and is responsible to share theBW among the connections (maintaining QoSBW among the connections (maintaining QoSand fairness)and fairness)
bullbull Algorithm in BS and SS can be very differentAlgorithm in BS and SS can be very differentSS may use BW in a way unforeseen by theSS may use BW in a way unforeseen by theBSBS
SS initializationSS initializationbullbull Scan forScan for downlink downlink channel and establish channel and establish
synchronization with the BSsynchronization with the BS
bullbull Obtain transmit parameters (from UCD message)Obtain transmit parameters (from UCD message)
bullbull Perform rangingPerform ranging
bullbull Negotiate basic capabilitiesNegotiate basic capabilities
bullbull Authorize SS and perform key exchangeAuthorize SS and perform key exchange
bullbull Perform registrationPerform registration
bullbull Establish IP connectivityEstablish IP connectivity
bullbull Establish time of dayEstablish time of day
bullbull Transfer operational parametersTransfer operational parameters
bullbull Set up connectionsSet up connections
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
IEEE P80216IEEE P80216
Standard Air Interface for FixedStandard Air Interface for FixedBroadband Wireless AccessBroadband Wireless Access
SystemsSystems
IEEE P80216 HistoryIEEE P80216 Historybullbull July-September 1999July-September 1999 Functional Requirements Functional Requirements
bullbull November 1999November 1999 Proposals (14 for MAC) Proposals (14 for MAC)
bullbull January 2000January 2000 2 Consolidated Proposals 2 Consolidated Proposalsndashndash 1 MAC proposal based on DOCSIS1 MAC proposal based on DOCSIS
ndashndash 1 not1 not
bullbull May 2000May 2000 Plan to Merge 2 Proposals Plan to Merge 2 Proposals
bullbull August 2000August 2000 Rev 0 Rev 0
bullbull until February 2001until February 2001 Working Group Review Working Group Reviewndashndash formal comment processformal comment process
bullbull February-August 2001February-August 2001 WG Letter Ballot WG Letter Ballot
bullbull August-October 2001August-October 2001 IEEE Sponsor Ballot IEEE Sponsor Ballot
bullbull 5 December 20015 December 2001 RevCom RevCom approval agendaapproval agenda
P80216 ScopeP80216 Scope
Specifies the Specifies the air interfaceair interface including the medium including the mediumaccess control layer (access control layer (MACMAC) and physical layer) and physical layer((PHYPHY) of ) of fixedfixed point-to-multipointpoint-to-multipoint broadband broadbandwireless access systems providing wireless access systems providing multiplemultipleservicesservices The medium access control layer is The medium access control layer iscapable of supporting capable of supporting multiple physical layermultiple physical layerspecifications optimized for the frequency bands ofspecifications optimized for the frequency bands ofthe application The standard includes a the application The standard includes a particularparticularphysical layerphysical layer specification broadly applicable to specification broadly applicable tosystems operating systems operating between 10 and 66 GHzbetween 10 and 66 GHz
Point-to-MultipointPoint-to-Multipoint
Wireless MAN not a LANWireless MAN not a LANbullbull Base Station (BS) connected to public networksBase Station (BS) connected to public networks
bullbull BS serves Subscriber Stations (BS serves Subscriber Stations (SSsSSs))ndashndash BS and SS are stationaryBS and SS are stationary
ndashndash SS typically serves a building (business or residence)SS typically serves a building (business or residence)
ndashndash provide SS with first-mile access to public networksprovide SS with first-mile access to public networks
bullbull Multiple services with different Multiple services with different QoSQoS priority prioritysimultaneouslysimultaneously
Reference ModelReference Model
PHY Considerations thatPHY Considerations that
Effect the MAC (10-66 Effect the MAC (10-66 GHzGHz))bullbull Broadband ChannelsBroadband Channels
ndashndash Wide channels (20 25 or 28 MHz)Wide channels (20 25 or 28 MHz)ndashndash High capacity ndash Downlink High capacity ndash Downlink AND AND UplinkUplink
bullbull Multiple AccessMultiple Accessndashndash TDMTDMATDMTDMAndashndash High rate burst modemsHigh rate burst modems
bullbull Adaptive Burst Profiles onAdaptive Burst Profiles on Uplink Uplink and and Downlink Downlinkbullbull Duplex scheme agnosticDuplex scheme agnostic
ndashndash Time-Division Duplex (TDD)Time-Division Duplex (TDD)ndashndash Frequency-Division Duplex (FDD) [including Burst FDD]Frequency-Division Duplex (FDD) [including Burst FDD]
bullbull Support for Half-Duplex TerminalsSupport for Half-Duplex Terminals
Adaptive PHYAdaptive PHY
(burst-by-burst(burst-by-burst adaptivity adaptivity not shown) not shown)
Adaptive Burst ProfilesAdaptive Burst Profiles
bullbull Burst profileBurst profilendashndash Modulation and FECModulation and FEC
bullbull Dynamically assigned according to link conditionsDynamically assigned according to link conditionsndashndash Burst by burst per subscriber stationBurst by burst per subscriber station
ndashndash Trade-off capacity vs robustness in Trade-off capacity vs robustness in real timereal time
bullbull Roughly doubled capacity for the same cell areaRoughly doubled capacity for the same cell area
bullbull Burst profile for Burst profile for downlinkdownlink broadcast channel is well- broadcast channel is well-knownknownndashndash All other burst profiles could be configured ldquoon the flyrdquoAll other burst profiles could be configured ldquoon the flyrdquo
ndashndash Subscriber station capabilities recognized at registrationSubscriber station capabilities recognized at registration
Duplex Scheme SupportDuplex Scheme Support
bullbull OnOn downlink downlink SS is associated with a specific burst SS is associated with a specific burstbullbull OnOn uplink uplink SS is allotted a variable length time slot SS is allotted a variable length time slot
for their transmissionsfor their transmissionsbullbull Time-Division Duplex (TDD)Time-Division Duplex (TDD)
ndashndash DownlinkDownlink amp amp Uplink Uplink time share the same RF channel time share the same RF channelndashndash Dynamic asymmetryDynamic asymmetryndashndash SS does not transmit amp receive simultaneously (low cost)SS does not transmit amp receive simultaneously (low cost)
bullbull Frequency-Division Duplex (FDD)Frequency-Division Duplex (FDD)ndashndash DownlinkDownlink amp amp Uplink Uplink on separate RF channels on separate RF channelsndashndash Static asymmetryStatic asymmetryndashndash Half-duplex Half-duplex SSsSSs supported supported
bullbull SS does not transmit amp receive simultaneously (low cost)SS does not transmit amp receive simultaneously (low cost)
TDD Frame (10-66 TDD Frame (10-66 GHzGHz))
TDD Downlink TDD Downlink SubframeSubframe
DIUC Downlink Interval Usage Code
Burst FDD FramingBurst FDD Framing
frame
Broadcast
Full Duplex Capable User
Half Duplex Terminal 1
Half Duplex Terminal 2
UPLINK
DOWNLINK
Allows scheduling flexibility
FDD Downlink FDD Downlink SubframeSubframe
TDMA portion transmits data to some half-duplex SSs (the onesscheduled to transmit earlier in the frame than they receive)
bull Need preamble to re-sync (carrier phase)
Baud Rates amp Channel SizeBaud Rates amp Channel Size
(10-66 (10-66 GHzGHz))bullbull Flexible plan - allows equipmentFlexible plan - allows equipment
manufactures to choose according tomanufactures to choose according tospectrum requirementsspectrum requirements
QPSK QPSK 16-QAM16-QAM 64-QAM64-QAMChannelChannel SymbolSymbol Bit Rate Bit Rate Bit Rate Bit Rate Bit RateBit RateWidthWidth RateRate (MHz)(MHz) ((MsymMsyms)s) ((MbitMbits) s) ((MbitMbits)s) ((MbitMbits)s)
2020 1616 3232 6464 969625 25 2020 40 40 80 80 12012028 28 224224 448 448 896 896 13441344
MAC RequirementsMAC Requirementsbullbull Provide Network AccessProvide Network Accessbullbull Address the Address the Wireless Wireless environmentenvironment
ndashndash eg very efficient use of spectrum eg very efficient use of spectrum
bullbull Broadband servicesBroadband servicesndashndash Very high bit rates downlink and uplinkVery high bit rates downlink and uplinkndashndash A range of QoS requirementsA range of QoS requirementsndashndash Ethernet IPv4 IPv6 ATM Ethernet IPv4 IPv6 ATM
bullbull Likelihood of terminal being sharedLikelihood of terminal being sharedndashndash Base Station may be heavily loadedBase Station may be heavily loaded
bullbull SecuritySecuritybullbull Protocol-Independent EngineProtocol-Independent Engine
ndashndash Convergence layers to ATM IP Ethernet Convergence layers to ATM IP Ethernet
bullbull Support both TDD and FDD in the PHYSupport both TDD and FDD in the PHY
80216 MAC Overview80216 MAC Overviewbullbull Point-to-MultipointPoint-to-Multipointbullbull Metropolitan Area NetworkMetropolitan Area Networkbullbull Connection-orientedConnection-orientedbullbull Supports difficult user environmentsSupports difficult user environments
ndashndash High bandwidth hundreds of users per channelHigh bandwidth hundreds of users per channelndashndash Continuous and burst trafficContinuous and burst trafficndashndash Very efficient use of spectrumVery efficient use of spectrum
bullbull Protocol-Independent core (ATM IP Ethernet hellip)Protocol-Independent core (ATM IP Ethernet hellip)bullbull Balances between stability of Balances between stability of contentionlesscontentionless and and
efficiency of contention-based operationefficiency of contention-based operationbullbull Flexible QoS offeringsFlexible QoS offerings
ndashndash CBR CBR rtrt-VBR -VBR nrtnrt-VBR BE with granularity within classes-VBR BE with granularity within classes
bullbull Supports multiple 80216 Supports multiple 80216 PHYsPHYs
Relationship to DOCSISRelationship to DOCSIS
bullbull ManagementManagementndashndash Dynamic service ldquoeditingrdquo protocol (AddChangeDelete)Dynamic service ldquoeditingrdquo protocol (AddChangeDelete)ndashndash Management message payload formatManagement message payload format
bullbull SecuritySecurityndashndash Authentication and PrivacyAuthentication and Privacy
bullbull Polling categoriesPolling categoriesbullbull Initial AccessInitial Access
ndashndash Slightly modified allowing terminal capability negotiationSlightly modified allowing terminal capability negotiation
bullbull Core MAC protocol engine is new design forCore MAC protocol engine is new design forWireless Metropolitan Area NetworksWireless Metropolitan Area Networks
DefinitionsDefinitionsbullbull Service Data Unit (SDU)Service Data Unit (SDU)
ndashndash Data units exchanged between adjacent layersData units exchanged between adjacent layers
bullbull Protocol Data Unit (PDU)Protocol Data Unit (PDU)ndashndash Data units exchanged between peer entitiesData units exchanged between peer entities
bullbull Connection and Connection IDConnection and Connection IDndashndash a unidirectional mapping between MAC peersa unidirectional mapping between MAC peers
over the over the airlinkairlink (uniquely identified by a CID) (uniquely identified by a CID)
bullbull Service Flow and Service Flow IDService Flow and Service Flow IDndashndash a unidirectional flow of MAC a unidirectional flow of MAC PDUsPDUs on a on a
connection that provides a particular QoSconnection that provides a particular QoS(uniquely identified by a SFID)(uniquely identified by a SFID)
ATM Convergence SublayerATM Convergence Sublayer
bullbull Support forSupport forndashndash VP (Virtual Path) switched connectionsVP (Virtual Path) switched connections
ndashndash VC (Virtual Channel) switched connectionsVC (Virtual Channel) switched connections
bullbull Support for end-to-end signaling ofSupport for end-to-end signaling ofdynamically created connectionsdynamically created connectionsndashndash SVCsSVCs
ndashndash soft soft PVCsPVCs
bullbull ATM header suppressionATM header suppression
bullbull Full QoS supportFull QoS support
Packet Convergence SublayerPacket Convergence Sublayer
bullbull Initial support for Ethernet IPv4 and IPv6Initial support for Ethernet IPv4 and IPv6
bullbull Payload header suppressionPayload header suppressionndashndash generic plus IP-specificgeneric plus IP-specific
bullbull Full QoS supportFull QoS support
bullbull Possible future support forPossible future support forndashndash PPPPPP
ndashndash MPLSMPLS
ndashndash etcetc
MAC AddressingMAC Addressing
bullbull SS has 48-bit IEEE MAC AddressSS has 48-bit IEEE MAC Address
bullbull BS has 48-bit Base Station IDBS has 48-bit Base Station IDndashndash Not a MAC addressNot a MAC address
ndashndash 24-bit operator indicator24-bit operator indicator
bullbull 16-bit Connection ID (CID)16-bit Connection ID (CID)ndashndash Used in MAC Used in MAC PDUsPDUs
MAC PDU TransmissionMAC PDU Transmission
bullbull MACMAC PDUs PDUs are transmitted in PHY bursts are transmitted in PHY bursts
bullbull A single PHY burst can contain multipleA single PHY burst can contain multipleConcatenated Concatenated MACMAC PDUs PDUs
bullbull The PHY burst can contain multiple FECThe PHY burst can contain multiple FECblocksblocks
bullbull MAC MAC PDUsPDUs may span FEC block boundaries may span FEC block boundaries
bullbull The TC layer between the MAC and theThe TC layer between the MAC and thePHY allows for capturing the start of the nextPHY allows for capturing the start of the nextMAC PDU in case of erroneous FEC blocksMAC PDU in case of erroneous FEC blocks
MAC PDU TransmissionMAC PDU Transmission
Preamble FEC block
Burst
MAC PDUs PDU 1 PDU 2 PDU 3 PDU 4 PDU 5
FEC 1 FEC 2 FEC 3
MAC PDUs
P
P
MAC Message SDU 1 SDU 2
MAC PDU formatMAC PDU format
bullbull The Generic MAC header has fixed formatThe Generic MAC header has fixed formatbullbull One or more MAC sub-headers may be part of theOne or more MAC sub-headers may be part of the
payloadpayloadbullbull The presence of sub-headers is indicated by a TypeThe presence of sub-headers is indicated by a Type
field in the Generic MAC headerfield in the Generic MAC header
Generic MAC HeaderGeneric MAC Header
FragmentationFragmentationbullbull Partitioning a MAC SDU into fragments transportedPartitioning a MAC SDU into fragments transported
in multiple MACin multiple MAC PDUs PDUs
bullbull Each connection can be in only a singleEach connection can be in only a singlefragmentation state at any timefragmentation state at any time
bullbull Contents of the fragmentation sub-headerContents of the fragmentation sub-header
ndashndash 2-bit Fragmentation Control (FC)2-bit Fragmentation Control (FC)bullbull UnfragmentedUnfragmented Last fragment First fragment Last fragment First fragment
Continuing fragmentContinuing fragment
ndashndash 3-bit Fragmentation Sequence Number (FSN)3-bit Fragmentation Sequence Number (FSN)bullbull required to detect missing continuing fragmentsrequired to detect missing continuing fragments
bullbull continuous counter across continuous counter across SDUsSDUs
PackingPacking
bullbull The process of combining multiple MACThe process of combining multiple MAC SDUs SDUs(or fragments thereof) into a single MAC PDU(or fragments thereof) into a single MAC PDU
bullbull On connections with variable length MAC On connections with variable length MAC SDUsSDUsndashndash Packed PDU contains a sub-header for each packedPacked PDU contains a sub-header for each packed
SDU (or fragment thereof)SDU (or fragment thereof)
bullbull On connections with fixed length MAC On connections with fixed length MAC SDUsSDUsndashndash No packing sub-header neededNo packing sub-header needed
bullbull Packing and fragmentation can be combinedPacking and fragmentation can be combined
bullbull Can in certain situations save up to 10 ofCan in certain situations save up to 10 ofsystem bandwidthsystem bandwidth
Packing Fixed-Length Packing Fixed-Length SDUsSDUs
Packing Variable-Length Packing Variable-Length SDUsSDUs
bullbull2 Byte Packing Sub-Header before each SDU2 Byte Packing Sub-Header before each SDUbullbullLength of the SDU 11 bitsLength of the SDU 11 bitsbullbullfragmentation control (FC) 2 bitsfragmentation control (FC) 2 bitsbullbullfragmentation sequence number (FS) 3 bitsfragmentation sequence number (FS) 3 bits
Packing with FragmentationPacking with Fragmentation
Downlink transmissionsDownlink transmissionsbullbull Two kinds of bursts TDM and TDMATwo kinds of bursts TDM and TDMA
bullbull All bursts are identified by a DIUCAll bursts are identified by a DIUC
ndashndash DownlinkDownlink Interval Usage Code Interval Usage Code
bullbull TDMA bursts haveTDMA bursts have resync resync preamble preamblendashndash allows for more flexible schedulingallows for more flexible scheduling
bullbull Each terminal listens to all bursts at its operationalEach terminal listens to all bursts at its operationalIUC or at a more robust one except when told toIUC or at a more robust one except when told totransmittransmit
bullbull Each burst may contain data for several terminalsEach burst may contain data for several terminals
bullbull SS must recognize the SS must recognize the PDUsPDUs with known CIDs with known CIDs
bullbull DL-MAP message signals downlink usageDL-MAP message signals downlink usage
Downlink Channel DescriptorDownlink Channel Descriptor
bullbull Used for advertising downlink burst profilesUsed for advertising downlink burst profiles
bullbull Burst profile of DL broadcast channel is well-Burst profile of DL broadcast channel is well-knownknown
bullbull All others are acquiredAll others are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the flywithout interrupting the servicewithout interrupting the servicendashndash Not intended as super-adaptive modulationNot intended as super-adaptive modulation
bullbull Establishes association between DIUC andEstablishes association between DIUC andactual PHY parametersactual PHY parameters
Burst profilesBurst profilesbullbull Each burst profile hasEach burst profile has
mandatory exit thresholdmandatory exit thresholdand minimum entryand minimum entrythresholdthreshold
bullbull SS allowed to request a lessSS allowed to request a lessrobust DIUC once above therobust DIUC once above theminimum entry levelminimum entry level
bullbull SS must request fall back toSS must request fall back tomore robust DIUC once atmore robust DIUC once atmandatory exit thresholdmandatory exit threshold
bullbull Requests to change DIUCRequests to change DIUCdone with DBPC-REQ ordone with DBPC-REQ orRNG-REQ messagesRNG-REQ messages
Downlink Map MessageDownlink Map Message
bullbull DL-MAP message defines usage ofDL-MAP message defines usage ofdownlink and contains carrier-specific datadownlink and contains carrier-specific data
bullbull DL-MAP is first message in each frameDL-MAP is first message in each frame
bullbull Decoding very time-criticalDecoding very time-criticalndashndash typically done in hardwaretypically done in hardware
bullbull Entries denote instants when the burstEntries denote instants when the burstprofile changesprofile changes
Uplink TransmissionsUplink Transmissionsbullbull Invited transmissionsInvited transmissions
bullbull Transmissions in contention slotsTransmissions in contention slotsndashndash Bandwidth requestsBandwidth requests
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Transmissions in initial ranging slotsTransmissions in initial ranging slotsndashndash Ranging Requests (RNG-REQ)Ranging Requests (RNG-REQ)
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Bursts defined by Bursts defined by UIUCsUIUCs
bullbull Transmissions allocated by the UL-MAP messageTransmissions allocated by the UL-MAP message
bullbull All transmissions have synchronization preambleAll transmissions have synchronization preamble
bullbull Ideally all data from a single SS is concatenated intoIdeally all data from a single SS is concatenated intoa single PHY bursta single PHY burst
Uplink Channel DescriptorUplink Channel Descriptor
bullbull Defines uplink burst profilesDefines uplink burst profiles
bullbull Sent regularlySent regularly
bullbull All Uplink Burst profiles are acquiredAll Uplink Burst profiles are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the fly
bullbull Establishes association between UIUCEstablishes association between UIUCand actual PHY parametersand actual PHY parameters
Uplink MAP MessageUplink MAP Message
bullbull UL-MAP message defines usage of the uplinkUL-MAP message defines usage of the uplink
bullbull Contains the grantsContains the grants
bullbull Grants addressed to the SSGrants addressed to the SS
bullbull Time given in mini-slotsTime given in mini-slotsndashndash unit ofunit of uplink uplink bandwidth allocation bandwidth allocation
ndashndash 22mm physical slots physical slotsbullbull in 10-66in 10-66 GHz GHz PHY physical slot is 4 symbols PHY physical slot is 4 symbols
bullbull TTime expressed as arrival time at BSime expressed as arrival time at BS
Classes of Uplink ServiceClasses of Uplink ServiceCharacteristic of the Service FlowCharacteristic of the Service Flow
bullbull Unsolicited Grant Services (UGS)Unsolicited Grant Services (UGS)ndashndash for constant bit-rate (CBR) or CBR-like servicefor constant bit-rate (CBR) or CBR-like service
flows (flows (SFsSFs) such as T1E1) such as T1E1
bullbull Real-time Polling Services (Real-time Polling Services (rtPSrtPS))ndashndash for for rtrt-VBR-like -VBR-like SFsSFs such as MPEG video such as MPEG video
bullbull Non-real-time Polling Services (Non-real-time Polling Services (nrtPSnrtPS))ndashndash for for nrtnrt SFsSFs with better than best effort service with better than best effort service
such as bandwidth-intensive file transfersuch as bandwidth-intensive file transfer
bullbull Best Effort (BE)Best Effort (BE)ndashndash for best-effort trafficfor best-effort traffic
Uplink Services - UGSUplink Services - UGS
bullbull No explicit bandwidth requests issued by SSNo explicit bandwidth requests issued by SS
bullbull Prohibited from using any contention requestsProhibited from using any contention requests
bullbull No No unicast unicast request opportunity providedrequest opportunity provided
bullbull May include a Grant Management (GM) sub-May include a Grant Management (GM) sub-header containingheader containingndashndash Slip indicator indicates that there is an backlog inSlip indicator indicates that there is an backlog in
the buffer due to clock skew or loss of mapsthe buffer due to clock skew or loss of maps
ndashndash Poll-me bit indicates that the terminal needs to bePoll-me bit indicates that the terminal needs to bepolled (allows for not polling terminals with UGS-polled (allows for not polling terminals with UGS-only services)only services)
Uplink Services - Uplink Services - rtPSrtPS
bullbull Intended for Intended for rtrt-VBR-like service flows such as-VBR-like service flows such asMPEG videoMPEG video
bullbull Prohibited from using any contention requestsProhibited from using any contention requestsbullbull Terminals polled frequently enough to meetTerminals polled frequently enough to meet
the delay requirements of the the delay requirements of the SFsSFsbullbull Bandwidth requested with BW requestBandwidth requested with BW request
messages (a special MAC PDU header)messages (a special MAC PDU header)bullbull May use Grant Management sub-headerMay use Grant Management sub-header
ndashndash new request can be piggybacked with eachnew request can be piggybacked with eachtransmitted PDUtransmitted PDU
Uplink Service - Uplink Service - nrtPSnrtPS
bullbull Intended for non-real-time service flows withIntended for non-real-time service flows withbetter than best effort servicebetter than best effort servicendashndash eg bandwidth-intensive file transfer eg bandwidth-intensive file transfer
bullbull Works like Works like rtrt-polling except that polls are-polling except that polls areissued less frequentlyissued less frequently
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
Uplink Service - BEUplink Service - BE
bullbull Generic dataGeneric datandashndash eg HTTP SMTP etceg HTTP SMTP etc
bullbull No QoS guaranteesNo QoS guarantees
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
RequestGrant SchemeRequestGrant Scheme
bullbull Self CorrectingSelf Correctingndashndash No acknowledgementNo acknowledgement
ndashndash All errors are handled in the same way ieAll errors are handled in the same way ieperiodical aggregate requestsperiodical aggregate requests
bullbull Bandwidth Requests are always per ConnectionBandwidth Requests are always per Connection
bullbull Grants are either per Connection (GPC) or perGrants are either per Connection (GPC) or perSubscriber Station (GPSS)Subscriber Station (GPSS)
ndashndash Grants (given as Grants (given as durationsdurations) are carried in the) are carried in theUL-MAP messagesUL-MAP messages
ndashndash SS needs to convert the time to amount of dataSS needs to convert the time to amount of datausing information about the UIUCusing information about the UIUC
GPSS vs GPCGPSS vs GPCbullbull Bandwidth Grant per Subscriber Station (GPSS)Bandwidth Grant per Subscriber Station (GPSS)
ndashndash Base station grants bandwidth to the subscriber stationBase station grants bandwidth to the subscriber stationndashndash Subscriber station may re-distribute bandwidth among itsSubscriber station may re-distribute bandwidth among its
connections maintaining QoS and service-levelconnections maintaining QoS and service-levelagreementsagreements
ndashndash Suitable for many connections per terminal off-loadingSuitable for many connections per terminal off-loadingbase stationrsquos workbase stationrsquos work
ndashndash Allows more sophisticated reaction to QoS needsAllows more sophisticated reaction to QoS needsndashndash Low overhead but requires intelligent subscriber stationLow overhead but requires intelligent subscriber stationndashndash Mandatory for P80216 10-66 GHz PHYMandatory for P80216 10-66 GHz PHY
bullbull Bandwidth Grant per Connection (GPC)Bandwidth Grant per Connection (GPC)ndashndash Base station grants bandwidth to a connectionBase station grants bandwidth to a connectionndashndash Mostly suitable for few users per subscriber stationMostly suitable for few users per subscriber stationndashndash Higher overhead but allows simpler subscriber stationHigher overhead but allows simpler subscriber station
Bandwidth RequestsBandwidth Requestsbullbull Come from the Come from the ConnectionConnection
bullbull Several kinds of requestsSeveral kinds of requestsndashndash Implicit requests (UGS)Implicit requests (UGS)
bullbull No actual messages negotiated at connection setupNo actual messages negotiated at connection setup
ndashndash BW request messagesBW request messagesbullbull Uses the special BW request headerUses the special BW request header
bullbull Requests up to 32 KB with a single messageRequests up to 32 KB with a single message
bullbull Incremental or aggregate as indicated by MAC headerIncremental or aggregate as indicated by MAC header
ndashndash Piggybacked request (for non-UGS services only)Piggybacked request (for non-UGS services only)bullbull Presented in GM sub-header and always incrementalPresented in GM sub-header and always incremental
bullbull Up to 32 KB per request for the CIDUp to 32 KB per request for the CID
ndashndash Poll-Me bit (for UGS services only)Poll-Me bit (for UGS services only)bullbull Used by the SS to request a bandwidth poll for non-UGS servicesUsed by the SS to request a bandwidth poll for non-UGS services
BW Request MessageBW Request Message
Maintaining QoS in GPSSMaintaining QoS in GPSSbullbull Semi-distributed approachSemi-distributed approachbullbull BS sees the requests for each connectionBS sees the requests for each connection
based on this grants bandwidth (BW) to thebased on this grants bandwidth (BW) to theSSsSSs (maintaining QoS and fairness) (maintaining QoS and fairness)
bullbull SS scheduler maintains QoS among itsSS scheduler maintains QoS among itsconnections and is responsible to share theconnections and is responsible to share theBW among the connections (maintaining QoSBW among the connections (maintaining QoSand fairness)and fairness)
bullbull Algorithm in BS and SS can be very differentAlgorithm in BS and SS can be very differentSS may use BW in a way unforeseen by theSS may use BW in a way unforeseen by theBSBS
SS initializationSS initializationbullbull Scan forScan for downlink downlink channel and establish channel and establish
synchronization with the BSsynchronization with the BS
bullbull Obtain transmit parameters (from UCD message)Obtain transmit parameters (from UCD message)
bullbull Perform rangingPerform ranging
bullbull Negotiate basic capabilitiesNegotiate basic capabilities
bullbull Authorize SS and perform key exchangeAuthorize SS and perform key exchange
bullbull Perform registrationPerform registration
bullbull Establish IP connectivityEstablish IP connectivity
bullbull Establish time of dayEstablish time of day
bullbull Transfer operational parametersTransfer operational parameters
bullbull Set up connectionsSet up connections
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
IEEE P80216 HistoryIEEE P80216 Historybullbull July-September 1999July-September 1999 Functional Requirements Functional Requirements
bullbull November 1999November 1999 Proposals (14 for MAC) Proposals (14 for MAC)
bullbull January 2000January 2000 2 Consolidated Proposals 2 Consolidated Proposalsndashndash 1 MAC proposal based on DOCSIS1 MAC proposal based on DOCSIS
ndashndash 1 not1 not
bullbull May 2000May 2000 Plan to Merge 2 Proposals Plan to Merge 2 Proposals
bullbull August 2000August 2000 Rev 0 Rev 0
bullbull until February 2001until February 2001 Working Group Review Working Group Reviewndashndash formal comment processformal comment process
bullbull February-August 2001February-August 2001 WG Letter Ballot WG Letter Ballot
bullbull August-October 2001August-October 2001 IEEE Sponsor Ballot IEEE Sponsor Ballot
bullbull 5 December 20015 December 2001 RevCom RevCom approval agendaapproval agenda
P80216 ScopeP80216 Scope
Specifies the Specifies the air interfaceair interface including the medium including the mediumaccess control layer (access control layer (MACMAC) and physical layer) and physical layer((PHYPHY) of ) of fixedfixed point-to-multipointpoint-to-multipoint broadband broadbandwireless access systems providing wireless access systems providing multiplemultipleservicesservices The medium access control layer is The medium access control layer iscapable of supporting capable of supporting multiple physical layermultiple physical layerspecifications optimized for the frequency bands ofspecifications optimized for the frequency bands ofthe application The standard includes a the application The standard includes a particularparticularphysical layerphysical layer specification broadly applicable to specification broadly applicable tosystems operating systems operating between 10 and 66 GHzbetween 10 and 66 GHz
Point-to-MultipointPoint-to-Multipoint
Wireless MAN not a LANWireless MAN not a LANbullbull Base Station (BS) connected to public networksBase Station (BS) connected to public networks
bullbull BS serves Subscriber Stations (BS serves Subscriber Stations (SSsSSs))ndashndash BS and SS are stationaryBS and SS are stationary
ndashndash SS typically serves a building (business or residence)SS typically serves a building (business or residence)
ndashndash provide SS with first-mile access to public networksprovide SS with first-mile access to public networks
bullbull Multiple services with different Multiple services with different QoSQoS priority prioritysimultaneouslysimultaneously
Reference ModelReference Model
PHY Considerations thatPHY Considerations that
Effect the MAC (10-66 Effect the MAC (10-66 GHzGHz))bullbull Broadband ChannelsBroadband Channels
ndashndash Wide channels (20 25 or 28 MHz)Wide channels (20 25 or 28 MHz)ndashndash High capacity ndash Downlink High capacity ndash Downlink AND AND UplinkUplink
bullbull Multiple AccessMultiple Accessndashndash TDMTDMATDMTDMAndashndash High rate burst modemsHigh rate burst modems
bullbull Adaptive Burst Profiles onAdaptive Burst Profiles on Uplink Uplink and and Downlink Downlinkbullbull Duplex scheme agnosticDuplex scheme agnostic
ndashndash Time-Division Duplex (TDD)Time-Division Duplex (TDD)ndashndash Frequency-Division Duplex (FDD) [including Burst FDD]Frequency-Division Duplex (FDD) [including Burst FDD]
bullbull Support for Half-Duplex TerminalsSupport for Half-Duplex Terminals
Adaptive PHYAdaptive PHY
(burst-by-burst(burst-by-burst adaptivity adaptivity not shown) not shown)
Adaptive Burst ProfilesAdaptive Burst Profiles
bullbull Burst profileBurst profilendashndash Modulation and FECModulation and FEC
bullbull Dynamically assigned according to link conditionsDynamically assigned according to link conditionsndashndash Burst by burst per subscriber stationBurst by burst per subscriber station
ndashndash Trade-off capacity vs robustness in Trade-off capacity vs robustness in real timereal time
bullbull Roughly doubled capacity for the same cell areaRoughly doubled capacity for the same cell area
bullbull Burst profile for Burst profile for downlinkdownlink broadcast channel is well- broadcast channel is well-knownknownndashndash All other burst profiles could be configured ldquoon the flyrdquoAll other burst profiles could be configured ldquoon the flyrdquo
ndashndash Subscriber station capabilities recognized at registrationSubscriber station capabilities recognized at registration
Duplex Scheme SupportDuplex Scheme Support
bullbull OnOn downlink downlink SS is associated with a specific burst SS is associated with a specific burstbullbull OnOn uplink uplink SS is allotted a variable length time slot SS is allotted a variable length time slot
for their transmissionsfor their transmissionsbullbull Time-Division Duplex (TDD)Time-Division Duplex (TDD)
ndashndash DownlinkDownlink amp amp Uplink Uplink time share the same RF channel time share the same RF channelndashndash Dynamic asymmetryDynamic asymmetryndashndash SS does not transmit amp receive simultaneously (low cost)SS does not transmit amp receive simultaneously (low cost)
bullbull Frequency-Division Duplex (FDD)Frequency-Division Duplex (FDD)ndashndash DownlinkDownlink amp amp Uplink Uplink on separate RF channels on separate RF channelsndashndash Static asymmetryStatic asymmetryndashndash Half-duplex Half-duplex SSsSSs supported supported
bullbull SS does not transmit amp receive simultaneously (low cost)SS does not transmit amp receive simultaneously (low cost)
TDD Frame (10-66 TDD Frame (10-66 GHzGHz))
TDD Downlink TDD Downlink SubframeSubframe
DIUC Downlink Interval Usage Code
Burst FDD FramingBurst FDD Framing
frame
Broadcast
Full Duplex Capable User
Half Duplex Terminal 1
Half Duplex Terminal 2
UPLINK
DOWNLINK
Allows scheduling flexibility
FDD Downlink FDD Downlink SubframeSubframe
TDMA portion transmits data to some half-duplex SSs (the onesscheduled to transmit earlier in the frame than they receive)
bull Need preamble to re-sync (carrier phase)
Baud Rates amp Channel SizeBaud Rates amp Channel Size
(10-66 (10-66 GHzGHz))bullbull Flexible plan - allows equipmentFlexible plan - allows equipment
manufactures to choose according tomanufactures to choose according tospectrum requirementsspectrum requirements
QPSK QPSK 16-QAM16-QAM 64-QAM64-QAMChannelChannel SymbolSymbol Bit Rate Bit Rate Bit Rate Bit Rate Bit RateBit RateWidthWidth RateRate (MHz)(MHz) ((MsymMsyms)s) ((MbitMbits) s) ((MbitMbits)s) ((MbitMbits)s)
2020 1616 3232 6464 969625 25 2020 40 40 80 80 12012028 28 224224 448 448 896 896 13441344
MAC RequirementsMAC Requirementsbullbull Provide Network AccessProvide Network Accessbullbull Address the Address the Wireless Wireless environmentenvironment
ndashndash eg very efficient use of spectrum eg very efficient use of spectrum
bullbull Broadband servicesBroadband servicesndashndash Very high bit rates downlink and uplinkVery high bit rates downlink and uplinkndashndash A range of QoS requirementsA range of QoS requirementsndashndash Ethernet IPv4 IPv6 ATM Ethernet IPv4 IPv6 ATM
bullbull Likelihood of terminal being sharedLikelihood of terminal being sharedndashndash Base Station may be heavily loadedBase Station may be heavily loaded
bullbull SecuritySecuritybullbull Protocol-Independent EngineProtocol-Independent Engine
ndashndash Convergence layers to ATM IP Ethernet Convergence layers to ATM IP Ethernet
bullbull Support both TDD and FDD in the PHYSupport both TDD and FDD in the PHY
80216 MAC Overview80216 MAC Overviewbullbull Point-to-MultipointPoint-to-Multipointbullbull Metropolitan Area NetworkMetropolitan Area Networkbullbull Connection-orientedConnection-orientedbullbull Supports difficult user environmentsSupports difficult user environments
ndashndash High bandwidth hundreds of users per channelHigh bandwidth hundreds of users per channelndashndash Continuous and burst trafficContinuous and burst trafficndashndash Very efficient use of spectrumVery efficient use of spectrum
bullbull Protocol-Independent core (ATM IP Ethernet hellip)Protocol-Independent core (ATM IP Ethernet hellip)bullbull Balances between stability of Balances between stability of contentionlesscontentionless and and
efficiency of contention-based operationefficiency of contention-based operationbullbull Flexible QoS offeringsFlexible QoS offerings
ndashndash CBR CBR rtrt-VBR -VBR nrtnrt-VBR BE with granularity within classes-VBR BE with granularity within classes
bullbull Supports multiple 80216 Supports multiple 80216 PHYsPHYs
Relationship to DOCSISRelationship to DOCSIS
bullbull ManagementManagementndashndash Dynamic service ldquoeditingrdquo protocol (AddChangeDelete)Dynamic service ldquoeditingrdquo protocol (AddChangeDelete)ndashndash Management message payload formatManagement message payload format
bullbull SecuritySecurityndashndash Authentication and PrivacyAuthentication and Privacy
bullbull Polling categoriesPolling categoriesbullbull Initial AccessInitial Access
ndashndash Slightly modified allowing terminal capability negotiationSlightly modified allowing terminal capability negotiation
bullbull Core MAC protocol engine is new design forCore MAC protocol engine is new design forWireless Metropolitan Area NetworksWireless Metropolitan Area Networks
DefinitionsDefinitionsbullbull Service Data Unit (SDU)Service Data Unit (SDU)
ndashndash Data units exchanged between adjacent layersData units exchanged between adjacent layers
bullbull Protocol Data Unit (PDU)Protocol Data Unit (PDU)ndashndash Data units exchanged between peer entitiesData units exchanged between peer entities
bullbull Connection and Connection IDConnection and Connection IDndashndash a unidirectional mapping between MAC peersa unidirectional mapping between MAC peers
over the over the airlinkairlink (uniquely identified by a CID) (uniquely identified by a CID)
bullbull Service Flow and Service Flow IDService Flow and Service Flow IDndashndash a unidirectional flow of MAC a unidirectional flow of MAC PDUsPDUs on a on a
connection that provides a particular QoSconnection that provides a particular QoS(uniquely identified by a SFID)(uniquely identified by a SFID)
ATM Convergence SublayerATM Convergence Sublayer
bullbull Support forSupport forndashndash VP (Virtual Path) switched connectionsVP (Virtual Path) switched connections
ndashndash VC (Virtual Channel) switched connectionsVC (Virtual Channel) switched connections
bullbull Support for end-to-end signaling ofSupport for end-to-end signaling ofdynamically created connectionsdynamically created connectionsndashndash SVCsSVCs
ndashndash soft soft PVCsPVCs
bullbull ATM header suppressionATM header suppression
bullbull Full QoS supportFull QoS support
Packet Convergence SublayerPacket Convergence Sublayer
bullbull Initial support for Ethernet IPv4 and IPv6Initial support for Ethernet IPv4 and IPv6
bullbull Payload header suppressionPayload header suppressionndashndash generic plus IP-specificgeneric plus IP-specific
bullbull Full QoS supportFull QoS support
bullbull Possible future support forPossible future support forndashndash PPPPPP
ndashndash MPLSMPLS
ndashndash etcetc
MAC AddressingMAC Addressing
bullbull SS has 48-bit IEEE MAC AddressSS has 48-bit IEEE MAC Address
bullbull BS has 48-bit Base Station IDBS has 48-bit Base Station IDndashndash Not a MAC addressNot a MAC address
ndashndash 24-bit operator indicator24-bit operator indicator
bullbull 16-bit Connection ID (CID)16-bit Connection ID (CID)ndashndash Used in MAC Used in MAC PDUsPDUs
MAC PDU TransmissionMAC PDU Transmission
bullbull MACMAC PDUs PDUs are transmitted in PHY bursts are transmitted in PHY bursts
bullbull A single PHY burst can contain multipleA single PHY burst can contain multipleConcatenated Concatenated MACMAC PDUs PDUs
bullbull The PHY burst can contain multiple FECThe PHY burst can contain multiple FECblocksblocks
bullbull MAC MAC PDUsPDUs may span FEC block boundaries may span FEC block boundaries
bullbull The TC layer between the MAC and theThe TC layer between the MAC and thePHY allows for capturing the start of the nextPHY allows for capturing the start of the nextMAC PDU in case of erroneous FEC blocksMAC PDU in case of erroneous FEC blocks
MAC PDU TransmissionMAC PDU Transmission
Preamble FEC block
Burst
MAC PDUs PDU 1 PDU 2 PDU 3 PDU 4 PDU 5
FEC 1 FEC 2 FEC 3
MAC PDUs
P
P
MAC Message SDU 1 SDU 2
MAC PDU formatMAC PDU format
bullbull The Generic MAC header has fixed formatThe Generic MAC header has fixed formatbullbull One or more MAC sub-headers may be part of theOne or more MAC sub-headers may be part of the
payloadpayloadbullbull The presence of sub-headers is indicated by a TypeThe presence of sub-headers is indicated by a Type
field in the Generic MAC headerfield in the Generic MAC header
Generic MAC HeaderGeneric MAC Header
FragmentationFragmentationbullbull Partitioning a MAC SDU into fragments transportedPartitioning a MAC SDU into fragments transported
in multiple MACin multiple MAC PDUs PDUs
bullbull Each connection can be in only a singleEach connection can be in only a singlefragmentation state at any timefragmentation state at any time
bullbull Contents of the fragmentation sub-headerContents of the fragmentation sub-header
ndashndash 2-bit Fragmentation Control (FC)2-bit Fragmentation Control (FC)bullbull UnfragmentedUnfragmented Last fragment First fragment Last fragment First fragment
Continuing fragmentContinuing fragment
ndashndash 3-bit Fragmentation Sequence Number (FSN)3-bit Fragmentation Sequence Number (FSN)bullbull required to detect missing continuing fragmentsrequired to detect missing continuing fragments
bullbull continuous counter across continuous counter across SDUsSDUs
PackingPacking
bullbull The process of combining multiple MACThe process of combining multiple MAC SDUs SDUs(or fragments thereof) into a single MAC PDU(or fragments thereof) into a single MAC PDU
bullbull On connections with variable length MAC On connections with variable length MAC SDUsSDUsndashndash Packed PDU contains a sub-header for each packedPacked PDU contains a sub-header for each packed
SDU (or fragment thereof)SDU (or fragment thereof)
bullbull On connections with fixed length MAC On connections with fixed length MAC SDUsSDUsndashndash No packing sub-header neededNo packing sub-header needed
bullbull Packing and fragmentation can be combinedPacking and fragmentation can be combined
bullbull Can in certain situations save up to 10 ofCan in certain situations save up to 10 ofsystem bandwidthsystem bandwidth
Packing Fixed-Length Packing Fixed-Length SDUsSDUs
Packing Variable-Length Packing Variable-Length SDUsSDUs
bullbull2 Byte Packing Sub-Header before each SDU2 Byte Packing Sub-Header before each SDUbullbullLength of the SDU 11 bitsLength of the SDU 11 bitsbullbullfragmentation control (FC) 2 bitsfragmentation control (FC) 2 bitsbullbullfragmentation sequence number (FS) 3 bitsfragmentation sequence number (FS) 3 bits
Packing with FragmentationPacking with Fragmentation
Downlink transmissionsDownlink transmissionsbullbull Two kinds of bursts TDM and TDMATwo kinds of bursts TDM and TDMA
bullbull All bursts are identified by a DIUCAll bursts are identified by a DIUC
ndashndash DownlinkDownlink Interval Usage Code Interval Usage Code
bullbull TDMA bursts haveTDMA bursts have resync resync preamble preamblendashndash allows for more flexible schedulingallows for more flexible scheduling
bullbull Each terminal listens to all bursts at its operationalEach terminal listens to all bursts at its operationalIUC or at a more robust one except when told toIUC or at a more robust one except when told totransmittransmit
bullbull Each burst may contain data for several terminalsEach burst may contain data for several terminals
bullbull SS must recognize the SS must recognize the PDUsPDUs with known CIDs with known CIDs
bullbull DL-MAP message signals downlink usageDL-MAP message signals downlink usage
Downlink Channel DescriptorDownlink Channel Descriptor
bullbull Used for advertising downlink burst profilesUsed for advertising downlink burst profiles
bullbull Burst profile of DL broadcast channel is well-Burst profile of DL broadcast channel is well-knownknown
bullbull All others are acquiredAll others are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the flywithout interrupting the servicewithout interrupting the servicendashndash Not intended as super-adaptive modulationNot intended as super-adaptive modulation
bullbull Establishes association between DIUC andEstablishes association between DIUC andactual PHY parametersactual PHY parameters
Burst profilesBurst profilesbullbull Each burst profile hasEach burst profile has
mandatory exit thresholdmandatory exit thresholdand minimum entryand minimum entrythresholdthreshold
bullbull SS allowed to request a lessSS allowed to request a lessrobust DIUC once above therobust DIUC once above theminimum entry levelminimum entry level
bullbull SS must request fall back toSS must request fall back tomore robust DIUC once atmore robust DIUC once atmandatory exit thresholdmandatory exit threshold
bullbull Requests to change DIUCRequests to change DIUCdone with DBPC-REQ ordone with DBPC-REQ orRNG-REQ messagesRNG-REQ messages
Downlink Map MessageDownlink Map Message
bullbull DL-MAP message defines usage ofDL-MAP message defines usage ofdownlink and contains carrier-specific datadownlink and contains carrier-specific data
bullbull DL-MAP is first message in each frameDL-MAP is first message in each frame
bullbull Decoding very time-criticalDecoding very time-criticalndashndash typically done in hardwaretypically done in hardware
bullbull Entries denote instants when the burstEntries denote instants when the burstprofile changesprofile changes
Uplink TransmissionsUplink Transmissionsbullbull Invited transmissionsInvited transmissions
bullbull Transmissions in contention slotsTransmissions in contention slotsndashndash Bandwidth requestsBandwidth requests
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Transmissions in initial ranging slotsTransmissions in initial ranging slotsndashndash Ranging Requests (RNG-REQ)Ranging Requests (RNG-REQ)
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Bursts defined by Bursts defined by UIUCsUIUCs
bullbull Transmissions allocated by the UL-MAP messageTransmissions allocated by the UL-MAP message
bullbull All transmissions have synchronization preambleAll transmissions have synchronization preamble
bullbull Ideally all data from a single SS is concatenated intoIdeally all data from a single SS is concatenated intoa single PHY bursta single PHY burst
Uplink Channel DescriptorUplink Channel Descriptor
bullbull Defines uplink burst profilesDefines uplink burst profiles
bullbull Sent regularlySent regularly
bullbull All Uplink Burst profiles are acquiredAll Uplink Burst profiles are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the fly
bullbull Establishes association between UIUCEstablishes association between UIUCand actual PHY parametersand actual PHY parameters
Uplink MAP MessageUplink MAP Message
bullbull UL-MAP message defines usage of the uplinkUL-MAP message defines usage of the uplink
bullbull Contains the grantsContains the grants
bullbull Grants addressed to the SSGrants addressed to the SS
bullbull Time given in mini-slotsTime given in mini-slotsndashndash unit ofunit of uplink uplink bandwidth allocation bandwidth allocation
ndashndash 22mm physical slots physical slotsbullbull in 10-66in 10-66 GHz GHz PHY physical slot is 4 symbols PHY physical slot is 4 symbols
bullbull TTime expressed as arrival time at BSime expressed as arrival time at BS
Classes of Uplink ServiceClasses of Uplink ServiceCharacteristic of the Service FlowCharacteristic of the Service Flow
bullbull Unsolicited Grant Services (UGS)Unsolicited Grant Services (UGS)ndashndash for constant bit-rate (CBR) or CBR-like servicefor constant bit-rate (CBR) or CBR-like service
flows (flows (SFsSFs) such as T1E1) such as T1E1
bullbull Real-time Polling Services (Real-time Polling Services (rtPSrtPS))ndashndash for for rtrt-VBR-like -VBR-like SFsSFs such as MPEG video such as MPEG video
bullbull Non-real-time Polling Services (Non-real-time Polling Services (nrtPSnrtPS))ndashndash for for nrtnrt SFsSFs with better than best effort service with better than best effort service
such as bandwidth-intensive file transfersuch as bandwidth-intensive file transfer
bullbull Best Effort (BE)Best Effort (BE)ndashndash for best-effort trafficfor best-effort traffic
Uplink Services - UGSUplink Services - UGS
bullbull No explicit bandwidth requests issued by SSNo explicit bandwidth requests issued by SS
bullbull Prohibited from using any contention requestsProhibited from using any contention requests
bullbull No No unicast unicast request opportunity providedrequest opportunity provided
bullbull May include a Grant Management (GM) sub-May include a Grant Management (GM) sub-header containingheader containingndashndash Slip indicator indicates that there is an backlog inSlip indicator indicates that there is an backlog in
the buffer due to clock skew or loss of mapsthe buffer due to clock skew or loss of maps
ndashndash Poll-me bit indicates that the terminal needs to bePoll-me bit indicates that the terminal needs to bepolled (allows for not polling terminals with UGS-polled (allows for not polling terminals with UGS-only services)only services)
Uplink Services - Uplink Services - rtPSrtPS
bullbull Intended for Intended for rtrt-VBR-like service flows such as-VBR-like service flows such asMPEG videoMPEG video
bullbull Prohibited from using any contention requestsProhibited from using any contention requestsbullbull Terminals polled frequently enough to meetTerminals polled frequently enough to meet
the delay requirements of the the delay requirements of the SFsSFsbullbull Bandwidth requested with BW requestBandwidth requested with BW request
messages (a special MAC PDU header)messages (a special MAC PDU header)bullbull May use Grant Management sub-headerMay use Grant Management sub-header
ndashndash new request can be piggybacked with eachnew request can be piggybacked with eachtransmitted PDUtransmitted PDU
Uplink Service - Uplink Service - nrtPSnrtPS
bullbull Intended for non-real-time service flows withIntended for non-real-time service flows withbetter than best effort servicebetter than best effort servicendashndash eg bandwidth-intensive file transfer eg bandwidth-intensive file transfer
bullbull Works like Works like rtrt-polling except that polls are-polling except that polls areissued less frequentlyissued less frequently
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
Uplink Service - BEUplink Service - BE
bullbull Generic dataGeneric datandashndash eg HTTP SMTP etceg HTTP SMTP etc
bullbull No QoS guaranteesNo QoS guarantees
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
RequestGrant SchemeRequestGrant Scheme
bullbull Self CorrectingSelf Correctingndashndash No acknowledgementNo acknowledgement
ndashndash All errors are handled in the same way ieAll errors are handled in the same way ieperiodical aggregate requestsperiodical aggregate requests
bullbull Bandwidth Requests are always per ConnectionBandwidth Requests are always per Connection
bullbull Grants are either per Connection (GPC) or perGrants are either per Connection (GPC) or perSubscriber Station (GPSS)Subscriber Station (GPSS)
ndashndash Grants (given as Grants (given as durationsdurations) are carried in the) are carried in theUL-MAP messagesUL-MAP messages
ndashndash SS needs to convert the time to amount of dataSS needs to convert the time to amount of datausing information about the UIUCusing information about the UIUC
GPSS vs GPCGPSS vs GPCbullbull Bandwidth Grant per Subscriber Station (GPSS)Bandwidth Grant per Subscriber Station (GPSS)
ndashndash Base station grants bandwidth to the subscriber stationBase station grants bandwidth to the subscriber stationndashndash Subscriber station may re-distribute bandwidth among itsSubscriber station may re-distribute bandwidth among its
connections maintaining QoS and service-levelconnections maintaining QoS and service-levelagreementsagreements
ndashndash Suitable for many connections per terminal off-loadingSuitable for many connections per terminal off-loadingbase stationrsquos workbase stationrsquos work
ndashndash Allows more sophisticated reaction to QoS needsAllows more sophisticated reaction to QoS needsndashndash Low overhead but requires intelligent subscriber stationLow overhead but requires intelligent subscriber stationndashndash Mandatory for P80216 10-66 GHz PHYMandatory for P80216 10-66 GHz PHY
bullbull Bandwidth Grant per Connection (GPC)Bandwidth Grant per Connection (GPC)ndashndash Base station grants bandwidth to a connectionBase station grants bandwidth to a connectionndashndash Mostly suitable for few users per subscriber stationMostly suitable for few users per subscriber stationndashndash Higher overhead but allows simpler subscriber stationHigher overhead but allows simpler subscriber station
Bandwidth RequestsBandwidth Requestsbullbull Come from the Come from the ConnectionConnection
bullbull Several kinds of requestsSeveral kinds of requestsndashndash Implicit requests (UGS)Implicit requests (UGS)
bullbull No actual messages negotiated at connection setupNo actual messages negotiated at connection setup
ndashndash BW request messagesBW request messagesbullbull Uses the special BW request headerUses the special BW request header
bullbull Requests up to 32 KB with a single messageRequests up to 32 KB with a single message
bullbull Incremental or aggregate as indicated by MAC headerIncremental or aggregate as indicated by MAC header
ndashndash Piggybacked request (for non-UGS services only)Piggybacked request (for non-UGS services only)bullbull Presented in GM sub-header and always incrementalPresented in GM sub-header and always incremental
bullbull Up to 32 KB per request for the CIDUp to 32 KB per request for the CID
ndashndash Poll-Me bit (for UGS services only)Poll-Me bit (for UGS services only)bullbull Used by the SS to request a bandwidth poll for non-UGS servicesUsed by the SS to request a bandwidth poll for non-UGS services
BW Request MessageBW Request Message
Maintaining QoS in GPSSMaintaining QoS in GPSSbullbull Semi-distributed approachSemi-distributed approachbullbull BS sees the requests for each connectionBS sees the requests for each connection
based on this grants bandwidth (BW) to thebased on this grants bandwidth (BW) to theSSsSSs (maintaining QoS and fairness) (maintaining QoS and fairness)
bullbull SS scheduler maintains QoS among itsSS scheduler maintains QoS among itsconnections and is responsible to share theconnections and is responsible to share theBW among the connections (maintaining QoSBW among the connections (maintaining QoSand fairness)and fairness)
bullbull Algorithm in BS and SS can be very differentAlgorithm in BS and SS can be very differentSS may use BW in a way unforeseen by theSS may use BW in a way unforeseen by theBSBS
SS initializationSS initializationbullbull Scan forScan for downlink downlink channel and establish channel and establish
synchronization with the BSsynchronization with the BS
bullbull Obtain transmit parameters (from UCD message)Obtain transmit parameters (from UCD message)
bullbull Perform rangingPerform ranging
bullbull Negotiate basic capabilitiesNegotiate basic capabilities
bullbull Authorize SS and perform key exchangeAuthorize SS and perform key exchange
bullbull Perform registrationPerform registration
bullbull Establish IP connectivityEstablish IP connectivity
bullbull Establish time of dayEstablish time of day
bullbull Transfer operational parametersTransfer operational parameters
bullbull Set up connectionsSet up connections
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
P80216 ScopeP80216 Scope
Specifies the Specifies the air interfaceair interface including the medium including the mediumaccess control layer (access control layer (MACMAC) and physical layer) and physical layer((PHYPHY) of ) of fixedfixed point-to-multipointpoint-to-multipoint broadband broadbandwireless access systems providing wireless access systems providing multiplemultipleservicesservices The medium access control layer is The medium access control layer iscapable of supporting capable of supporting multiple physical layermultiple physical layerspecifications optimized for the frequency bands ofspecifications optimized for the frequency bands ofthe application The standard includes a the application The standard includes a particularparticularphysical layerphysical layer specification broadly applicable to specification broadly applicable tosystems operating systems operating between 10 and 66 GHzbetween 10 and 66 GHz
Point-to-MultipointPoint-to-Multipoint
Wireless MAN not a LANWireless MAN not a LANbullbull Base Station (BS) connected to public networksBase Station (BS) connected to public networks
bullbull BS serves Subscriber Stations (BS serves Subscriber Stations (SSsSSs))ndashndash BS and SS are stationaryBS and SS are stationary
ndashndash SS typically serves a building (business or residence)SS typically serves a building (business or residence)
ndashndash provide SS with first-mile access to public networksprovide SS with first-mile access to public networks
bullbull Multiple services with different Multiple services with different QoSQoS priority prioritysimultaneouslysimultaneously
Reference ModelReference Model
PHY Considerations thatPHY Considerations that
Effect the MAC (10-66 Effect the MAC (10-66 GHzGHz))bullbull Broadband ChannelsBroadband Channels
ndashndash Wide channels (20 25 or 28 MHz)Wide channels (20 25 or 28 MHz)ndashndash High capacity ndash Downlink High capacity ndash Downlink AND AND UplinkUplink
bullbull Multiple AccessMultiple Accessndashndash TDMTDMATDMTDMAndashndash High rate burst modemsHigh rate burst modems
bullbull Adaptive Burst Profiles onAdaptive Burst Profiles on Uplink Uplink and and Downlink Downlinkbullbull Duplex scheme agnosticDuplex scheme agnostic
ndashndash Time-Division Duplex (TDD)Time-Division Duplex (TDD)ndashndash Frequency-Division Duplex (FDD) [including Burst FDD]Frequency-Division Duplex (FDD) [including Burst FDD]
bullbull Support for Half-Duplex TerminalsSupport for Half-Duplex Terminals
Adaptive PHYAdaptive PHY
(burst-by-burst(burst-by-burst adaptivity adaptivity not shown) not shown)
Adaptive Burst ProfilesAdaptive Burst Profiles
bullbull Burst profileBurst profilendashndash Modulation and FECModulation and FEC
bullbull Dynamically assigned according to link conditionsDynamically assigned according to link conditionsndashndash Burst by burst per subscriber stationBurst by burst per subscriber station
ndashndash Trade-off capacity vs robustness in Trade-off capacity vs robustness in real timereal time
bullbull Roughly doubled capacity for the same cell areaRoughly doubled capacity for the same cell area
bullbull Burst profile for Burst profile for downlinkdownlink broadcast channel is well- broadcast channel is well-knownknownndashndash All other burst profiles could be configured ldquoon the flyrdquoAll other burst profiles could be configured ldquoon the flyrdquo
ndashndash Subscriber station capabilities recognized at registrationSubscriber station capabilities recognized at registration
Duplex Scheme SupportDuplex Scheme Support
bullbull OnOn downlink downlink SS is associated with a specific burst SS is associated with a specific burstbullbull OnOn uplink uplink SS is allotted a variable length time slot SS is allotted a variable length time slot
for their transmissionsfor their transmissionsbullbull Time-Division Duplex (TDD)Time-Division Duplex (TDD)
ndashndash DownlinkDownlink amp amp Uplink Uplink time share the same RF channel time share the same RF channelndashndash Dynamic asymmetryDynamic asymmetryndashndash SS does not transmit amp receive simultaneously (low cost)SS does not transmit amp receive simultaneously (low cost)
bullbull Frequency-Division Duplex (FDD)Frequency-Division Duplex (FDD)ndashndash DownlinkDownlink amp amp Uplink Uplink on separate RF channels on separate RF channelsndashndash Static asymmetryStatic asymmetryndashndash Half-duplex Half-duplex SSsSSs supported supported
bullbull SS does not transmit amp receive simultaneously (low cost)SS does not transmit amp receive simultaneously (low cost)
TDD Frame (10-66 TDD Frame (10-66 GHzGHz))
TDD Downlink TDD Downlink SubframeSubframe
DIUC Downlink Interval Usage Code
Burst FDD FramingBurst FDD Framing
frame
Broadcast
Full Duplex Capable User
Half Duplex Terminal 1
Half Duplex Terminal 2
UPLINK
DOWNLINK
Allows scheduling flexibility
FDD Downlink FDD Downlink SubframeSubframe
TDMA portion transmits data to some half-duplex SSs (the onesscheduled to transmit earlier in the frame than they receive)
bull Need preamble to re-sync (carrier phase)
Baud Rates amp Channel SizeBaud Rates amp Channel Size
(10-66 (10-66 GHzGHz))bullbull Flexible plan - allows equipmentFlexible plan - allows equipment
manufactures to choose according tomanufactures to choose according tospectrum requirementsspectrum requirements
QPSK QPSK 16-QAM16-QAM 64-QAM64-QAMChannelChannel SymbolSymbol Bit Rate Bit Rate Bit Rate Bit Rate Bit RateBit RateWidthWidth RateRate (MHz)(MHz) ((MsymMsyms)s) ((MbitMbits) s) ((MbitMbits)s) ((MbitMbits)s)
2020 1616 3232 6464 969625 25 2020 40 40 80 80 12012028 28 224224 448 448 896 896 13441344
MAC RequirementsMAC Requirementsbullbull Provide Network AccessProvide Network Accessbullbull Address the Address the Wireless Wireless environmentenvironment
ndashndash eg very efficient use of spectrum eg very efficient use of spectrum
bullbull Broadband servicesBroadband servicesndashndash Very high bit rates downlink and uplinkVery high bit rates downlink and uplinkndashndash A range of QoS requirementsA range of QoS requirementsndashndash Ethernet IPv4 IPv6 ATM Ethernet IPv4 IPv6 ATM
bullbull Likelihood of terminal being sharedLikelihood of terminal being sharedndashndash Base Station may be heavily loadedBase Station may be heavily loaded
bullbull SecuritySecuritybullbull Protocol-Independent EngineProtocol-Independent Engine
ndashndash Convergence layers to ATM IP Ethernet Convergence layers to ATM IP Ethernet
bullbull Support both TDD and FDD in the PHYSupport both TDD and FDD in the PHY
80216 MAC Overview80216 MAC Overviewbullbull Point-to-MultipointPoint-to-Multipointbullbull Metropolitan Area NetworkMetropolitan Area Networkbullbull Connection-orientedConnection-orientedbullbull Supports difficult user environmentsSupports difficult user environments
ndashndash High bandwidth hundreds of users per channelHigh bandwidth hundreds of users per channelndashndash Continuous and burst trafficContinuous and burst trafficndashndash Very efficient use of spectrumVery efficient use of spectrum
bullbull Protocol-Independent core (ATM IP Ethernet hellip)Protocol-Independent core (ATM IP Ethernet hellip)bullbull Balances between stability of Balances between stability of contentionlesscontentionless and and
efficiency of contention-based operationefficiency of contention-based operationbullbull Flexible QoS offeringsFlexible QoS offerings
ndashndash CBR CBR rtrt-VBR -VBR nrtnrt-VBR BE with granularity within classes-VBR BE with granularity within classes
bullbull Supports multiple 80216 Supports multiple 80216 PHYsPHYs
Relationship to DOCSISRelationship to DOCSIS
bullbull ManagementManagementndashndash Dynamic service ldquoeditingrdquo protocol (AddChangeDelete)Dynamic service ldquoeditingrdquo protocol (AddChangeDelete)ndashndash Management message payload formatManagement message payload format
bullbull SecuritySecurityndashndash Authentication and PrivacyAuthentication and Privacy
bullbull Polling categoriesPolling categoriesbullbull Initial AccessInitial Access
ndashndash Slightly modified allowing terminal capability negotiationSlightly modified allowing terminal capability negotiation
bullbull Core MAC protocol engine is new design forCore MAC protocol engine is new design forWireless Metropolitan Area NetworksWireless Metropolitan Area Networks
DefinitionsDefinitionsbullbull Service Data Unit (SDU)Service Data Unit (SDU)
ndashndash Data units exchanged between adjacent layersData units exchanged between adjacent layers
bullbull Protocol Data Unit (PDU)Protocol Data Unit (PDU)ndashndash Data units exchanged between peer entitiesData units exchanged between peer entities
bullbull Connection and Connection IDConnection and Connection IDndashndash a unidirectional mapping between MAC peersa unidirectional mapping between MAC peers
over the over the airlinkairlink (uniquely identified by a CID) (uniquely identified by a CID)
bullbull Service Flow and Service Flow IDService Flow and Service Flow IDndashndash a unidirectional flow of MAC a unidirectional flow of MAC PDUsPDUs on a on a
connection that provides a particular QoSconnection that provides a particular QoS(uniquely identified by a SFID)(uniquely identified by a SFID)
ATM Convergence SublayerATM Convergence Sublayer
bullbull Support forSupport forndashndash VP (Virtual Path) switched connectionsVP (Virtual Path) switched connections
ndashndash VC (Virtual Channel) switched connectionsVC (Virtual Channel) switched connections
bullbull Support for end-to-end signaling ofSupport for end-to-end signaling ofdynamically created connectionsdynamically created connectionsndashndash SVCsSVCs
ndashndash soft soft PVCsPVCs
bullbull ATM header suppressionATM header suppression
bullbull Full QoS supportFull QoS support
Packet Convergence SublayerPacket Convergence Sublayer
bullbull Initial support for Ethernet IPv4 and IPv6Initial support for Ethernet IPv4 and IPv6
bullbull Payload header suppressionPayload header suppressionndashndash generic plus IP-specificgeneric plus IP-specific
bullbull Full QoS supportFull QoS support
bullbull Possible future support forPossible future support forndashndash PPPPPP
ndashndash MPLSMPLS
ndashndash etcetc
MAC AddressingMAC Addressing
bullbull SS has 48-bit IEEE MAC AddressSS has 48-bit IEEE MAC Address
bullbull BS has 48-bit Base Station IDBS has 48-bit Base Station IDndashndash Not a MAC addressNot a MAC address
ndashndash 24-bit operator indicator24-bit operator indicator
bullbull 16-bit Connection ID (CID)16-bit Connection ID (CID)ndashndash Used in MAC Used in MAC PDUsPDUs
MAC PDU TransmissionMAC PDU Transmission
bullbull MACMAC PDUs PDUs are transmitted in PHY bursts are transmitted in PHY bursts
bullbull A single PHY burst can contain multipleA single PHY burst can contain multipleConcatenated Concatenated MACMAC PDUs PDUs
bullbull The PHY burst can contain multiple FECThe PHY burst can contain multiple FECblocksblocks
bullbull MAC MAC PDUsPDUs may span FEC block boundaries may span FEC block boundaries
bullbull The TC layer between the MAC and theThe TC layer between the MAC and thePHY allows for capturing the start of the nextPHY allows for capturing the start of the nextMAC PDU in case of erroneous FEC blocksMAC PDU in case of erroneous FEC blocks
MAC PDU TransmissionMAC PDU Transmission
Preamble FEC block
Burst
MAC PDUs PDU 1 PDU 2 PDU 3 PDU 4 PDU 5
FEC 1 FEC 2 FEC 3
MAC PDUs
P
P
MAC Message SDU 1 SDU 2
MAC PDU formatMAC PDU format
bullbull The Generic MAC header has fixed formatThe Generic MAC header has fixed formatbullbull One or more MAC sub-headers may be part of theOne or more MAC sub-headers may be part of the
payloadpayloadbullbull The presence of sub-headers is indicated by a TypeThe presence of sub-headers is indicated by a Type
field in the Generic MAC headerfield in the Generic MAC header
Generic MAC HeaderGeneric MAC Header
FragmentationFragmentationbullbull Partitioning a MAC SDU into fragments transportedPartitioning a MAC SDU into fragments transported
in multiple MACin multiple MAC PDUs PDUs
bullbull Each connection can be in only a singleEach connection can be in only a singlefragmentation state at any timefragmentation state at any time
bullbull Contents of the fragmentation sub-headerContents of the fragmentation sub-header
ndashndash 2-bit Fragmentation Control (FC)2-bit Fragmentation Control (FC)bullbull UnfragmentedUnfragmented Last fragment First fragment Last fragment First fragment
Continuing fragmentContinuing fragment
ndashndash 3-bit Fragmentation Sequence Number (FSN)3-bit Fragmentation Sequence Number (FSN)bullbull required to detect missing continuing fragmentsrequired to detect missing continuing fragments
bullbull continuous counter across continuous counter across SDUsSDUs
PackingPacking
bullbull The process of combining multiple MACThe process of combining multiple MAC SDUs SDUs(or fragments thereof) into a single MAC PDU(or fragments thereof) into a single MAC PDU
bullbull On connections with variable length MAC On connections with variable length MAC SDUsSDUsndashndash Packed PDU contains a sub-header for each packedPacked PDU contains a sub-header for each packed
SDU (or fragment thereof)SDU (or fragment thereof)
bullbull On connections with fixed length MAC On connections with fixed length MAC SDUsSDUsndashndash No packing sub-header neededNo packing sub-header needed
bullbull Packing and fragmentation can be combinedPacking and fragmentation can be combined
bullbull Can in certain situations save up to 10 ofCan in certain situations save up to 10 ofsystem bandwidthsystem bandwidth
Packing Fixed-Length Packing Fixed-Length SDUsSDUs
Packing Variable-Length Packing Variable-Length SDUsSDUs
bullbull2 Byte Packing Sub-Header before each SDU2 Byte Packing Sub-Header before each SDUbullbullLength of the SDU 11 bitsLength of the SDU 11 bitsbullbullfragmentation control (FC) 2 bitsfragmentation control (FC) 2 bitsbullbullfragmentation sequence number (FS) 3 bitsfragmentation sequence number (FS) 3 bits
Packing with FragmentationPacking with Fragmentation
Downlink transmissionsDownlink transmissionsbullbull Two kinds of bursts TDM and TDMATwo kinds of bursts TDM and TDMA
bullbull All bursts are identified by a DIUCAll bursts are identified by a DIUC
ndashndash DownlinkDownlink Interval Usage Code Interval Usage Code
bullbull TDMA bursts haveTDMA bursts have resync resync preamble preamblendashndash allows for more flexible schedulingallows for more flexible scheduling
bullbull Each terminal listens to all bursts at its operationalEach terminal listens to all bursts at its operationalIUC or at a more robust one except when told toIUC or at a more robust one except when told totransmittransmit
bullbull Each burst may contain data for several terminalsEach burst may contain data for several terminals
bullbull SS must recognize the SS must recognize the PDUsPDUs with known CIDs with known CIDs
bullbull DL-MAP message signals downlink usageDL-MAP message signals downlink usage
Downlink Channel DescriptorDownlink Channel Descriptor
bullbull Used for advertising downlink burst profilesUsed for advertising downlink burst profiles
bullbull Burst profile of DL broadcast channel is well-Burst profile of DL broadcast channel is well-knownknown
bullbull All others are acquiredAll others are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the flywithout interrupting the servicewithout interrupting the servicendashndash Not intended as super-adaptive modulationNot intended as super-adaptive modulation
bullbull Establishes association between DIUC andEstablishes association between DIUC andactual PHY parametersactual PHY parameters
Burst profilesBurst profilesbullbull Each burst profile hasEach burst profile has
mandatory exit thresholdmandatory exit thresholdand minimum entryand minimum entrythresholdthreshold
bullbull SS allowed to request a lessSS allowed to request a lessrobust DIUC once above therobust DIUC once above theminimum entry levelminimum entry level
bullbull SS must request fall back toSS must request fall back tomore robust DIUC once atmore robust DIUC once atmandatory exit thresholdmandatory exit threshold
bullbull Requests to change DIUCRequests to change DIUCdone with DBPC-REQ ordone with DBPC-REQ orRNG-REQ messagesRNG-REQ messages
Downlink Map MessageDownlink Map Message
bullbull DL-MAP message defines usage ofDL-MAP message defines usage ofdownlink and contains carrier-specific datadownlink and contains carrier-specific data
bullbull DL-MAP is first message in each frameDL-MAP is first message in each frame
bullbull Decoding very time-criticalDecoding very time-criticalndashndash typically done in hardwaretypically done in hardware
bullbull Entries denote instants when the burstEntries denote instants when the burstprofile changesprofile changes
Uplink TransmissionsUplink Transmissionsbullbull Invited transmissionsInvited transmissions
bullbull Transmissions in contention slotsTransmissions in contention slotsndashndash Bandwidth requestsBandwidth requests
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Transmissions in initial ranging slotsTransmissions in initial ranging slotsndashndash Ranging Requests (RNG-REQ)Ranging Requests (RNG-REQ)
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Bursts defined by Bursts defined by UIUCsUIUCs
bullbull Transmissions allocated by the UL-MAP messageTransmissions allocated by the UL-MAP message
bullbull All transmissions have synchronization preambleAll transmissions have synchronization preamble
bullbull Ideally all data from a single SS is concatenated intoIdeally all data from a single SS is concatenated intoa single PHY bursta single PHY burst
Uplink Channel DescriptorUplink Channel Descriptor
bullbull Defines uplink burst profilesDefines uplink burst profiles
bullbull Sent regularlySent regularly
bullbull All Uplink Burst profiles are acquiredAll Uplink Burst profiles are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the fly
bullbull Establishes association between UIUCEstablishes association between UIUCand actual PHY parametersand actual PHY parameters
Uplink MAP MessageUplink MAP Message
bullbull UL-MAP message defines usage of the uplinkUL-MAP message defines usage of the uplink
bullbull Contains the grantsContains the grants
bullbull Grants addressed to the SSGrants addressed to the SS
bullbull Time given in mini-slotsTime given in mini-slotsndashndash unit ofunit of uplink uplink bandwidth allocation bandwidth allocation
ndashndash 22mm physical slots physical slotsbullbull in 10-66in 10-66 GHz GHz PHY physical slot is 4 symbols PHY physical slot is 4 symbols
bullbull TTime expressed as arrival time at BSime expressed as arrival time at BS
Classes of Uplink ServiceClasses of Uplink ServiceCharacteristic of the Service FlowCharacteristic of the Service Flow
bullbull Unsolicited Grant Services (UGS)Unsolicited Grant Services (UGS)ndashndash for constant bit-rate (CBR) or CBR-like servicefor constant bit-rate (CBR) or CBR-like service
flows (flows (SFsSFs) such as T1E1) such as T1E1
bullbull Real-time Polling Services (Real-time Polling Services (rtPSrtPS))ndashndash for for rtrt-VBR-like -VBR-like SFsSFs such as MPEG video such as MPEG video
bullbull Non-real-time Polling Services (Non-real-time Polling Services (nrtPSnrtPS))ndashndash for for nrtnrt SFsSFs with better than best effort service with better than best effort service
such as bandwidth-intensive file transfersuch as bandwidth-intensive file transfer
bullbull Best Effort (BE)Best Effort (BE)ndashndash for best-effort trafficfor best-effort traffic
Uplink Services - UGSUplink Services - UGS
bullbull No explicit bandwidth requests issued by SSNo explicit bandwidth requests issued by SS
bullbull Prohibited from using any contention requestsProhibited from using any contention requests
bullbull No No unicast unicast request opportunity providedrequest opportunity provided
bullbull May include a Grant Management (GM) sub-May include a Grant Management (GM) sub-header containingheader containingndashndash Slip indicator indicates that there is an backlog inSlip indicator indicates that there is an backlog in
the buffer due to clock skew or loss of mapsthe buffer due to clock skew or loss of maps
ndashndash Poll-me bit indicates that the terminal needs to bePoll-me bit indicates that the terminal needs to bepolled (allows for not polling terminals with UGS-polled (allows for not polling terminals with UGS-only services)only services)
Uplink Services - Uplink Services - rtPSrtPS
bullbull Intended for Intended for rtrt-VBR-like service flows such as-VBR-like service flows such asMPEG videoMPEG video
bullbull Prohibited from using any contention requestsProhibited from using any contention requestsbullbull Terminals polled frequently enough to meetTerminals polled frequently enough to meet
the delay requirements of the the delay requirements of the SFsSFsbullbull Bandwidth requested with BW requestBandwidth requested with BW request
messages (a special MAC PDU header)messages (a special MAC PDU header)bullbull May use Grant Management sub-headerMay use Grant Management sub-header
ndashndash new request can be piggybacked with eachnew request can be piggybacked with eachtransmitted PDUtransmitted PDU
Uplink Service - Uplink Service - nrtPSnrtPS
bullbull Intended for non-real-time service flows withIntended for non-real-time service flows withbetter than best effort servicebetter than best effort servicendashndash eg bandwidth-intensive file transfer eg bandwidth-intensive file transfer
bullbull Works like Works like rtrt-polling except that polls are-polling except that polls areissued less frequentlyissued less frequently
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
Uplink Service - BEUplink Service - BE
bullbull Generic dataGeneric datandashndash eg HTTP SMTP etceg HTTP SMTP etc
bullbull No QoS guaranteesNo QoS guarantees
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
RequestGrant SchemeRequestGrant Scheme
bullbull Self CorrectingSelf Correctingndashndash No acknowledgementNo acknowledgement
ndashndash All errors are handled in the same way ieAll errors are handled in the same way ieperiodical aggregate requestsperiodical aggregate requests
bullbull Bandwidth Requests are always per ConnectionBandwidth Requests are always per Connection
bullbull Grants are either per Connection (GPC) or perGrants are either per Connection (GPC) or perSubscriber Station (GPSS)Subscriber Station (GPSS)
ndashndash Grants (given as Grants (given as durationsdurations) are carried in the) are carried in theUL-MAP messagesUL-MAP messages
ndashndash SS needs to convert the time to amount of dataSS needs to convert the time to amount of datausing information about the UIUCusing information about the UIUC
GPSS vs GPCGPSS vs GPCbullbull Bandwidth Grant per Subscriber Station (GPSS)Bandwidth Grant per Subscriber Station (GPSS)
ndashndash Base station grants bandwidth to the subscriber stationBase station grants bandwidth to the subscriber stationndashndash Subscriber station may re-distribute bandwidth among itsSubscriber station may re-distribute bandwidth among its
connections maintaining QoS and service-levelconnections maintaining QoS and service-levelagreementsagreements
ndashndash Suitable for many connections per terminal off-loadingSuitable for many connections per terminal off-loadingbase stationrsquos workbase stationrsquos work
ndashndash Allows more sophisticated reaction to QoS needsAllows more sophisticated reaction to QoS needsndashndash Low overhead but requires intelligent subscriber stationLow overhead but requires intelligent subscriber stationndashndash Mandatory for P80216 10-66 GHz PHYMandatory for P80216 10-66 GHz PHY
bullbull Bandwidth Grant per Connection (GPC)Bandwidth Grant per Connection (GPC)ndashndash Base station grants bandwidth to a connectionBase station grants bandwidth to a connectionndashndash Mostly suitable for few users per subscriber stationMostly suitable for few users per subscriber stationndashndash Higher overhead but allows simpler subscriber stationHigher overhead but allows simpler subscriber station
Bandwidth RequestsBandwidth Requestsbullbull Come from the Come from the ConnectionConnection
bullbull Several kinds of requestsSeveral kinds of requestsndashndash Implicit requests (UGS)Implicit requests (UGS)
bullbull No actual messages negotiated at connection setupNo actual messages negotiated at connection setup
ndashndash BW request messagesBW request messagesbullbull Uses the special BW request headerUses the special BW request header
bullbull Requests up to 32 KB with a single messageRequests up to 32 KB with a single message
bullbull Incremental or aggregate as indicated by MAC headerIncremental or aggregate as indicated by MAC header
ndashndash Piggybacked request (for non-UGS services only)Piggybacked request (for non-UGS services only)bullbull Presented in GM sub-header and always incrementalPresented in GM sub-header and always incremental
bullbull Up to 32 KB per request for the CIDUp to 32 KB per request for the CID
ndashndash Poll-Me bit (for UGS services only)Poll-Me bit (for UGS services only)bullbull Used by the SS to request a bandwidth poll for non-UGS servicesUsed by the SS to request a bandwidth poll for non-UGS services
BW Request MessageBW Request Message
Maintaining QoS in GPSSMaintaining QoS in GPSSbullbull Semi-distributed approachSemi-distributed approachbullbull BS sees the requests for each connectionBS sees the requests for each connection
based on this grants bandwidth (BW) to thebased on this grants bandwidth (BW) to theSSsSSs (maintaining QoS and fairness) (maintaining QoS and fairness)
bullbull SS scheduler maintains QoS among itsSS scheduler maintains QoS among itsconnections and is responsible to share theconnections and is responsible to share theBW among the connections (maintaining QoSBW among the connections (maintaining QoSand fairness)and fairness)
bullbull Algorithm in BS and SS can be very differentAlgorithm in BS and SS can be very differentSS may use BW in a way unforeseen by theSS may use BW in a way unforeseen by theBSBS
SS initializationSS initializationbullbull Scan forScan for downlink downlink channel and establish channel and establish
synchronization with the BSsynchronization with the BS
bullbull Obtain transmit parameters (from UCD message)Obtain transmit parameters (from UCD message)
bullbull Perform rangingPerform ranging
bullbull Negotiate basic capabilitiesNegotiate basic capabilities
bullbull Authorize SS and perform key exchangeAuthorize SS and perform key exchange
bullbull Perform registrationPerform registration
bullbull Establish IP connectivityEstablish IP connectivity
bullbull Establish time of dayEstablish time of day
bullbull Transfer operational parametersTransfer operational parameters
bullbull Set up connectionsSet up connections
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
Point-to-MultipointPoint-to-Multipoint
Wireless MAN not a LANWireless MAN not a LANbullbull Base Station (BS) connected to public networksBase Station (BS) connected to public networks
bullbull BS serves Subscriber Stations (BS serves Subscriber Stations (SSsSSs))ndashndash BS and SS are stationaryBS and SS are stationary
ndashndash SS typically serves a building (business or residence)SS typically serves a building (business or residence)
ndashndash provide SS with first-mile access to public networksprovide SS with first-mile access to public networks
bullbull Multiple services with different Multiple services with different QoSQoS priority prioritysimultaneouslysimultaneously
Reference ModelReference Model
PHY Considerations thatPHY Considerations that
Effect the MAC (10-66 Effect the MAC (10-66 GHzGHz))bullbull Broadband ChannelsBroadband Channels
ndashndash Wide channels (20 25 or 28 MHz)Wide channels (20 25 or 28 MHz)ndashndash High capacity ndash Downlink High capacity ndash Downlink AND AND UplinkUplink
bullbull Multiple AccessMultiple Accessndashndash TDMTDMATDMTDMAndashndash High rate burst modemsHigh rate burst modems
bullbull Adaptive Burst Profiles onAdaptive Burst Profiles on Uplink Uplink and and Downlink Downlinkbullbull Duplex scheme agnosticDuplex scheme agnostic
ndashndash Time-Division Duplex (TDD)Time-Division Duplex (TDD)ndashndash Frequency-Division Duplex (FDD) [including Burst FDD]Frequency-Division Duplex (FDD) [including Burst FDD]
bullbull Support for Half-Duplex TerminalsSupport for Half-Duplex Terminals
Adaptive PHYAdaptive PHY
(burst-by-burst(burst-by-burst adaptivity adaptivity not shown) not shown)
Adaptive Burst ProfilesAdaptive Burst Profiles
bullbull Burst profileBurst profilendashndash Modulation and FECModulation and FEC
bullbull Dynamically assigned according to link conditionsDynamically assigned according to link conditionsndashndash Burst by burst per subscriber stationBurst by burst per subscriber station
ndashndash Trade-off capacity vs robustness in Trade-off capacity vs robustness in real timereal time
bullbull Roughly doubled capacity for the same cell areaRoughly doubled capacity for the same cell area
bullbull Burst profile for Burst profile for downlinkdownlink broadcast channel is well- broadcast channel is well-knownknownndashndash All other burst profiles could be configured ldquoon the flyrdquoAll other burst profiles could be configured ldquoon the flyrdquo
ndashndash Subscriber station capabilities recognized at registrationSubscriber station capabilities recognized at registration
Duplex Scheme SupportDuplex Scheme Support
bullbull OnOn downlink downlink SS is associated with a specific burst SS is associated with a specific burstbullbull OnOn uplink uplink SS is allotted a variable length time slot SS is allotted a variable length time slot
for their transmissionsfor their transmissionsbullbull Time-Division Duplex (TDD)Time-Division Duplex (TDD)
ndashndash DownlinkDownlink amp amp Uplink Uplink time share the same RF channel time share the same RF channelndashndash Dynamic asymmetryDynamic asymmetryndashndash SS does not transmit amp receive simultaneously (low cost)SS does not transmit amp receive simultaneously (low cost)
bullbull Frequency-Division Duplex (FDD)Frequency-Division Duplex (FDD)ndashndash DownlinkDownlink amp amp Uplink Uplink on separate RF channels on separate RF channelsndashndash Static asymmetryStatic asymmetryndashndash Half-duplex Half-duplex SSsSSs supported supported
bullbull SS does not transmit amp receive simultaneously (low cost)SS does not transmit amp receive simultaneously (low cost)
TDD Frame (10-66 TDD Frame (10-66 GHzGHz))
TDD Downlink TDD Downlink SubframeSubframe
DIUC Downlink Interval Usage Code
Burst FDD FramingBurst FDD Framing
frame
Broadcast
Full Duplex Capable User
Half Duplex Terminal 1
Half Duplex Terminal 2
UPLINK
DOWNLINK
Allows scheduling flexibility
FDD Downlink FDD Downlink SubframeSubframe
TDMA portion transmits data to some half-duplex SSs (the onesscheduled to transmit earlier in the frame than they receive)
bull Need preamble to re-sync (carrier phase)
Baud Rates amp Channel SizeBaud Rates amp Channel Size
(10-66 (10-66 GHzGHz))bullbull Flexible plan - allows equipmentFlexible plan - allows equipment
manufactures to choose according tomanufactures to choose according tospectrum requirementsspectrum requirements
QPSK QPSK 16-QAM16-QAM 64-QAM64-QAMChannelChannel SymbolSymbol Bit Rate Bit Rate Bit Rate Bit Rate Bit RateBit RateWidthWidth RateRate (MHz)(MHz) ((MsymMsyms)s) ((MbitMbits) s) ((MbitMbits)s) ((MbitMbits)s)
2020 1616 3232 6464 969625 25 2020 40 40 80 80 12012028 28 224224 448 448 896 896 13441344
MAC RequirementsMAC Requirementsbullbull Provide Network AccessProvide Network Accessbullbull Address the Address the Wireless Wireless environmentenvironment
ndashndash eg very efficient use of spectrum eg very efficient use of spectrum
bullbull Broadband servicesBroadband servicesndashndash Very high bit rates downlink and uplinkVery high bit rates downlink and uplinkndashndash A range of QoS requirementsA range of QoS requirementsndashndash Ethernet IPv4 IPv6 ATM Ethernet IPv4 IPv6 ATM
bullbull Likelihood of terminal being sharedLikelihood of terminal being sharedndashndash Base Station may be heavily loadedBase Station may be heavily loaded
bullbull SecuritySecuritybullbull Protocol-Independent EngineProtocol-Independent Engine
ndashndash Convergence layers to ATM IP Ethernet Convergence layers to ATM IP Ethernet
bullbull Support both TDD and FDD in the PHYSupport both TDD and FDD in the PHY
80216 MAC Overview80216 MAC Overviewbullbull Point-to-MultipointPoint-to-Multipointbullbull Metropolitan Area NetworkMetropolitan Area Networkbullbull Connection-orientedConnection-orientedbullbull Supports difficult user environmentsSupports difficult user environments
ndashndash High bandwidth hundreds of users per channelHigh bandwidth hundreds of users per channelndashndash Continuous and burst trafficContinuous and burst trafficndashndash Very efficient use of spectrumVery efficient use of spectrum
bullbull Protocol-Independent core (ATM IP Ethernet hellip)Protocol-Independent core (ATM IP Ethernet hellip)bullbull Balances between stability of Balances between stability of contentionlesscontentionless and and
efficiency of contention-based operationefficiency of contention-based operationbullbull Flexible QoS offeringsFlexible QoS offerings
ndashndash CBR CBR rtrt-VBR -VBR nrtnrt-VBR BE with granularity within classes-VBR BE with granularity within classes
bullbull Supports multiple 80216 Supports multiple 80216 PHYsPHYs
Relationship to DOCSISRelationship to DOCSIS
bullbull ManagementManagementndashndash Dynamic service ldquoeditingrdquo protocol (AddChangeDelete)Dynamic service ldquoeditingrdquo protocol (AddChangeDelete)ndashndash Management message payload formatManagement message payload format
bullbull SecuritySecurityndashndash Authentication and PrivacyAuthentication and Privacy
bullbull Polling categoriesPolling categoriesbullbull Initial AccessInitial Access
ndashndash Slightly modified allowing terminal capability negotiationSlightly modified allowing terminal capability negotiation
bullbull Core MAC protocol engine is new design forCore MAC protocol engine is new design forWireless Metropolitan Area NetworksWireless Metropolitan Area Networks
DefinitionsDefinitionsbullbull Service Data Unit (SDU)Service Data Unit (SDU)
ndashndash Data units exchanged between adjacent layersData units exchanged between adjacent layers
bullbull Protocol Data Unit (PDU)Protocol Data Unit (PDU)ndashndash Data units exchanged between peer entitiesData units exchanged between peer entities
bullbull Connection and Connection IDConnection and Connection IDndashndash a unidirectional mapping between MAC peersa unidirectional mapping between MAC peers
over the over the airlinkairlink (uniquely identified by a CID) (uniquely identified by a CID)
bullbull Service Flow and Service Flow IDService Flow and Service Flow IDndashndash a unidirectional flow of MAC a unidirectional flow of MAC PDUsPDUs on a on a
connection that provides a particular QoSconnection that provides a particular QoS(uniquely identified by a SFID)(uniquely identified by a SFID)
ATM Convergence SublayerATM Convergence Sublayer
bullbull Support forSupport forndashndash VP (Virtual Path) switched connectionsVP (Virtual Path) switched connections
ndashndash VC (Virtual Channel) switched connectionsVC (Virtual Channel) switched connections
bullbull Support for end-to-end signaling ofSupport for end-to-end signaling ofdynamically created connectionsdynamically created connectionsndashndash SVCsSVCs
ndashndash soft soft PVCsPVCs
bullbull ATM header suppressionATM header suppression
bullbull Full QoS supportFull QoS support
Packet Convergence SublayerPacket Convergence Sublayer
bullbull Initial support for Ethernet IPv4 and IPv6Initial support for Ethernet IPv4 and IPv6
bullbull Payload header suppressionPayload header suppressionndashndash generic plus IP-specificgeneric plus IP-specific
bullbull Full QoS supportFull QoS support
bullbull Possible future support forPossible future support forndashndash PPPPPP
ndashndash MPLSMPLS
ndashndash etcetc
MAC AddressingMAC Addressing
bullbull SS has 48-bit IEEE MAC AddressSS has 48-bit IEEE MAC Address
bullbull BS has 48-bit Base Station IDBS has 48-bit Base Station IDndashndash Not a MAC addressNot a MAC address
ndashndash 24-bit operator indicator24-bit operator indicator
bullbull 16-bit Connection ID (CID)16-bit Connection ID (CID)ndashndash Used in MAC Used in MAC PDUsPDUs
MAC PDU TransmissionMAC PDU Transmission
bullbull MACMAC PDUs PDUs are transmitted in PHY bursts are transmitted in PHY bursts
bullbull A single PHY burst can contain multipleA single PHY burst can contain multipleConcatenated Concatenated MACMAC PDUs PDUs
bullbull The PHY burst can contain multiple FECThe PHY burst can contain multiple FECblocksblocks
bullbull MAC MAC PDUsPDUs may span FEC block boundaries may span FEC block boundaries
bullbull The TC layer between the MAC and theThe TC layer between the MAC and thePHY allows for capturing the start of the nextPHY allows for capturing the start of the nextMAC PDU in case of erroneous FEC blocksMAC PDU in case of erroneous FEC blocks
MAC PDU TransmissionMAC PDU Transmission
Preamble FEC block
Burst
MAC PDUs PDU 1 PDU 2 PDU 3 PDU 4 PDU 5
FEC 1 FEC 2 FEC 3
MAC PDUs
P
P
MAC Message SDU 1 SDU 2
MAC PDU formatMAC PDU format
bullbull The Generic MAC header has fixed formatThe Generic MAC header has fixed formatbullbull One or more MAC sub-headers may be part of theOne or more MAC sub-headers may be part of the
payloadpayloadbullbull The presence of sub-headers is indicated by a TypeThe presence of sub-headers is indicated by a Type
field in the Generic MAC headerfield in the Generic MAC header
Generic MAC HeaderGeneric MAC Header
FragmentationFragmentationbullbull Partitioning a MAC SDU into fragments transportedPartitioning a MAC SDU into fragments transported
in multiple MACin multiple MAC PDUs PDUs
bullbull Each connection can be in only a singleEach connection can be in only a singlefragmentation state at any timefragmentation state at any time
bullbull Contents of the fragmentation sub-headerContents of the fragmentation sub-header
ndashndash 2-bit Fragmentation Control (FC)2-bit Fragmentation Control (FC)bullbull UnfragmentedUnfragmented Last fragment First fragment Last fragment First fragment
Continuing fragmentContinuing fragment
ndashndash 3-bit Fragmentation Sequence Number (FSN)3-bit Fragmentation Sequence Number (FSN)bullbull required to detect missing continuing fragmentsrequired to detect missing continuing fragments
bullbull continuous counter across continuous counter across SDUsSDUs
PackingPacking
bullbull The process of combining multiple MACThe process of combining multiple MAC SDUs SDUs(or fragments thereof) into a single MAC PDU(or fragments thereof) into a single MAC PDU
bullbull On connections with variable length MAC On connections with variable length MAC SDUsSDUsndashndash Packed PDU contains a sub-header for each packedPacked PDU contains a sub-header for each packed
SDU (or fragment thereof)SDU (or fragment thereof)
bullbull On connections with fixed length MAC On connections with fixed length MAC SDUsSDUsndashndash No packing sub-header neededNo packing sub-header needed
bullbull Packing and fragmentation can be combinedPacking and fragmentation can be combined
bullbull Can in certain situations save up to 10 ofCan in certain situations save up to 10 ofsystem bandwidthsystem bandwidth
Packing Fixed-Length Packing Fixed-Length SDUsSDUs
Packing Variable-Length Packing Variable-Length SDUsSDUs
bullbull2 Byte Packing Sub-Header before each SDU2 Byte Packing Sub-Header before each SDUbullbullLength of the SDU 11 bitsLength of the SDU 11 bitsbullbullfragmentation control (FC) 2 bitsfragmentation control (FC) 2 bitsbullbullfragmentation sequence number (FS) 3 bitsfragmentation sequence number (FS) 3 bits
Packing with FragmentationPacking with Fragmentation
Downlink transmissionsDownlink transmissionsbullbull Two kinds of bursts TDM and TDMATwo kinds of bursts TDM and TDMA
bullbull All bursts are identified by a DIUCAll bursts are identified by a DIUC
ndashndash DownlinkDownlink Interval Usage Code Interval Usage Code
bullbull TDMA bursts haveTDMA bursts have resync resync preamble preamblendashndash allows for more flexible schedulingallows for more flexible scheduling
bullbull Each terminal listens to all bursts at its operationalEach terminal listens to all bursts at its operationalIUC or at a more robust one except when told toIUC or at a more robust one except when told totransmittransmit
bullbull Each burst may contain data for several terminalsEach burst may contain data for several terminals
bullbull SS must recognize the SS must recognize the PDUsPDUs with known CIDs with known CIDs
bullbull DL-MAP message signals downlink usageDL-MAP message signals downlink usage
Downlink Channel DescriptorDownlink Channel Descriptor
bullbull Used for advertising downlink burst profilesUsed for advertising downlink burst profiles
bullbull Burst profile of DL broadcast channel is well-Burst profile of DL broadcast channel is well-knownknown
bullbull All others are acquiredAll others are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the flywithout interrupting the servicewithout interrupting the servicendashndash Not intended as super-adaptive modulationNot intended as super-adaptive modulation
bullbull Establishes association between DIUC andEstablishes association between DIUC andactual PHY parametersactual PHY parameters
Burst profilesBurst profilesbullbull Each burst profile hasEach burst profile has
mandatory exit thresholdmandatory exit thresholdand minimum entryand minimum entrythresholdthreshold
bullbull SS allowed to request a lessSS allowed to request a lessrobust DIUC once above therobust DIUC once above theminimum entry levelminimum entry level
bullbull SS must request fall back toSS must request fall back tomore robust DIUC once atmore robust DIUC once atmandatory exit thresholdmandatory exit threshold
bullbull Requests to change DIUCRequests to change DIUCdone with DBPC-REQ ordone with DBPC-REQ orRNG-REQ messagesRNG-REQ messages
Downlink Map MessageDownlink Map Message
bullbull DL-MAP message defines usage ofDL-MAP message defines usage ofdownlink and contains carrier-specific datadownlink and contains carrier-specific data
bullbull DL-MAP is first message in each frameDL-MAP is first message in each frame
bullbull Decoding very time-criticalDecoding very time-criticalndashndash typically done in hardwaretypically done in hardware
bullbull Entries denote instants when the burstEntries denote instants when the burstprofile changesprofile changes
Uplink TransmissionsUplink Transmissionsbullbull Invited transmissionsInvited transmissions
bullbull Transmissions in contention slotsTransmissions in contention slotsndashndash Bandwidth requestsBandwidth requests
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Transmissions in initial ranging slotsTransmissions in initial ranging slotsndashndash Ranging Requests (RNG-REQ)Ranging Requests (RNG-REQ)
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Bursts defined by Bursts defined by UIUCsUIUCs
bullbull Transmissions allocated by the UL-MAP messageTransmissions allocated by the UL-MAP message
bullbull All transmissions have synchronization preambleAll transmissions have synchronization preamble
bullbull Ideally all data from a single SS is concatenated intoIdeally all data from a single SS is concatenated intoa single PHY bursta single PHY burst
Uplink Channel DescriptorUplink Channel Descriptor
bullbull Defines uplink burst profilesDefines uplink burst profiles
bullbull Sent regularlySent regularly
bullbull All Uplink Burst profiles are acquiredAll Uplink Burst profiles are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the fly
bullbull Establishes association between UIUCEstablishes association between UIUCand actual PHY parametersand actual PHY parameters
Uplink MAP MessageUplink MAP Message
bullbull UL-MAP message defines usage of the uplinkUL-MAP message defines usage of the uplink
bullbull Contains the grantsContains the grants
bullbull Grants addressed to the SSGrants addressed to the SS
bullbull Time given in mini-slotsTime given in mini-slotsndashndash unit ofunit of uplink uplink bandwidth allocation bandwidth allocation
ndashndash 22mm physical slots physical slotsbullbull in 10-66in 10-66 GHz GHz PHY physical slot is 4 symbols PHY physical slot is 4 symbols
bullbull TTime expressed as arrival time at BSime expressed as arrival time at BS
Classes of Uplink ServiceClasses of Uplink ServiceCharacteristic of the Service FlowCharacteristic of the Service Flow
bullbull Unsolicited Grant Services (UGS)Unsolicited Grant Services (UGS)ndashndash for constant bit-rate (CBR) or CBR-like servicefor constant bit-rate (CBR) or CBR-like service
flows (flows (SFsSFs) such as T1E1) such as T1E1
bullbull Real-time Polling Services (Real-time Polling Services (rtPSrtPS))ndashndash for for rtrt-VBR-like -VBR-like SFsSFs such as MPEG video such as MPEG video
bullbull Non-real-time Polling Services (Non-real-time Polling Services (nrtPSnrtPS))ndashndash for for nrtnrt SFsSFs with better than best effort service with better than best effort service
such as bandwidth-intensive file transfersuch as bandwidth-intensive file transfer
bullbull Best Effort (BE)Best Effort (BE)ndashndash for best-effort trafficfor best-effort traffic
Uplink Services - UGSUplink Services - UGS
bullbull No explicit bandwidth requests issued by SSNo explicit bandwidth requests issued by SS
bullbull Prohibited from using any contention requestsProhibited from using any contention requests
bullbull No No unicast unicast request opportunity providedrequest opportunity provided
bullbull May include a Grant Management (GM) sub-May include a Grant Management (GM) sub-header containingheader containingndashndash Slip indicator indicates that there is an backlog inSlip indicator indicates that there is an backlog in
the buffer due to clock skew or loss of mapsthe buffer due to clock skew or loss of maps
ndashndash Poll-me bit indicates that the terminal needs to bePoll-me bit indicates that the terminal needs to bepolled (allows for not polling terminals with UGS-polled (allows for not polling terminals with UGS-only services)only services)
Uplink Services - Uplink Services - rtPSrtPS
bullbull Intended for Intended for rtrt-VBR-like service flows such as-VBR-like service flows such asMPEG videoMPEG video
bullbull Prohibited from using any contention requestsProhibited from using any contention requestsbullbull Terminals polled frequently enough to meetTerminals polled frequently enough to meet
the delay requirements of the the delay requirements of the SFsSFsbullbull Bandwidth requested with BW requestBandwidth requested with BW request
messages (a special MAC PDU header)messages (a special MAC PDU header)bullbull May use Grant Management sub-headerMay use Grant Management sub-header
ndashndash new request can be piggybacked with eachnew request can be piggybacked with eachtransmitted PDUtransmitted PDU
Uplink Service - Uplink Service - nrtPSnrtPS
bullbull Intended for non-real-time service flows withIntended for non-real-time service flows withbetter than best effort servicebetter than best effort servicendashndash eg bandwidth-intensive file transfer eg bandwidth-intensive file transfer
bullbull Works like Works like rtrt-polling except that polls are-polling except that polls areissued less frequentlyissued less frequently
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
Uplink Service - BEUplink Service - BE
bullbull Generic dataGeneric datandashndash eg HTTP SMTP etceg HTTP SMTP etc
bullbull No QoS guaranteesNo QoS guarantees
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
RequestGrant SchemeRequestGrant Scheme
bullbull Self CorrectingSelf Correctingndashndash No acknowledgementNo acknowledgement
ndashndash All errors are handled in the same way ieAll errors are handled in the same way ieperiodical aggregate requestsperiodical aggregate requests
bullbull Bandwidth Requests are always per ConnectionBandwidth Requests are always per Connection
bullbull Grants are either per Connection (GPC) or perGrants are either per Connection (GPC) or perSubscriber Station (GPSS)Subscriber Station (GPSS)
ndashndash Grants (given as Grants (given as durationsdurations) are carried in the) are carried in theUL-MAP messagesUL-MAP messages
ndashndash SS needs to convert the time to amount of dataSS needs to convert the time to amount of datausing information about the UIUCusing information about the UIUC
GPSS vs GPCGPSS vs GPCbullbull Bandwidth Grant per Subscriber Station (GPSS)Bandwidth Grant per Subscriber Station (GPSS)
ndashndash Base station grants bandwidth to the subscriber stationBase station grants bandwidth to the subscriber stationndashndash Subscriber station may re-distribute bandwidth among itsSubscriber station may re-distribute bandwidth among its
connections maintaining QoS and service-levelconnections maintaining QoS and service-levelagreementsagreements
ndashndash Suitable for many connections per terminal off-loadingSuitable for many connections per terminal off-loadingbase stationrsquos workbase stationrsquos work
ndashndash Allows more sophisticated reaction to QoS needsAllows more sophisticated reaction to QoS needsndashndash Low overhead but requires intelligent subscriber stationLow overhead but requires intelligent subscriber stationndashndash Mandatory for P80216 10-66 GHz PHYMandatory for P80216 10-66 GHz PHY
bullbull Bandwidth Grant per Connection (GPC)Bandwidth Grant per Connection (GPC)ndashndash Base station grants bandwidth to a connectionBase station grants bandwidth to a connectionndashndash Mostly suitable for few users per subscriber stationMostly suitable for few users per subscriber stationndashndash Higher overhead but allows simpler subscriber stationHigher overhead but allows simpler subscriber station
Bandwidth RequestsBandwidth Requestsbullbull Come from the Come from the ConnectionConnection
bullbull Several kinds of requestsSeveral kinds of requestsndashndash Implicit requests (UGS)Implicit requests (UGS)
bullbull No actual messages negotiated at connection setupNo actual messages negotiated at connection setup
ndashndash BW request messagesBW request messagesbullbull Uses the special BW request headerUses the special BW request header
bullbull Requests up to 32 KB with a single messageRequests up to 32 KB with a single message
bullbull Incremental or aggregate as indicated by MAC headerIncremental or aggregate as indicated by MAC header
ndashndash Piggybacked request (for non-UGS services only)Piggybacked request (for non-UGS services only)bullbull Presented in GM sub-header and always incrementalPresented in GM sub-header and always incremental
bullbull Up to 32 KB per request for the CIDUp to 32 KB per request for the CID
ndashndash Poll-Me bit (for UGS services only)Poll-Me bit (for UGS services only)bullbull Used by the SS to request a bandwidth poll for non-UGS servicesUsed by the SS to request a bandwidth poll for non-UGS services
BW Request MessageBW Request Message
Maintaining QoS in GPSSMaintaining QoS in GPSSbullbull Semi-distributed approachSemi-distributed approachbullbull BS sees the requests for each connectionBS sees the requests for each connection
based on this grants bandwidth (BW) to thebased on this grants bandwidth (BW) to theSSsSSs (maintaining QoS and fairness) (maintaining QoS and fairness)
bullbull SS scheduler maintains QoS among itsSS scheduler maintains QoS among itsconnections and is responsible to share theconnections and is responsible to share theBW among the connections (maintaining QoSBW among the connections (maintaining QoSand fairness)and fairness)
bullbull Algorithm in BS and SS can be very differentAlgorithm in BS and SS can be very differentSS may use BW in a way unforeseen by theSS may use BW in a way unforeseen by theBSBS
SS initializationSS initializationbullbull Scan forScan for downlink downlink channel and establish channel and establish
synchronization with the BSsynchronization with the BS
bullbull Obtain transmit parameters (from UCD message)Obtain transmit parameters (from UCD message)
bullbull Perform rangingPerform ranging
bullbull Negotiate basic capabilitiesNegotiate basic capabilities
bullbull Authorize SS and perform key exchangeAuthorize SS and perform key exchange
bullbull Perform registrationPerform registration
bullbull Establish IP connectivityEstablish IP connectivity
bullbull Establish time of dayEstablish time of day
bullbull Transfer operational parametersTransfer operational parameters
bullbull Set up connectionsSet up connections
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
Reference ModelReference Model
PHY Considerations thatPHY Considerations that
Effect the MAC (10-66 Effect the MAC (10-66 GHzGHz))bullbull Broadband ChannelsBroadband Channels
ndashndash Wide channels (20 25 or 28 MHz)Wide channels (20 25 or 28 MHz)ndashndash High capacity ndash Downlink High capacity ndash Downlink AND AND UplinkUplink
bullbull Multiple AccessMultiple Accessndashndash TDMTDMATDMTDMAndashndash High rate burst modemsHigh rate burst modems
bullbull Adaptive Burst Profiles onAdaptive Burst Profiles on Uplink Uplink and and Downlink Downlinkbullbull Duplex scheme agnosticDuplex scheme agnostic
ndashndash Time-Division Duplex (TDD)Time-Division Duplex (TDD)ndashndash Frequency-Division Duplex (FDD) [including Burst FDD]Frequency-Division Duplex (FDD) [including Burst FDD]
bullbull Support for Half-Duplex TerminalsSupport for Half-Duplex Terminals
Adaptive PHYAdaptive PHY
(burst-by-burst(burst-by-burst adaptivity adaptivity not shown) not shown)
Adaptive Burst ProfilesAdaptive Burst Profiles
bullbull Burst profileBurst profilendashndash Modulation and FECModulation and FEC
bullbull Dynamically assigned according to link conditionsDynamically assigned according to link conditionsndashndash Burst by burst per subscriber stationBurst by burst per subscriber station
ndashndash Trade-off capacity vs robustness in Trade-off capacity vs robustness in real timereal time
bullbull Roughly doubled capacity for the same cell areaRoughly doubled capacity for the same cell area
bullbull Burst profile for Burst profile for downlinkdownlink broadcast channel is well- broadcast channel is well-knownknownndashndash All other burst profiles could be configured ldquoon the flyrdquoAll other burst profiles could be configured ldquoon the flyrdquo
ndashndash Subscriber station capabilities recognized at registrationSubscriber station capabilities recognized at registration
Duplex Scheme SupportDuplex Scheme Support
bullbull OnOn downlink downlink SS is associated with a specific burst SS is associated with a specific burstbullbull OnOn uplink uplink SS is allotted a variable length time slot SS is allotted a variable length time slot
for their transmissionsfor their transmissionsbullbull Time-Division Duplex (TDD)Time-Division Duplex (TDD)
ndashndash DownlinkDownlink amp amp Uplink Uplink time share the same RF channel time share the same RF channelndashndash Dynamic asymmetryDynamic asymmetryndashndash SS does not transmit amp receive simultaneously (low cost)SS does not transmit amp receive simultaneously (low cost)
bullbull Frequency-Division Duplex (FDD)Frequency-Division Duplex (FDD)ndashndash DownlinkDownlink amp amp Uplink Uplink on separate RF channels on separate RF channelsndashndash Static asymmetryStatic asymmetryndashndash Half-duplex Half-duplex SSsSSs supported supported
bullbull SS does not transmit amp receive simultaneously (low cost)SS does not transmit amp receive simultaneously (low cost)
TDD Frame (10-66 TDD Frame (10-66 GHzGHz))
TDD Downlink TDD Downlink SubframeSubframe
DIUC Downlink Interval Usage Code
Burst FDD FramingBurst FDD Framing
frame
Broadcast
Full Duplex Capable User
Half Duplex Terminal 1
Half Duplex Terminal 2
UPLINK
DOWNLINK
Allows scheduling flexibility
FDD Downlink FDD Downlink SubframeSubframe
TDMA portion transmits data to some half-duplex SSs (the onesscheduled to transmit earlier in the frame than they receive)
bull Need preamble to re-sync (carrier phase)
Baud Rates amp Channel SizeBaud Rates amp Channel Size
(10-66 (10-66 GHzGHz))bullbull Flexible plan - allows equipmentFlexible plan - allows equipment
manufactures to choose according tomanufactures to choose according tospectrum requirementsspectrum requirements
QPSK QPSK 16-QAM16-QAM 64-QAM64-QAMChannelChannel SymbolSymbol Bit Rate Bit Rate Bit Rate Bit Rate Bit RateBit RateWidthWidth RateRate (MHz)(MHz) ((MsymMsyms)s) ((MbitMbits) s) ((MbitMbits)s) ((MbitMbits)s)
2020 1616 3232 6464 969625 25 2020 40 40 80 80 12012028 28 224224 448 448 896 896 13441344
MAC RequirementsMAC Requirementsbullbull Provide Network AccessProvide Network Accessbullbull Address the Address the Wireless Wireless environmentenvironment
ndashndash eg very efficient use of spectrum eg very efficient use of spectrum
bullbull Broadband servicesBroadband servicesndashndash Very high bit rates downlink and uplinkVery high bit rates downlink and uplinkndashndash A range of QoS requirementsA range of QoS requirementsndashndash Ethernet IPv4 IPv6 ATM Ethernet IPv4 IPv6 ATM
bullbull Likelihood of terminal being sharedLikelihood of terminal being sharedndashndash Base Station may be heavily loadedBase Station may be heavily loaded
bullbull SecuritySecuritybullbull Protocol-Independent EngineProtocol-Independent Engine
ndashndash Convergence layers to ATM IP Ethernet Convergence layers to ATM IP Ethernet
bullbull Support both TDD and FDD in the PHYSupport both TDD and FDD in the PHY
80216 MAC Overview80216 MAC Overviewbullbull Point-to-MultipointPoint-to-Multipointbullbull Metropolitan Area NetworkMetropolitan Area Networkbullbull Connection-orientedConnection-orientedbullbull Supports difficult user environmentsSupports difficult user environments
ndashndash High bandwidth hundreds of users per channelHigh bandwidth hundreds of users per channelndashndash Continuous and burst trafficContinuous and burst trafficndashndash Very efficient use of spectrumVery efficient use of spectrum
bullbull Protocol-Independent core (ATM IP Ethernet hellip)Protocol-Independent core (ATM IP Ethernet hellip)bullbull Balances between stability of Balances between stability of contentionlesscontentionless and and
efficiency of contention-based operationefficiency of contention-based operationbullbull Flexible QoS offeringsFlexible QoS offerings
ndashndash CBR CBR rtrt-VBR -VBR nrtnrt-VBR BE with granularity within classes-VBR BE with granularity within classes
bullbull Supports multiple 80216 Supports multiple 80216 PHYsPHYs
Relationship to DOCSISRelationship to DOCSIS
bullbull ManagementManagementndashndash Dynamic service ldquoeditingrdquo protocol (AddChangeDelete)Dynamic service ldquoeditingrdquo protocol (AddChangeDelete)ndashndash Management message payload formatManagement message payload format
bullbull SecuritySecurityndashndash Authentication and PrivacyAuthentication and Privacy
bullbull Polling categoriesPolling categoriesbullbull Initial AccessInitial Access
ndashndash Slightly modified allowing terminal capability negotiationSlightly modified allowing terminal capability negotiation
bullbull Core MAC protocol engine is new design forCore MAC protocol engine is new design forWireless Metropolitan Area NetworksWireless Metropolitan Area Networks
DefinitionsDefinitionsbullbull Service Data Unit (SDU)Service Data Unit (SDU)
ndashndash Data units exchanged between adjacent layersData units exchanged between adjacent layers
bullbull Protocol Data Unit (PDU)Protocol Data Unit (PDU)ndashndash Data units exchanged between peer entitiesData units exchanged between peer entities
bullbull Connection and Connection IDConnection and Connection IDndashndash a unidirectional mapping between MAC peersa unidirectional mapping between MAC peers
over the over the airlinkairlink (uniquely identified by a CID) (uniquely identified by a CID)
bullbull Service Flow and Service Flow IDService Flow and Service Flow IDndashndash a unidirectional flow of MAC a unidirectional flow of MAC PDUsPDUs on a on a
connection that provides a particular QoSconnection that provides a particular QoS(uniquely identified by a SFID)(uniquely identified by a SFID)
ATM Convergence SublayerATM Convergence Sublayer
bullbull Support forSupport forndashndash VP (Virtual Path) switched connectionsVP (Virtual Path) switched connections
ndashndash VC (Virtual Channel) switched connectionsVC (Virtual Channel) switched connections
bullbull Support for end-to-end signaling ofSupport for end-to-end signaling ofdynamically created connectionsdynamically created connectionsndashndash SVCsSVCs
ndashndash soft soft PVCsPVCs
bullbull ATM header suppressionATM header suppression
bullbull Full QoS supportFull QoS support
Packet Convergence SublayerPacket Convergence Sublayer
bullbull Initial support for Ethernet IPv4 and IPv6Initial support for Ethernet IPv4 and IPv6
bullbull Payload header suppressionPayload header suppressionndashndash generic plus IP-specificgeneric plus IP-specific
bullbull Full QoS supportFull QoS support
bullbull Possible future support forPossible future support forndashndash PPPPPP
ndashndash MPLSMPLS
ndashndash etcetc
MAC AddressingMAC Addressing
bullbull SS has 48-bit IEEE MAC AddressSS has 48-bit IEEE MAC Address
bullbull BS has 48-bit Base Station IDBS has 48-bit Base Station IDndashndash Not a MAC addressNot a MAC address
ndashndash 24-bit operator indicator24-bit operator indicator
bullbull 16-bit Connection ID (CID)16-bit Connection ID (CID)ndashndash Used in MAC Used in MAC PDUsPDUs
MAC PDU TransmissionMAC PDU Transmission
bullbull MACMAC PDUs PDUs are transmitted in PHY bursts are transmitted in PHY bursts
bullbull A single PHY burst can contain multipleA single PHY burst can contain multipleConcatenated Concatenated MACMAC PDUs PDUs
bullbull The PHY burst can contain multiple FECThe PHY burst can contain multiple FECblocksblocks
bullbull MAC MAC PDUsPDUs may span FEC block boundaries may span FEC block boundaries
bullbull The TC layer between the MAC and theThe TC layer between the MAC and thePHY allows for capturing the start of the nextPHY allows for capturing the start of the nextMAC PDU in case of erroneous FEC blocksMAC PDU in case of erroneous FEC blocks
MAC PDU TransmissionMAC PDU Transmission
Preamble FEC block
Burst
MAC PDUs PDU 1 PDU 2 PDU 3 PDU 4 PDU 5
FEC 1 FEC 2 FEC 3
MAC PDUs
P
P
MAC Message SDU 1 SDU 2
MAC PDU formatMAC PDU format
bullbull The Generic MAC header has fixed formatThe Generic MAC header has fixed formatbullbull One or more MAC sub-headers may be part of theOne or more MAC sub-headers may be part of the
payloadpayloadbullbull The presence of sub-headers is indicated by a TypeThe presence of sub-headers is indicated by a Type
field in the Generic MAC headerfield in the Generic MAC header
Generic MAC HeaderGeneric MAC Header
FragmentationFragmentationbullbull Partitioning a MAC SDU into fragments transportedPartitioning a MAC SDU into fragments transported
in multiple MACin multiple MAC PDUs PDUs
bullbull Each connection can be in only a singleEach connection can be in only a singlefragmentation state at any timefragmentation state at any time
bullbull Contents of the fragmentation sub-headerContents of the fragmentation sub-header
ndashndash 2-bit Fragmentation Control (FC)2-bit Fragmentation Control (FC)bullbull UnfragmentedUnfragmented Last fragment First fragment Last fragment First fragment
Continuing fragmentContinuing fragment
ndashndash 3-bit Fragmentation Sequence Number (FSN)3-bit Fragmentation Sequence Number (FSN)bullbull required to detect missing continuing fragmentsrequired to detect missing continuing fragments
bullbull continuous counter across continuous counter across SDUsSDUs
PackingPacking
bullbull The process of combining multiple MACThe process of combining multiple MAC SDUs SDUs(or fragments thereof) into a single MAC PDU(or fragments thereof) into a single MAC PDU
bullbull On connections with variable length MAC On connections with variable length MAC SDUsSDUsndashndash Packed PDU contains a sub-header for each packedPacked PDU contains a sub-header for each packed
SDU (or fragment thereof)SDU (or fragment thereof)
bullbull On connections with fixed length MAC On connections with fixed length MAC SDUsSDUsndashndash No packing sub-header neededNo packing sub-header needed
bullbull Packing and fragmentation can be combinedPacking and fragmentation can be combined
bullbull Can in certain situations save up to 10 ofCan in certain situations save up to 10 ofsystem bandwidthsystem bandwidth
Packing Fixed-Length Packing Fixed-Length SDUsSDUs
Packing Variable-Length Packing Variable-Length SDUsSDUs
bullbull2 Byte Packing Sub-Header before each SDU2 Byte Packing Sub-Header before each SDUbullbullLength of the SDU 11 bitsLength of the SDU 11 bitsbullbullfragmentation control (FC) 2 bitsfragmentation control (FC) 2 bitsbullbullfragmentation sequence number (FS) 3 bitsfragmentation sequence number (FS) 3 bits
Packing with FragmentationPacking with Fragmentation
Downlink transmissionsDownlink transmissionsbullbull Two kinds of bursts TDM and TDMATwo kinds of bursts TDM and TDMA
bullbull All bursts are identified by a DIUCAll bursts are identified by a DIUC
ndashndash DownlinkDownlink Interval Usage Code Interval Usage Code
bullbull TDMA bursts haveTDMA bursts have resync resync preamble preamblendashndash allows for more flexible schedulingallows for more flexible scheduling
bullbull Each terminal listens to all bursts at its operationalEach terminal listens to all bursts at its operationalIUC or at a more robust one except when told toIUC or at a more robust one except when told totransmittransmit
bullbull Each burst may contain data for several terminalsEach burst may contain data for several terminals
bullbull SS must recognize the SS must recognize the PDUsPDUs with known CIDs with known CIDs
bullbull DL-MAP message signals downlink usageDL-MAP message signals downlink usage
Downlink Channel DescriptorDownlink Channel Descriptor
bullbull Used for advertising downlink burst profilesUsed for advertising downlink burst profiles
bullbull Burst profile of DL broadcast channel is well-Burst profile of DL broadcast channel is well-knownknown
bullbull All others are acquiredAll others are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the flywithout interrupting the servicewithout interrupting the servicendashndash Not intended as super-adaptive modulationNot intended as super-adaptive modulation
bullbull Establishes association between DIUC andEstablishes association between DIUC andactual PHY parametersactual PHY parameters
Burst profilesBurst profilesbullbull Each burst profile hasEach burst profile has
mandatory exit thresholdmandatory exit thresholdand minimum entryand minimum entrythresholdthreshold
bullbull SS allowed to request a lessSS allowed to request a lessrobust DIUC once above therobust DIUC once above theminimum entry levelminimum entry level
bullbull SS must request fall back toSS must request fall back tomore robust DIUC once atmore robust DIUC once atmandatory exit thresholdmandatory exit threshold
bullbull Requests to change DIUCRequests to change DIUCdone with DBPC-REQ ordone with DBPC-REQ orRNG-REQ messagesRNG-REQ messages
Downlink Map MessageDownlink Map Message
bullbull DL-MAP message defines usage ofDL-MAP message defines usage ofdownlink and contains carrier-specific datadownlink and contains carrier-specific data
bullbull DL-MAP is first message in each frameDL-MAP is first message in each frame
bullbull Decoding very time-criticalDecoding very time-criticalndashndash typically done in hardwaretypically done in hardware
bullbull Entries denote instants when the burstEntries denote instants when the burstprofile changesprofile changes
Uplink TransmissionsUplink Transmissionsbullbull Invited transmissionsInvited transmissions
bullbull Transmissions in contention slotsTransmissions in contention slotsndashndash Bandwidth requestsBandwidth requests
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Transmissions in initial ranging slotsTransmissions in initial ranging slotsndashndash Ranging Requests (RNG-REQ)Ranging Requests (RNG-REQ)
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Bursts defined by Bursts defined by UIUCsUIUCs
bullbull Transmissions allocated by the UL-MAP messageTransmissions allocated by the UL-MAP message
bullbull All transmissions have synchronization preambleAll transmissions have synchronization preamble
bullbull Ideally all data from a single SS is concatenated intoIdeally all data from a single SS is concatenated intoa single PHY bursta single PHY burst
Uplink Channel DescriptorUplink Channel Descriptor
bullbull Defines uplink burst profilesDefines uplink burst profiles
bullbull Sent regularlySent regularly
bullbull All Uplink Burst profiles are acquiredAll Uplink Burst profiles are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the fly
bullbull Establishes association between UIUCEstablishes association between UIUCand actual PHY parametersand actual PHY parameters
Uplink MAP MessageUplink MAP Message
bullbull UL-MAP message defines usage of the uplinkUL-MAP message defines usage of the uplink
bullbull Contains the grantsContains the grants
bullbull Grants addressed to the SSGrants addressed to the SS
bullbull Time given in mini-slotsTime given in mini-slotsndashndash unit ofunit of uplink uplink bandwidth allocation bandwidth allocation
ndashndash 22mm physical slots physical slotsbullbull in 10-66in 10-66 GHz GHz PHY physical slot is 4 symbols PHY physical slot is 4 symbols
bullbull TTime expressed as arrival time at BSime expressed as arrival time at BS
Classes of Uplink ServiceClasses of Uplink ServiceCharacteristic of the Service FlowCharacteristic of the Service Flow
bullbull Unsolicited Grant Services (UGS)Unsolicited Grant Services (UGS)ndashndash for constant bit-rate (CBR) or CBR-like servicefor constant bit-rate (CBR) or CBR-like service
flows (flows (SFsSFs) such as T1E1) such as T1E1
bullbull Real-time Polling Services (Real-time Polling Services (rtPSrtPS))ndashndash for for rtrt-VBR-like -VBR-like SFsSFs such as MPEG video such as MPEG video
bullbull Non-real-time Polling Services (Non-real-time Polling Services (nrtPSnrtPS))ndashndash for for nrtnrt SFsSFs with better than best effort service with better than best effort service
such as bandwidth-intensive file transfersuch as bandwidth-intensive file transfer
bullbull Best Effort (BE)Best Effort (BE)ndashndash for best-effort trafficfor best-effort traffic
Uplink Services - UGSUplink Services - UGS
bullbull No explicit bandwidth requests issued by SSNo explicit bandwidth requests issued by SS
bullbull Prohibited from using any contention requestsProhibited from using any contention requests
bullbull No No unicast unicast request opportunity providedrequest opportunity provided
bullbull May include a Grant Management (GM) sub-May include a Grant Management (GM) sub-header containingheader containingndashndash Slip indicator indicates that there is an backlog inSlip indicator indicates that there is an backlog in
the buffer due to clock skew or loss of mapsthe buffer due to clock skew or loss of maps
ndashndash Poll-me bit indicates that the terminal needs to bePoll-me bit indicates that the terminal needs to bepolled (allows for not polling terminals with UGS-polled (allows for not polling terminals with UGS-only services)only services)
Uplink Services - Uplink Services - rtPSrtPS
bullbull Intended for Intended for rtrt-VBR-like service flows such as-VBR-like service flows such asMPEG videoMPEG video
bullbull Prohibited from using any contention requestsProhibited from using any contention requestsbullbull Terminals polled frequently enough to meetTerminals polled frequently enough to meet
the delay requirements of the the delay requirements of the SFsSFsbullbull Bandwidth requested with BW requestBandwidth requested with BW request
messages (a special MAC PDU header)messages (a special MAC PDU header)bullbull May use Grant Management sub-headerMay use Grant Management sub-header
ndashndash new request can be piggybacked with eachnew request can be piggybacked with eachtransmitted PDUtransmitted PDU
Uplink Service - Uplink Service - nrtPSnrtPS
bullbull Intended for non-real-time service flows withIntended for non-real-time service flows withbetter than best effort servicebetter than best effort servicendashndash eg bandwidth-intensive file transfer eg bandwidth-intensive file transfer
bullbull Works like Works like rtrt-polling except that polls are-polling except that polls areissued less frequentlyissued less frequently
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
Uplink Service - BEUplink Service - BE
bullbull Generic dataGeneric datandashndash eg HTTP SMTP etceg HTTP SMTP etc
bullbull No QoS guaranteesNo QoS guarantees
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
RequestGrant SchemeRequestGrant Scheme
bullbull Self CorrectingSelf Correctingndashndash No acknowledgementNo acknowledgement
ndashndash All errors are handled in the same way ieAll errors are handled in the same way ieperiodical aggregate requestsperiodical aggregate requests
bullbull Bandwidth Requests are always per ConnectionBandwidth Requests are always per Connection
bullbull Grants are either per Connection (GPC) or perGrants are either per Connection (GPC) or perSubscriber Station (GPSS)Subscriber Station (GPSS)
ndashndash Grants (given as Grants (given as durationsdurations) are carried in the) are carried in theUL-MAP messagesUL-MAP messages
ndashndash SS needs to convert the time to amount of dataSS needs to convert the time to amount of datausing information about the UIUCusing information about the UIUC
GPSS vs GPCGPSS vs GPCbullbull Bandwidth Grant per Subscriber Station (GPSS)Bandwidth Grant per Subscriber Station (GPSS)
ndashndash Base station grants bandwidth to the subscriber stationBase station grants bandwidth to the subscriber stationndashndash Subscriber station may re-distribute bandwidth among itsSubscriber station may re-distribute bandwidth among its
connections maintaining QoS and service-levelconnections maintaining QoS and service-levelagreementsagreements
ndashndash Suitable for many connections per terminal off-loadingSuitable for many connections per terminal off-loadingbase stationrsquos workbase stationrsquos work
ndashndash Allows more sophisticated reaction to QoS needsAllows more sophisticated reaction to QoS needsndashndash Low overhead but requires intelligent subscriber stationLow overhead but requires intelligent subscriber stationndashndash Mandatory for P80216 10-66 GHz PHYMandatory for P80216 10-66 GHz PHY
bullbull Bandwidth Grant per Connection (GPC)Bandwidth Grant per Connection (GPC)ndashndash Base station grants bandwidth to a connectionBase station grants bandwidth to a connectionndashndash Mostly suitable for few users per subscriber stationMostly suitable for few users per subscriber stationndashndash Higher overhead but allows simpler subscriber stationHigher overhead but allows simpler subscriber station
Bandwidth RequestsBandwidth Requestsbullbull Come from the Come from the ConnectionConnection
bullbull Several kinds of requestsSeveral kinds of requestsndashndash Implicit requests (UGS)Implicit requests (UGS)
bullbull No actual messages negotiated at connection setupNo actual messages negotiated at connection setup
ndashndash BW request messagesBW request messagesbullbull Uses the special BW request headerUses the special BW request header
bullbull Requests up to 32 KB with a single messageRequests up to 32 KB with a single message
bullbull Incremental or aggregate as indicated by MAC headerIncremental or aggregate as indicated by MAC header
ndashndash Piggybacked request (for non-UGS services only)Piggybacked request (for non-UGS services only)bullbull Presented in GM sub-header and always incrementalPresented in GM sub-header and always incremental
bullbull Up to 32 KB per request for the CIDUp to 32 KB per request for the CID
ndashndash Poll-Me bit (for UGS services only)Poll-Me bit (for UGS services only)bullbull Used by the SS to request a bandwidth poll for non-UGS servicesUsed by the SS to request a bandwidth poll for non-UGS services
BW Request MessageBW Request Message
Maintaining QoS in GPSSMaintaining QoS in GPSSbullbull Semi-distributed approachSemi-distributed approachbullbull BS sees the requests for each connectionBS sees the requests for each connection
based on this grants bandwidth (BW) to thebased on this grants bandwidth (BW) to theSSsSSs (maintaining QoS and fairness) (maintaining QoS and fairness)
bullbull SS scheduler maintains QoS among itsSS scheduler maintains QoS among itsconnections and is responsible to share theconnections and is responsible to share theBW among the connections (maintaining QoSBW among the connections (maintaining QoSand fairness)and fairness)
bullbull Algorithm in BS and SS can be very differentAlgorithm in BS and SS can be very differentSS may use BW in a way unforeseen by theSS may use BW in a way unforeseen by theBSBS
SS initializationSS initializationbullbull Scan forScan for downlink downlink channel and establish channel and establish
synchronization with the BSsynchronization with the BS
bullbull Obtain transmit parameters (from UCD message)Obtain transmit parameters (from UCD message)
bullbull Perform rangingPerform ranging
bullbull Negotiate basic capabilitiesNegotiate basic capabilities
bullbull Authorize SS and perform key exchangeAuthorize SS and perform key exchange
bullbull Perform registrationPerform registration
bullbull Establish IP connectivityEstablish IP connectivity
bullbull Establish time of dayEstablish time of day
bullbull Transfer operational parametersTransfer operational parameters
bullbull Set up connectionsSet up connections
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
PHY Considerations thatPHY Considerations that
Effect the MAC (10-66 Effect the MAC (10-66 GHzGHz))bullbull Broadband ChannelsBroadband Channels
ndashndash Wide channels (20 25 or 28 MHz)Wide channels (20 25 or 28 MHz)ndashndash High capacity ndash Downlink High capacity ndash Downlink AND AND UplinkUplink
bullbull Multiple AccessMultiple Accessndashndash TDMTDMATDMTDMAndashndash High rate burst modemsHigh rate burst modems
bullbull Adaptive Burst Profiles onAdaptive Burst Profiles on Uplink Uplink and and Downlink Downlinkbullbull Duplex scheme agnosticDuplex scheme agnostic
ndashndash Time-Division Duplex (TDD)Time-Division Duplex (TDD)ndashndash Frequency-Division Duplex (FDD) [including Burst FDD]Frequency-Division Duplex (FDD) [including Burst FDD]
bullbull Support for Half-Duplex TerminalsSupport for Half-Duplex Terminals
Adaptive PHYAdaptive PHY
(burst-by-burst(burst-by-burst adaptivity adaptivity not shown) not shown)
Adaptive Burst ProfilesAdaptive Burst Profiles
bullbull Burst profileBurst profilendashndash Modulation and FECModulation and FEC
bullbull Dynamically assigned according to link conditionsDynamically assigned according to link conditionsndashndash Burst by burst per subscriber stationBurst by burst per subscriber station
ndashndash Trade-off capacity vs robustness in Trade-off capacity vs robustness in real timereal time
bullbull Roughly doubled capacity for the same cell areaRoughly doubled capacity for the same cell area
bullbull Burst profile for Burst profile for downlinkdownlink broadcast channel is well- broadcast channel is well-knownknownndashndash All other burst profiles could be configured ldquoon the flyrdquoAll other burst profiles could be configured ldquoon the flyrdquo
ndashndash Subscriber station capabilities recognized at registrationSubscriber station capabilities recognized at registration
Duplex Scheme SupportDuplex Scheme Support
bullbull OnOn downlink downlink SS is associated with a specific burst SS is associated with a specific burstbullbull OnOn uplink uplink SS is allotted a variable length time slot SS is allotted a variable length time slot
for their transmissionsfor their transmissionsbullbull Time-Division Duplex (TDD)Time-Division Duplex (TDD)
ndashndash DownlinkDownlink amp amp Uplink Uplink time share the same RF channel time share the same RF channelndashndash Dynamic asymmetryDynamic asymmetryndashndash SS does not transmit amp receive simultaneously (low cost)SS does not transmit amp receive simultaneously (low cost)
bullbull Frequency-Division Duplex (FDD)Frequency-Division Duplex (FDD)ndashndash DownlinkDownlink amp amp Uplink Uplink on separate RF channels on separate RF channelsndashndash Static asymmetryStatic asymmetryndashndash Half-duplex Half-duplex SSsSSs supported supported
bullbull SS does not transmit amp receive simultaneously (low cost)SS does not transmit amp receive simultaneously (low cost)
TDD Frame (10-66 TDD Frame (10-66 GHzGHz))
TDD Downlink TDD Downlink SubframeSubframe
DIUC Downlink Interval Usage Code
Burst FDD FramingBurst FDD Framing
frame
Broadcast
Full Duplex Capable User
Half Duplex Terminal 1
Half Duplex Terminal 2
UPLINK
DOWNLINK
Allows scheduling flexibility
FDD Downlink FDD Downlink SubframeSubframe
TDMA portion transmits data to some half-duplex SSs (the onesscheduled to transmit earlier in the frame than they receive)
bull Need preamble to re-sync (carrier phase)
Baud Rates amp Channel SizeBaud Rates amp Channel Size
(10-66 (10-66 GHzGHz))bullbull Flexible plan - allows equipmentFlexible plan - allows equipment
manufactures to choose according tomanufactures to choose according tospectrum requirementsspectrum requirements
QPSK QPSK 16-QAM16-QAM 64-QAM64-QAMChannelChannel SymbolSymbol Bit Rate Bit Rate Bit Rate Bit Rate Bit RateBit RateWidthWidth RateRate (MHz)(MHz) ((MsymMsyms)s) ((MbitMbits) s) ((MbitMbits)s) ((MbitMbits)s)
2020 1616 3232 6464 969625 25 2020 40 40 80 80 12012028 28 224224 448 448 896 896 13441344
MAC RequirementsMAC Requirementsbullbull Provide Network AccessProvide Network Accessbullbull Address the Address the Wireless Wireless environmentenvironment
ndashndash eg very efficient use of spectrum eg very efficient use of spectrum
bullbull Broadband servicesBroadband servicesndashndash Very high bit rates downlink and uplinkVery high bit rates downlink and uplinkndashndash A range of QoS requirementsA range of QoS requirementsndashndash Ethernet IPv4 IPv6 ATM Ethernet IPv4 IPv6 ATM
bullbull Likelihood of terminal being sharedLikelihood of terminal being sharedndashndash Base Station may be heavily loadedBase Station may be heavily loaded
bullbull SecuritySecuritybullbull Protocol-Independent EngineProtocol-Independent Engine
ndashndash Convergence layers to ATM IP Ethernet Convergence layers to ATM IP Ethernet
bullbull Support both TDD and FDD in the PHYSupport both TDD and FDD in the PHY
80216 MAC Overview80216 MAC Overviewbullbull Point-to-MultipointPoint-to-Multipointbullbull Metropolitan Area NetworkMetropolitan Area Networkbullbull Connection-orientedConnection-orientedbullbull Supports difficult user environmentsSupports difficult user environments
ndashndash High bandwidth hundreds of users per channelHigh bandwidth hundreds of users per channelndashndash Continuous and burst trafficContinuous and burst trafficndashndash Very efficient use of spectrumVery efficient use of spectrum
bullbull Protocol-Independent core (ATM IP Ethernet hellip)Protocol-Independent core (ATM IP Ethernet hellip)bullbull Balances between stability of Balances between stability of contentionlesscontentionless and and
efficiency of contention-based operationefficiency of contention-based operationbullbull Flexible QoS offeringsFlexible QoS offerings
ndashndash CBR CBR rtrt-VBR -VBR nrtnrt-VBR BE with granularity within classes-VBR BE with granularity within classes
bullbull Supports multiple 80216 Supports multiple 80216 PHYsPHYs
Relationship to DOCSISRelationship to DOCSIS
bullbull ManagementManagementndashndash Dynamic service ldquoeditingrdquo protocol (AddChangeDelete)Dynamic service ldquoeditingrdquo protocol (AddChangeDelete)ndashndash Management message payload formatManagement message payload format
bullbull SecuritySecurityndashndash Authentication and PrivacyAuthentication and Privacy
bullbull Polling categoriesPolling categoriesbullbull Initial AccessInitial Access
ndashndash Slightly modified allowing terminal capability negotiationSlightly modified allowing terminal capability negotiation
bullbull Core MAC protocol engine is new design forCore MAC protocol engine is new design forWireless Metropolitan Area NetworksWireless Metropolitan Area Networks
DefinitionsDefinitionsbullbull Service Data Unit (SDU)Service Data Unit (SDU)
ndashndash Data units exchanged between adjacent layersData units exchanged between adjacent layers
bullbull Protocol Data Unit (PDU)Protocol Data Unit (PDU)ndashndash Data units exchanged between peer entitiesData units exchanged between peer entities
bullbull Connection and Connection IDConnection and Connection IDndashndash a unidirectional mapping between MAC peersa unidirectional mapping between MAC peers
over the over the airlinkairlink (uniquely identified by a CID) (uniquely identified by a CID)
bullbull Service Flow and Service Flow IDService Flow and Service Flow IDndashndash a unidirectional flow of MAC a unidirectional flow of MAC PDUsPDUs on a on a
connection that provides a particular QoSconnection that provides a particular QoS(uniquely identified by a SFID)(uniquely identified by a SFID)
ATM Convergence SublayerATM Convergence Sublayer
bullbull Support forSupport forndashndash VP (Virtual Path) switched connectionsVP (Virtual Path) switched connections
ndashndash VC (Virtual Channel) switched connectionsVC (Virtual Channel) switched connections
bullbull Support for end-to-end signaling ofSupport for end-to-end signaling ofdynamically created connectionsdynamically created connectionsndashndash SVCsSVCs
ndashndash soft soft PVCsPVCs
bullbull ATM header suppressionATM header suppression
bullbull Full QoS supportFull QoS support
Packet Convergence SublayerPacket Convergence Sublayer
bullbull Initial support for Ethernet IPv4 and IPv6Initial support for Ethernet IPv4 and IPv6
bullbull Payload header suppressionPayload header suppressionndashndash generic plus IP-specificgeneric plus IP-specific
bullbull Full QoS supportFull QoS support
bullbull Possible future support forPossible future support forndashndash PPPPPP
ndashndash MPLSMPLS
ndashndash etcetc
MAC AddressingMAC Addressing
bullbull SS has 48-bit IEEE MAC AddressSS has 48-bit IEEE MAC Address
bullbull BS has 48-bit Base Station IDBS has 48-bit Base Station IDndashndash Not a MAC addressNot a MAC address
ndashndash 24-bit operator indicator24-bit operator indicator
bullbull 16-bit Connection ID (CID)16-bit Connection ID (CID)ndashndash Used in MAC Used in MAC PDUsPDUs
MAC PDU TransmissionMAC PDU Transmission
bullbull MACMAC PDUs PDUs are transmitted in PHY bursts are transmitted in PHY bursts
bullbull A single PHY burst can contain multipleA single PHY burst can contain multipleConcatenated Concatenated MACMAC PDUs PDUs
bullbull The PHY burst can contain multiple FECThe PHY burst can contain multiple FECblocksblocks
bullbull MAC MAC PDUsPDUs may span FEC block boundaries may span FEC block boundaries
bullbull The TC layer between the MAC and theThe TC layer between the MAC and thePHY allows for capturing the start of the nextPHY allows for capturing the start of the nextMAC PDU in case of erroneous FEC blocksMAC PDU in case of erroneous FEC blocks
MAC PDU TransmissionMAC PDU Transmission
Preamble FEC block
Burst
MAC PDUs PDU 1 PDU 2 PDU 3 PDU 4 PDU 5
FEC 1 FEC 2 FEC 3
MAC PDUs
P
P
MAC Message SDU 1 SDU 2
MAC PDU formatMAC PDU format
bullbull The Generic MAC header has fixed formatThe Generic MAC header has fixed formatbullbull One or more MAC sub-headers may be part of theOne or more MAC sub-headers may be part of the
payloadpayloadbullbull The presence of sub-headers is indicated by a TypeThe presence of sub-headers is indicated by a Type
field in the Generic MAC headerfield in the Generic MAC header
Generic MAC HeaderGeneric MAC Header
FragmentationFragmentationbullbull Partitioning a MAC SDU into fragments transportedPartitioning a MAC SDU into fragments transported
in multiple MACin multiple MAC PDUs PDUs
bullbull Each connection can be in only a singleEach connection can be in only a singlefragmentation state at any timefragmentation state at any time
bullbull Contents of the fragmentation sub-headerContents of the fragmentation sub-header
ndashndash 2-bit Fragmentation Control (FC)2-bit Fragmentation Control (FC)bullbull UnfragmentedUnfragmented Last fragment First fragment Last fragment First fragment
Continuing fragmentContinuing fragment
ndashndash 3-bit Fragmentation Sequence Number (FSN)3-bit Fragmentation Sequence Number (FSN)bullbull required to detect missing continuing fragmentsrequired to detect missing continuing fragments
bullbull continuous counter across continuous counter across SDUsSDUs
PackingPacking
bullbull The process of combining multiple MACThe process of combining multiple MAC SDUs SDUs(or fragments thereof) into a single MAC PDU(or fragments thereof) into a single MAC PDU
bullbull On connections with variable length MAC On connections with variable length MAC SDUsSDUsndashndash Packed PDU contains a sub-header for each packedPacked PDU contains a sub-header for each packed
SDU (or fragment thereof)SDU (or fragment thereof)
bullbull On connections with fixed length MAC On connections with fixed length MAC SDUsSDUsndashndash No packing sub-header neededNo packing sub-header needed
bullbull Packing and fragmentation can be combinedPacking and fragmentation can be combined
bullbull Can in certain situations save up to 10 ofCan in certain situations save up to 10 ofsystem bandwidthsystem bandwidth
Packing Fixed-Length Packing Fixed-Length SDUsSDUs
Packing Variable-Length Packing Variable-Length SDUsSDUs
bullbull2 Byte Packing Sub-Header before each SDU2 Byte Packing Sub-Header before each SDUbullbullLength of the SDU 11 bitsLength of the SDU 11 bitsbullbullfragmentation control (FC) 2 bitsfragmentation control (FC) 2 bitsbullbullfragmentation sequence number (FS) 3 bitsfragmentation sequence number (FS) 3 bits
Packing with FragmentationPacking with Fragmentation
Downlink transmissionsDownlink transmissionsbullbull Two kinds of bursts TDM and TDMATwo kinds of bursts TDM and TDMA
bullbull All bursts are identified by a DIUCAll bursts are identified by a DIUC
ndashndash DownlinkDownlink Interval Usage Code Interval Usage Code
bullbull TDMA bursts haveTDMA bursts have resync resync preamble preamblendashndash allows for more flexible schedulingallows for more flexible scheduling
bullbull Each terminal listens to all bursts at its operationalEach terminal listens to all bursts at its operationalIUC or at a more robust one except when told toIUC or at a more robust one except when told totransmittransmit
bullbull Each burst may contain data for several terminalsEach burst may contain data for several terminals
bullbull SS must recognize the SS must recognize the PDUsPDUs with known CIDs with known CIDs
bullbull DL-MAP message signals downlink usageDL-MAP message signals downlink usage
Downlink Channel DescriptorDownlink Channel Descriptor
bullbull Used for advertising downlink burst profilesUsed for advertising downlink burst profiles
bullbull Burst profile of DL broadcast channel is well-Burst profile of DL broadcast channel is well-knownknown
bullbull All others are acquiredAll others are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the flywithout interrupting the servicewithout interrupting the servicendashndash Not intended as super-adaptive modulationNot intended as super-adaptive modulation
bullbull Establishes association between DIUC andEstablishes association between DIUC andactual PHY parametersactual PHY parameters
Burst profilesBurst profilesbullbull Each burst profile hasEach burst profile has
mandatory exit thresholdmandatory exit thresholdand minimum entryand minimum entrythresholdthreshold
bullbull SS allowed to request a lessSS allowed to request a lessrobust DIUC once above therobust DIUC once above theminimum entry levelminimum entry level
bullbull SS must request fall back toSS must request fall back tomore robust DIUC once atmore robust DIUC once atmandatory exit thresholdmandatory exit threshold
bullbull Requests to change DIUCRequests to change DIUCdone with DBPC-REQ ordone with DBPC-REQ orRNG-REQ messagesRNG-REQ messages
Downlink Map MessageDownlink Map Message
bullbull DL-MAP message defines usage ofDL-MAP message defines usage ofdownlink and contains carrier-specific datadownlink and contains carrier-specific data
bullbull DL-MAP is first message in each frameDL-MAP is first message in each frame
bullbull Decoding very time-criticalDecoding very time-criticalndashndash typically done in hardwaretypically done in hardware
bullbull Entries denote instants when the burstEntries denote instants when the burstprofile changesprofile changes
Uplink TransmissionsUplink Transmissionsbullbull Invited transmissionsInvited transmissions
bullbull Transmissions in contention slotsTransmissions in contention slotsndashndash Bandwidth requestsBandwidth requests
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Transmissions in initial ranging slotsTransmissions in initial ranging slotsndashndash Ranging Requests (RNG-REQ)Ranging Requests (RNG-REQ)
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Bursts defined by Bursts defined by UIUCsUIUCs
bullbull Transmissions allocated by the UL-MAP messageTransmissions allocated by the UL-MAP message
bullbull All transmissions have synchronization preambleAll transmissions have synchronization preamble
bullbull Ideally all data from a single SS is concatenated intoIdeally all data from a single SS is concatenated intoa single PHY bursta single PHY burst
Uplink Channel DescriptorUplink Channel Descriptor
bullbull Defines uplink burst profilesDefines uplink burst profiles
bullbull Sent regularlySent regularly
bullbull All Uplink Burst profiles are acquiredAll Uplink Burst profiles are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the fly
bullbull Establishes association between UIUCEstablishes association between UIUCand actual PHY parametersand actual PHY parameters
Uplink MAP MessageUplink MAP Message
bullbull UL-MAP message defines usage of the uplinkUL-MAP message defines usage of the uplink
bullbull Contains the grantsContains the grants
bullbull Grants addressed to the SSGrants addressed to the SS
bullbull Time given in mini-slotsTime given in mini-slotsndashndash unit ofunit of uplink uplink bandwidth allocation bandwidth allocation
ndashndash 22mm physical slots physical slotsbullbull in 10-66in 10-66 GHz GHz PHY physical slot is 4 symbols PHY physical slot is 4 symbols
bullbull TTime expressed as arrival time at BSime expressed as arrival time at BS
Classes of Uplink ServiceClasses of Uplink ServiceCharacteristic of the Service FlowCharacteristic of the Service Flow
bullbull Unsolicited Grant Services (UGS)Unsolicited Grant Services (UGS)ndashndash for constant bit-rate (CBR) or CBR-like servicefor constant bit-rate (CBR) or CBR-like service
flows (flows (SFsSFs) such as T1E1) such as T1E1
bullbull Real-time Polling Services (Real-time Polling Services (rtPSrtPS))ndashndash for for rtrt-VBR-like -VBR-like SFsSFs such as MPEG video such as MPEG video
bullbull Non-real-time Polling Services (Non-real-time Polling Services (nrtPSnrtPS))ndashndash for for nrtnrt SFsSFs with better than best effort service with better than best effort service
such as bandwidth-intensive file transfersuch as bandwidth-intensive file transfer
bullbull Best Effort (BE)Best Effort (BE)ndashndash for best-effort trafficfor best-effort traffic
Uplink Services - UGSUplink Services - UGS
bullbull No explicit bandwidth requests issued by SSNo explicit bandwidth requests issued by SS
bullbull Prohibited from using any contention requestsProhibited from using any contention requests
bullbull No No unicast unicast request opportunity providedrequest opportunity provided
bullbull May include a Grant Management (GM) sub-May include a Grant Management (GM) sub-header containingheader containingndashndash Slip indicator indicates that there is an backlog inSlip indicator indicates that there is an backlog in
the buffer due to clock skew or loss of mapsthe buffer due to clock skew or loss of maps
ndashndash Poll-me bit indicates that the terminal needs to bePoll-me bit indicates that the terminal needs to bepolled (allows for not polling terminals with UGS-polled (allows for not polling terminals with UGS-only services)only services)
Uplink Services - Uplink Services - rtPSrtPS
bullbull Intended for Intended for rtrt-VBR-like service flows such as-VBR-like service flows such asMPEG videoMPEG video
bullbull Prohibited from using any contention requestsProhibited from using any contention requestsbullbull Terminals polled frequently enough to meetTerminals polled frequently enough to meet
the delay requirements of the the delay requirements of the SFsSFsbullbull Bandwidth requested with BW requestBandwidth requested with BW request
messages (a special MAC PDU header)messages (a special MAC PDU header)bullbull May use Grant Management sub-headerMay use Grant Management sub-header
ndashndash new request can be piggybacked with eachnew request can be piggybacked with eachtransmitted PDUtransmitted PDU
Uplink Service - Uplink Service - nrtPSnrtPS
bullbull Intended for non-real-time service flows withIntended for non-real-time service flows withbetter than best effort servicebetter than best effort servicendashndash eg bandwidth-intensive file transfer eg bandwidth-intensive file transfer
bullbull Works like Works like rtrt-polling except that polls are-polling except that polls areissued less frequentlyissued less frequently
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
Uplink Service - BEUplink Service - BE
bullbull Generic dataGeneric datandashndash eg HTTP SMTP etceg HTTP SMTP etc
bullbull No QoS guaranteesNo QoS guarantees
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
RequestGrant SchemeRequestGrant Scheme
bullbull Self CorrectingSelf Correctingndashndash No acknowledgementNo acknowledgement
ndashndash All errors are handled in the same way ieAll errors are handled in the same way ieperiodical aggregate requestsperiodical aggregate requests
bullbull Bandwidth Requests are always per ConnectionBandwidth Requests are always per Connection
bullbull Grants are either per Connection (GPC) or perGrants are either per Connection (GPC) or perSubscriber Station (GPSS)Subscriber Station (GPSS)
ndashndash Grants (given as Grants (given as durationsdurations) are carried in the) are carried in theUL-MAP messagesUL-MAP messages
ndashndash SS needs to convert the time to amount of dataSS needs to convert the time to amount of datausing information about the UIUCusing information about the UIUC
GPSS vs GPCGPSS vs GPCbullbull Bandwidth Grant per Subscriber Station (GPSS)Bandwidth Grant per Subscriber Station (GPSS)
ndashndash Base station grants bandwidth to the subscriber stationBase station grants bandwidth to the subscriber stationndashndash Subscriber station may re-distribute bandwidth among itsSubscriber station may re-distribute bandwidth among its
connections maintaining QoS and service-levelconnections maintaining QoS and service-levelagreementsagreements
ndashndash Suitable for many connections per terminal off-loadingSuitable for many connections per terminal off-loadingbase stationrsquos workbase stationrsquos work
ndashndash Allows more sophisticated reaction to QoS needsAllows more sophisticated reaction to QoS needsndashndash Low overhead but requires intelligent subscriber stationLow overhead but requires intelligent subscriber stationndashndash Mandatory for P80216 10-66 GHz PHYMandatory for P80216 10-66 GHz PHY
bullbull Bandwidth Grant per Connection (GPC)Bandwidth Grant per Connection (GPC)ndashndash Base station grants bandwidth to a connectionBase station grants bandwidth to a connectionndashndash Mostly suitable for few users per subscriber stationMostly suitable for few users per subscriber stationndashndash Higher overhead but allows simpler subscriber stationHigher overhead but allows simpler subscriber station
Bandwidth RequestsBandwidth Requestsbullbull Come from the Come from the ConnectionConnection
bullbull Several kinds of requestsSeveral kinds of requestsndashndash Implicit requests (UGS)Implicit requests (UGS)
bullbull No actual messages negotiated at connection setupNo actual messages negotiated at connection setup
ndashndash BW request messagesBW request messagesbullbull Uses the special BW request headerUses the special BW request header
bullbull Requests up to 32 KB with a single messageRequests up to 32 KB with a single message
bullbull Incremental or aggregate as indicated by MAC headerIncremental or aggregate as indicated by MAC header
ndashndash Piggybacked request (for non-UGS services only)Piggybacked request (for non-UGS services only)bullbull Presented in GM sub-header and always incrementalPresented in GM sub-header and always incremental
bullbull Up to 32 KB per request for the CIDUp to 32 KB per request for the CID
ndashndash Poll-Me bit (for UGS services only)Poll-Me bit (for UGS services only)bullbull Used by the SS to request a bandwidth poll for non-UGS servicesUsed by the SS to request a bandwidth poll for non-UGS services
BW Request MessageBW Request Message
Maintaining QoS in GPSSMaintaining QoS in GPSSbullbull Semi-distributed approachSemi-distributed approachbullbull BS sees the requests for each connectionBS sees the requests for each connection
based on this grants bandwidth (BW) to thebased on this grants bandwidth (BW) to theSSsSSs (maintaining QoS and fairness) (maintaining QoS and fairness)
bullbull SS scheduler maintains QoS among itsSS scheduler maintains QoS among itsconnections and is responsible to share theconnections and is responsible to share theBW among the connections (maintaining QoSBW among the connections (maintaining QoSand fairness)and fairness)
bullbull Algorithm in BS and SS can be very differentAlgorithm in BS and SS can be very differentSS may use BW in a way unforeseen by theSS may use BW in a way unforeseen by theBSBS
SS initializationSS initializationbullbull Scan forScan for downlink downlink channel and establish channel and establish
synchronization with the BSsynchronization with the BS
bullbull Obtain transmit parameters (from UCD message)Obtain transmit parameters (from UCD message)
bullbull Perform rangingPerform ranging
bullbull Negotiate basic capabilitiesNegotiate basic capabilities
bullbull Authorize SS and perform key exchangeAuthorize SS and perform key exchange
bullbull Perform registrationPerform registration
bullbull Establish IP connectivityEstablish IP connectivity
bullbull Establish time of dayEstablish time of day
bullbull Transfer operational parametersTransfer operational parameters
bullbull Set up connectionsSet up connections
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
Adaptive PHYAdaptive PHY
(burst-by-burst(burst-by-burst adaptivity adaptivity not shown) not shown)
Adaptive Burst ProfilesAdaptive Burst Profiles
bullbull Burst profileBurst profilendashndash Modulation and FECModulation and FEC
bullbull Dynamically assigned according to link conditionsDynamically assigned according to link conditionsndashndash Burst by burst per subscriber stationBurst by burst per subscriber station
ndashndash Trade-off capacity vs robustness in Trade-off capacity vs robustness in real timereal time
bullbull Roughly doubled capacity for the same cell areaRoughly doubled capacity for the same cell area
bullbull Burst profile for Burst profile for downlinkdownlink broadcast channel is well- broadcast channel is well-knownknownndashndash All other burst profiles could be configured ldquoon the flyrdquoAll other burst profiles could be configured ldquoon the flyrdquo
ndashndash Subscriber station capabilities recognized at registrationSubscriber station capabilities recognized at registration
Duplex Scheme SupportDuplex Scheme Support
bullbull OnOn downlink downlink SS is associated with a specific burst SS is associated with a specific burstbullbull OnOn uplink uplink SS is allotted a variable length time slot SS is allotted a variable length time slot
for their transmissionsfor their transmissionsbullbull Time-Division Duplex (TDD)Time-Division Duplex (TDD)
ndashndash DownlinkDownlink amp amp Uplink Uplink time share the same RF channel time share the same RF channelndashndash Dynamic asymmetryDynamic asymmetryndashndash SS does not transmit amp receive simultaneously (low cost)SS does not transmit amp receive simultaneously (low cost)
bullbull Frequency-Division Duplex (FDD)Frequency-Division Duplex (FDD)ndashndash DownlinkDownlink amp amp Uplink Uplink on separate RF channels on separate RF channelsndashndash Static asymmetryStatic asymmetryndashndash Half-duplex Half-duplex SSsSSs supported supported
bullbull SS does not transmit amp receive simultaneously (low cost)SS does not transmit amp receive simultaneously (low cost)
TDD Frame (10-66 TDD Frame (10-66 GHzGHz))
TDD Downlink TDD Downlink SubframeSubframe
DIUC Downlink Interval Usage Code
Burst FDD FramingBurst FDD Framing
frame
Broadcast
Full Duplex Capable User
Half Duplex Terminal 1
Half Duplex Terminal 2
UPLINK
DOWNLINK
Allows scheduling flexibility
FDD Downlink FDD Downlink SubframeSubframe
TDMA portion transmits data to some half-duplex SSs (the onesscheduled to transmit earlier in the frame than they receive)
bull Need preamble to re-sync (carrier phase)
Baud Rates amp Channel SizeBaud Rates amp Channel Size
(10-66 (10-66 GHzGHz))bullbull Flexible plan - allows equipmentFlexible plan - allows equipment
manufactures to choose according tomanufactures to choose according tospectrum requirementsspectrum requirements
QPSK QPSK 16-QAM16-QAM 64-QAM64-QAMChannelChannel SymbolSymbol Bit Rate Bit Rate Bit Rate Bit Rate Bit RateBit RateWidthWidth RateRate (MHz)(MHz) ((MsymMsyms)s) ((MbitMbits) s) ((MbitMbits)s) ((MbitMbits)s)
2020 1616 3232 6464 969625 25 2020 40 40 80 80 12012028 28 224224 448 448 896 896 13441344
MAC RequirementsMAC Requirementsbullbull Provide Network AccessProvide Network Accessbullbull Address the Address the Wireless Wireless environmentenvironment
ndashndash eg very efficient use of spectrum eg very efficient use of spectrum
bullbull Broadband servicesBroadband servicesndashndash Very high bit rates downlink and uplinkVery high bit rates downlink and uplinkndashndash A range of QoS requirementsA range of QoS requirementsndashndash Ethernet IPv4 IPv6 ATM Ethernet IPv4 IPv6 ATM
bullbull Likelihood of terminal being sharedLikelihood of terminal being sharedndashndash Base Station may be heavily loadedBase Station may be heavily loaded
bullbull SecuritySecuritybullbull Protocol-Independent EngineProtocol-Independent Engine
ndashndash Convergence layers to ATM IP Ethernet Convergence layers to ATM IP Ethernet
bullbull Support both TDD and FDD in the PHYSupport both TDD and FDD in the PHY
80216 MAC Overview80216 MAC Overviewbullbull Point-to-MultipointPoint-to-Multipointbullbull Metropolitan Area NetworkMetropolitan Area Networkbullbull Connection-orientedConnection-orientedbullbull Supports difficult user environmentsSupports difficult user environments
ndashndash High bandwidth hundreds of users per channelHigh bandwidth hundreds of users per channelndashndash Continuous and burst trafficContinuous and burst trafficndashndash Very efficient use of spectrumVery efficient use of spectrum
bullbull Protocol-Independent core (ATM IP Ethernet hellip)Protocol-Independent core (ATM IP Ethernet hellip)bullbull Balances between stability of Balances between stability of contentionlesscontentionless and and
efficiency of contention-based operationefficiency of contention-based operationbullbull Flexible QoS offeringsFlexible QoS offerings
ndashndash CBR CBR rtrt-VBR -VBR nrtnrt-VBR BE with granularity within classes-VBR BE with granularity within classes
bullbull Supports multiple 80216 Supports multiple 80216 PHYsPHYs
Relationship to DOCSISRelationship to DOCSIS
bullbull ManagementManagementndashndash Dynamic service ldquoeditingrdquo protocol (AddChangeDelete)Dynamic service ldquoeditingrdquo protocol (AddChangeDelete)ndashndash Management message payload formatManagement message payload format
bullbull SecuritySecurityndashndash Authentication and PrivacyAuthentication and Privacy
bullbull Polling categoriesPolling categoriesbullbull Initial AccessInitial Access
ndashndash Slightly modified allowing terminal capability negotiationSlightly modified allowing terminal capability negotiation
bullbull Core MAC protocol engine is new design forCore MAC protocol engine is new design forWireless Metropolitan Area NetworksWireless Metropolitan Area Networks
DefinitionsDefinitionsbullbull Service Data Unit (SDU)Service Data Unit (SDU)
ndashndash Data units exchanged between adjacent layersData units exchanged between adjacent layers
bullbull Protocol Data Unit (PDU)Protocol Data Unit (PDU)ndashndash Data units exchanged between peer entitiesData units exchanged between peer entities
bullbull Connection and Connection IDConnection and Connection IDndashndash a unidirectional mapping between MAC peersa unidirectional mapping between MAC peers
over the over the airlinkairlink (uniquely identified by a CID) (uniquely identified by a CID)
bullbull Service Flow and Service Flow IDService Flow and Service Flow IDndashndash a unidirectional flow of MAC a unidirectional flow of MAC PDUsPDUs on a on a
connection that provides a particular QoSconnection that provides a particular QoS(uniquely identified by a SFID)(uniquely identified by a SFID)
ATM Convergence SublayerATM Convergence Sublayer
bullbull Support forSupport forndashndash VP (Virtual Path) switched connectionsVP (Virtual Path) switched connections
ndashndash VC (Virtual Channel) switched connectionsVC (Virtual Channel) switched connections
bullbull Support for end-to-end signaling ofSupport for end-to-end signaling ofdynamically created connectionsdynamically created connectionsndashndash SVCsSVCs
ndashndash soft soft PVCsPVCs
bullbull ATM header suppressionATM header suppression
bullbull Full QoS supportFull QoS support
Packet Convergence SublayerPacket Convergence Sublayer
bullbull Initial support for Ethernet IPv4 and IPv6Initial support for Ethernet IPv4 and IPv6
bullbull Payload header suppressionPayload header suppressionndashndash generic plus IP-specificgeneric plus IP-specific
bullbull Full QoS supportFull QoS support
bullbull Possible future support forPossible future support forndashndash PPPPPP
ndashndash MPLSMPLS
ndashndash etcetc
MAC AddressingMAC Addressing
bullbull SS has 48-bit IEEE MAC AddressSS has 48-bit IEEE MAC Address
bullbull BS has 48-bit Base Station IDBS has 48-bit Base Station IDndashndash Not a MAC addressNot a MAC address
ndashndash 24-bit operator indicator24-bit operator indicator
bullbull 16-bit Connection ID (CID)16-bit Connection ID (CID)ndashndash Used in MAC Used in MAC PDUsPDUs
MAC PDU TransmissionMAC PDU Transmission
bullbull MACMAC PDUs PDUs are transmitted in PHY bursts are transmitted in PHY bursts
bullbull A single PHY burst can contain multipleA single PHY burst can contain multipleConcatenated Concatenated MACMAC PDUs PDUs
bullbull The PHY burst can contain multiple FECThe PHY burst can contain multiple FECblocksblocks
bullbull MAC MAC PDUsPDUs may span FEC block boundaries may span FEC block boundaries
bullbull The TC layer between the MAC and theThe TC layer between the MAC and thePHY allows for capturing the start of the nextPHY allows for capturing the start of the nextMAC PDU in case of erroneous FEC blocksMAC PDU in case of erroneous FEC blocks
MAC PDU TransmissionMAC PDU Transmission
Preamble FEC block
Burst
MAC PDUs PDU 1 PDU 2 PDU 3 PDU 4 PDU 5
FEC 1 FEC 2 FEC 3
MAC PDUs
P
P
MAC Message SDU 1 SDU 2
MAC PDU formatMAC PDU format
bullbull The Generic MAC header has fixed formatThe Generic MAC header has fixed formatbullbull One or more MAC sub-headers may be part of theOne or more MAC sub-headers may be part of the
payloadpayloadbullbull The presence of sub-headers is indicated by a TypeThe presence of sub-headers is indicated by a Type
field in the Generic MAC headerfield in the Generic MAC header
Generic MAC HeaderGeneric MAC Header
FragmentationFragmentationbullbull Partitioning a MAC SDU into fragments transportedPartitioning a MAC SDU into fragments transported
in multiple MACin multiple MAC PDUs PDUs
bullbull Each connection can be in only a singleEach connection can be in only a singlefragmentation state at any timefragmentation state at any time
bullbull Contents of the fragmentation sub-headerContents of the fragmentation sub-header
ndashndash 2-bit Fragmentation Control (FC)2-bit Fragmentation Control (FC)bullbull UnfragmentedUnfragmented Last fragment First fragment Last fragment First fragment
Continuing fragmentContinuing fragment
ndashndash 3-bit Fragmentation Sequence Number (FSN)3-bit Fragmentation Sequence Number (FSN)bullbull required to detect missing continuing fragmentsrequired to detect missing continuing fragments
bullbull continuous counter across continuous counter across SDUsSDUs
PackingPacking
bullbull The process of combining multiple MACThe process of combining multiple MAC SDUs SDUs(or fragments thereof) into a single MAC PDU(or fragments thereof) into a single MAC PDU
bullbull On connections with variable length MAC On connections with variable length MAC SDUsSDUsndashndash Packed PDU contains a sub-header for each packedPacked PDU contains a sub-header for each packed
SDU (or fragment thereof)SDU (or fragment thereof)
bullbull On connections with fixed length MAC On connections with fixed length MAC SDUsSDUsndashndash No packing sub-header neededNo packing sub-header needed
bullbull Packing and fragmentation can be combinedPacking and fragmentation can be combined
bullbull Can in certain situations save up to 10 ofCan in certain situations save up to 10 ofsystem bandwidthsystem bandwidth
Packing Fixed-Length Packing Fixed-Length SDUsSDUs
Packing Variable-Length Packing Variable-Length SDUsSDUs
bullbull2 Byte Packing Sub-Header before each SDU2 Byte Packing Sub-Header before each SDUbullbullLength of the SDU 11 bitsLength of the SDU 11 bitsbullbullfragmentation control (FC) 2 bitsfragmentation control (FC) 2 bitsbullbullfragmentation sequence number (FS) 3 bitsfragmentation sequence number (FS) 3 bits
Packing with FragmentationPacking with Fragmentation
Downlink transmissionsDownlink transmissionsbullbull Two kinds of bursts TDM and TDMATwo kinds of bursts TDM and TDMA
bullbull All bursts are identified by a DIUCAll bursts are identified by a DIUC
ndashndash DownlinkDownlink Interval Usage Code Interval Usage Code
bullbull TDMA bursts haveTDMA bursts have resync resync preamble preamblendashndash allows for more flexible schedulingallows for more flexible scheduling
bullbull Each terminal listens to all bursts at its operationalEach terminal listens to all bursts at its operationalIUC or at a more robust one except when told toIUC or at a more robust one except when told totransmittransmit
bullbull Each burst may contain data for several terminalsEach burst may contain data for several terminals
bullbull SS must recognize the SS must recognize the PDUsPDUs with known CIDs with known CIDs
bullbull DL-MAP message signals downlink usageDL-MAP message signals downlink usage
Downlink Channel DescriptorDownlink Channel Descriptor
bullbull Used for advertising downlink burst profilesUsed for advertising downlink burst profiles
bullbull Burst profile of DL broadcast channel is well-Burst profile of DL broadcast channel is well-knownknown
bullbull All others are acquiredAll others are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the flywithout interrupting the servicewithout interrupting the servicendashndash Not intended as super-adaptive modulationNot intended as super-adaptive modulation
bullbull Establishes association between DIUC andEstablishes association between DIUC andactual PHY parametersactual PHY parameters
Burst profilesBurst profilesbullbull Each burst profile hasEach burst profile has
mandatory exit thresholdmandatory exit thresholdand minimum entryand minimum entrythresholdthreshold
bullbull SS allowed to request a lessSS allowed to request a lessrobust DIUC once above therobust DIUC once above theminimum entry levelminimum entry level
bullbull SS must request fall back toSS must request fall back tomore robust DIUC once atmore robust DIUC once atmandatory exit thresholdmandatory exit threshold
bullbull Requests to change DIUCRequests to change DIUCdone with DBPC-REQ ordone with DBPC-REQ orRNG-REQ messagesRNG-REQ messages
Downlink Map MessageDownlink Map Message
bullbull DL-MAP message defines usage ofDL-MAP message defines usage ofdownlink and contains carrier-specific datadownlink and contains carrier-specific data
bullbull DL-MAP is first message in each frameDL-MAP is first message in each frame
bullbull Decoding very time-criticalDecoding very time-criticalndashndash typically done in hardwaretypically done in hardware
bullbull Entries denote instants when the burstEntries denote instants when the burstprofile changesprofile changes
Uplink TransmissionsUplink Transmissionsbullbull Invited transmissionsInvited transmissions
bullbull Transmissions in contention slotsTransmissions in contention slotsndashndash Bandwidth requestsBandwidth requests
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Transmissions in initial ranging slotsTransmissions in initial ranging slotsndashndash Ranging Requests (RNG-REQ)Ranging Requests (RNG-REQ)
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Bursts defined by Bursts defined by UIUCsUIUCs
bullbull Transmissions allocated by the UL-MAP messageTransmissions allocated by the UL-MAP message
bullbull All transmissions have synchronization preambleAll transmissions have synchronization preamble
bullbull Ideally all data from a single SS is concatenated intoIdeally all data from a single SS is concatenated intoa single PHY bursta single PHY burst
Uplink Channel DescriptorUplink Channel Descriptor
bullbull Defines uplink burst profilesDefines uplink burst profiles
bullbull Sent regularlySent regularly
bullbull All Uplink Burst profiles are acquiredAll Uplink Burst profiles are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the fly
bullbull Establishes association between UIUCEstablishes association between UIUCand actual PHY parametersand actual PHY parameters
Uplink MAP MessageUplink MAP Message
bullbull UL-MAP message defines usage of the uplinkUL-MAP message defines usage of the uplink
bullbull Contains the grantsContains the grants
bullbull Grants addressed to the SSGrants addressed to the SS
bullbull Time given in mini-slotsTime given in mini-slotsndashndash unit ofunit of uplink uplink bandwidth allocation bandwidth allocation
ndashndash 22mm physical slots physical slotsbullbull in 10-66in 10-66 GHz GHz PHY physical slot is 4 symbols PHY physical slot is 4 symbols
bullbull TTime expressed as arrival time at BSime expressed as arrival time at BS
Classes of Uplink ServiceClasses of Uplink ServiceCharacteristic of the Service FlowCharacteristic of the Service Flow
bullbull Unsolicited Grant Services (UGS)Unsolicited Grant Services (UGS)ndashndash for constant bit-rate (CBR) or CBR-like servicefor constant bit-rate (CBR) or CBR-like service
flows (flows (SFsSFs) such as T1E1) such as T1E1
bullbull Real-time Polling Services (Real-time Polling Services (rtPSrtPS))ndashndash for for rtrt-VBR-like -VBR-like SFsSFs such as MPEG video such as MPEG video
bullbull Non-real-time Polling Services (Non-real-time Polling Services (nrtPSnrtPS))ndashndash for for nrtnrt SFsSFs with better than best effort service with better than best effort service
such as bandwidth-intensive file transfersuch as bandwidth-intensive file transfer
bullbull Best Effort (BE)Best Effort (BE)ndashndash for best-effort trafficfor best-effort traffic
Uplink Services - UGSUplink Services - UGS
bullbull No explicit bandwidth requests issued by SSNo explicit bandwidth requests issued by SS
bullbull Prohibited from using any contention requestsProhibited from using any contention requests
bullbull No No unicast unicast request opportunity providedrequest opportunity provided
bullbull May include a Grant Management (GM) sub-May include a Grant Management (GM) sub-header containingheader containingndashndash Slip indicator indicates that there is an backlog inSlip indicator indicates that there is an backlog in
the buffer due to clock skew or loss of mapsthe buffer due to clock skew or loss of maps
ndashndash Poll-me bit indicates that the terminal needs to bePoll-me bit indicates that the terminal needs to bepolled (allows for not polling terminals with UGS-polled (allows for not polling terminals with UGS-only services)only services)
Uplink Services - Uplink Services - rtPSrtPS
bullbull Intended for Intended for rtrt-VBR-like service flows such as-VBR-like service flows such asMPEG videoMPEG video
bullbull Prohibited from using any contention requestsProhibited from using any contention requestsbullbull Terminals polled frequently enough to meetTerminals polled frequently enough to meet
the delay requirements of the the delay requirements of the SFsSFsbullbull Bandwidth requested with BW requestBandwidth requested with BW request
messages (a special MAC PDU header)messages (a special MAC PDU header)bullbull May use Grant Management sub-headerMay use Grant Management sub-header
ndashndash new request can be piggybacked with eachnew request can be piggybacked with eachtransmitted PDUtransmitted PDU
Uplink Service - Uplink Service - nrtPSnrtPS
bullbull Intended for non-real-time service flows withIntended for non-real-time service flows withbetter than best effort servicebetter than best effort servicendashndash eg bandwidth-intensive file transfer eg bandwidth-intensive file transfer
bullbull Works like Works like rtrt-polling except that polls are-polling except that polls areissued less frequentlyissued less frequently
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
Uplink Service - BEUplink Service - BE
bullbull Generic dataGeneric datandashndash eg HTTP SMTP etceg HTTP SMTP etc
bullbull No QoS guaranteesNo QoS guarantees
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
RequestGrant SchemeRequestGrant Scheme
bullbull Self CorrectingSelf Correctingndashndash No acknowledgementNo acknowledgement
ndashndash All errors are handled in the same way ieAll errors are handled in the same way ieperiodical aggregate requestsperiodical aggregate requests
bullbull Bandwidth Requests are always per ConnectionBandwidth Requests are always per Connection
bullbull Grants are either per Connection (GPC) or perGrants are either per Connection (GPC) or perSubscriber Station (GPSS)Subscriber Station (GPSS)
ndashndash Grants (given as Grants (given as durationsdurations) are carried in the) are carried in theUL-MAP messagesUL-MAP messages
ndashndash SS needs to convert the time to amount of dataSS needs to convert the time to amount of datausing information about the UIUCusing information about the UIUC
GPSS vs GPCGPSS vs GPCbullbull Bandwidth Grant per Subscriber Station (GPSS)Bandwidth Grant per Subscriber Station (GPSS)
ndashndash Base station grants bandwidth to the subscriber stationBase station grants bandwidth to the subscriber stationndashndash Subscriber station may re-distribute bandwidth among itsSubscriber station may re-distribute bandwidth among its
connections maintaining QoS and service-levelconnections maintaining QoS and service-levelagreementsagreements
ndashndash Suitable for many connections per terminal off-loadingSuitable for many connections per terminal off-loadingbase stationrsquos workbase stationrsquos work
ndashndash Allows more sophisticated reaction to QoS needsAllows more sophisticated reaction to QoS needsndashndash Low overhead but requires intelligent subscriber stationLow overhead but requires intelligent subscriber stationndashndash Mandatory for P80216 10-66 GHz PHYMandatory for P80216 10-66 GHz PHY
bullbull Bandwidth Grant per Connection (GPC)Bandwidth Grant per Connection (GPC)ndashndash Base station grants bandwidth to a connectionBase station grants bandwidth to a connectionndashndash Mostly suitable for few users per subscriber stationMostly suitable for few users per subscriber stationndashndash Higher overhead but allows simpler subscriber stationHigher overhead but allows simpler subscriber station
Bandwidth RequestsBandwidth Requestsbullbull Come from the Come from the ConnectionConnection
bullbull Several kinds of requestsSeveral kinds of requestsndashndash Implicit requests (UGS)Implicit requests (UGS)
bullbull No actual messages negotiated at connection setupNo actual messages negotiated at connection setup
ndashndash BW request messagesBW request messagesbullbull Uses the special BW request headerUses the special BW request header
bullbull Requests up to 32 KB with a single messageRequests up to 32 KB with a single message
bullbull Incremental or aggregate as indicated by MAC headerIncremental or aggregate as indicated by MAC header
ndashndash Piggybacked request (for non-UGS services only)Piggybacked request (for non-UGS services only)bullbull Presented in GM sub-header and always incrementalPresented in GM sub-header and always incremental
bullbull Up to 32 KB per request for the CIDUp to 32 KB per request for the CID
ndashndash Poll-Me bit (for UGS services only)Poll-Me bit (for UGS services only)bullbull Used by the SS to request a bandwidth poll for non-UGS servicesUsed by the SS to request a bandwidth poll for non-UGS services
BW Request MessageBW Request Message
Maintaining QoS in GPSSMaintaining QoS in GPSSbullbull Semi-distributed approachSemi-distributed approachbullbull BS sees the requests for each connectionBS sees the requests for each connection
based on this grants bandwidth (BW) to thebased on this grants bandwidth (BW) to theSSsSSs (maintaining QoS and fairness) (maintaining QoS and fairness)
bullbull SS scheduler maintains QoS among itsSS scheduler maintains QoS among itsconnections and is responsible to share theconnections and is responsible to share theBW among the connections (maintaining QoSBW among the connections (maintaining QoSand fairness)and fairness)
bullbull Algorithm in BS and SS can be very differentAlgorithm in BS and SS can be very differentSS may use BW in a way unforeseen by theSS may use BW in a way unforeseen by theBSBS
SS initializationSS initializationbullbull Scan forScan for downlink downlink channel and establish channel and establish
synchronization with the BSsynchronization with the BS
bullbull Obtain transmit parameters (from UCD message)Obtain transmit parameters (from UCD message)
bullbull Perform rangingPerform ranging
bullbull Negotiate basic capabilitiesNegotiate basic capabilities
bullbull Authorize SS and perform key exchangeAuthorize SS and perform key exchange
bullbull Perform registrationPerform registration
bullbull Establish IP connectivityEstablish IP connectivity
bullbull Establish time of dayEstablish time of day
bullbull Transfer operational parametersTransfer operational parameters
bullbull Set up connectionsSet up connections
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
Adaptive Burst ProfilesAdaptive Burst Profiles
bullbull Burst profileBurst profilendashndash Modulation and FECModulation and FEC
bullbull Dynamically assigned according to link conditionsDynamically assigned according to link conditionsndashndash Burst by burst per subscriber stationBurst by burst per subscriber station
ndashndash Trade-off capacity vs robustness in Trade-off capacity vs robustness in real timereal time
bullbull Roughly doubled capacity for the same cell areaRoughly doubled capacity for the same cell area
bullbull Burst profile for Burst profile for downlinkdownlink broadcast channel is well- broadcast channel is well-knownknownndashndash All other burst profiles could be configured ldquoon the flyrdquoAll other burst profiles could be configured ldquoon the flyrdquo
ndashndash Subscriber station capabilities recognized at registrationSubscriber station capabilities recognized at registration
Duplex Scheme SupportDuplex Scheme Support
bullbull OnOn downlink downlink SS is associated with a specific burst SS is associated with a specific burstbullbull OnOn uplink uplink SS is allotted a variable length time slot SS is allotted a variable length time slot
for their transmissionsfor their transmissionsbullbull Time-Division Duplex (TDD)Time-Division Duplex (TDD)
ndashndash DownlinkDownlink amp amp Uplink Uplink time share the same RF channel time share the same RF channelndashndash Dynamic asymmetryDynamic asymmetryndashndash SS does not transmit amp receive simultaneously (low cost)SS does not transmit amp receive simultaneously (low cost)
bullbull Frequency-Division Duplex (FDD)Frequency-Division Duplex (FDD)ndashndash DownlinkDownlink amp amp Uplink Uplink on separate RF channels on separate RF channelsndashndash Static asymmetryStatic asymmetryndashndash Half-duplex Half-duplex SSsSSs supported supported
bullbull SS does not transmit amp receive simultaneously (low cost)SS does not transmit amp receive simultaneously (low cost)
TDD Frame (10-66 TDD Frame (10-66 GHzGHz))
TDD Downlink TDD Downlink SubframeSubframe
DIUC Downlink Interval Usage Code
Burst FDD FramingBurst FDD Framing
frame
Broadcast
Full Duplex Capable User
Half Duplex Terminal 1
Half Duplex Terminal 2
UPLINK
DOWNLINK
Allows scheduling flexibility
FDD Downlink FDD Downlink SubframeSubframe
TDMA portion transmits data to some half-duplex SSs (the onesscheduled to transmit earlier in the frame than they receive)
bull Need preamble to re-sync (carrier phase)
Baud Rates amp Channel SizeBaud Rates amp Channel Size
(10-66 (10-66 GHzGHz))bullbull Flexible plan - allows equipmentFlexible plan - allows equipment
manufactures to choose according tomanufactures to choose according tospectrum requirementsspectrum requirements
QPSK QPSK 16-QAM16-QAM 64-QAM64-QAMChannelChannel SymbolSymbol Bit Rate Bit Rate Bit Rate Bit Rate Bit RateBit RateWidthWidth RateRate (MHz)(MHz) ((MsymMsyms)s) ((MbitMbits) s) ((MbitMbits)s) ((MbitMbits)s)
2020 1616 3232 6464 969625 25 2020 40 40 80 80 12012028 28 224224 448 448 896 896 13441344
MAC RequirementsMAC Requirementsbullbull Provide Network AccessProvide Network Accessbullbull Address the Address the Wireless Wireless environmentenvironment
ndashndash eg very efficient use of spectrum eg very efficient use of spectrum
bullbull Broadband servicesBroadband servicesndashndash Very high bit rates downlink and uplinkVery high bit rates downlink and uplinkndashndash A range of QoS requirementsA range of QoS requirementsndashndash Ethernet IPv4 IPv6 ATM Ethernet IPv4 IPv6 ATM
bullbull Likelihood of terminal being sharedLikelihood of terminal being sharedndashndash Base Station may be heavily loadedBase Station may be heavily loaded
bullbull SecuritySecuritybullbull Protocol-Independent EngineProtocol-Independent Engine
ndashndash Convergence layers to ATM IP Ethernet Convergence layers to ATM IP Ethernet
bullbull Support both TDD and FDD in the PHYSupport both TDD and FDD in the PHY
80216 MAC Overview80216 MAC Overviewbullbull Point-to-MultipointPoint-to-Multipointbullbull Metropolitan Area NetworkMetropolitan Area Networkbullbull Connection-orientedConnection-orientedbullbull Supports difficult user environmentsSupports difficult user environments
ndashndash High bandwidth hundreds of users per channelHigh bandwidth hundreds of users per channelndashndash Continuous and burst trafficContinuous and burst trafficndashndash Very efficient use of spectrumVery efficient use of spectrum
bullbull Protocol-Independent core (ATM IP Ethernet hellip)Protocol-Independent core (ATM IP Ethernet hellip)bullbull Balances between stability of Balances between stability of contentionlesscontentionless and and
efficiency of contention-based operationefficiency of contention-based operationbullbull Flexible QoS offeringsFlexible QoS offerings
ndashndash CBR CBR rtrt-VBR -VBR nrtnrt-VBR BE with granularity within classes-VBR BE with granularity within classes
bullbull Supports multiple 80216 Supports multiple 80216 PHYsPHYs
Relationship to DOCSISRelationship to DOCSIS
bullbull ManagementManagementndashndash Dynamic service ldquoeditingrdquo protocol (AddChangeDelete)Dynamic service ldquoeditingrdquo protocol (AddChangeDelete)ndashndash Management message payload formatManagement message payload format
bullbull SecuritySecurityndashndash Authentication and PrivacyAuthentication and Privacy
bullbull Polling categoriesPolling categoriesbullbull Initial AccessInitial Access
ndashndash Slightly modified allowing terminal capability negotiationSlightly modified allowing terminal capability negotiation
bullbull Core MAC protocol engine is new design forCore MAC protocol engine is new design forWireless Metropolitan Area NetworksWireless Metropolitan Area Networks
DefinitionsDefinitionsbullbull Service Data Unit (SDU)Service Data Unit (SDU)
ndashndash Data units exchanged between adjacent layersData units exchanged between adjacent layers
bullbull Protocol Data Unit (PDU)Protocol Data Unit (PDU)ndashndash Data units exchanged between peer entitiesData units exchanged between peer entities
bullbull Connection and Connection IDConnection and Connection IDndashndash a unidirectional mapping between MAC peersa unidirectional mapping between MAC peers
over the over the airlinkairlink (uniquely identified by a CID) (uniquely identified by a CID)
bullbull Service Flow and Service Flow IDService Flow and Service Flow IDndashndash a unidirectional flow of MAC a unidirectional flow of MAC PDUsPDUs on a on a
connection that provides a particular QoSconnection that provides a particular QoS(uniquely identified by a SFID)(uniquely identified by a SFID)
ATM Convergence SublayerATM Convergence Sublayer
bullbull Support forSupport forndashndash VP (Virtual Path) switched connectionsVP (Virtual Path) switched connections
ndashndash VC (Virtual Channel) switched connectionsVC (Virtual Channel) switched connections
bullbull Support for end-to-end signaling ofSupport for end-to-end signaling ofdynamically created connectionsdynamically created connectionsndashndash SVCsSVCs
ndashndash soft soft PVCsPVCs
bullbull ATM header suppressionATM header suppression
bullbull Full QoS supportFull QoS support
Packet Convergence SublayerPacket Convergence Sublayer
bullbull Initial support for Ethernet IPv4 and IPv6Initial support for Ethernet IPv4 and IPv6
bullbull Payload header suppressionPayload header suppressionndashndash generic plus IP-specificgeneric plus IP-specific
bullbull Full QoS supportFull QoS support
bullbull Possible future support forPossible future support forndashndash PPPPPP
ndashndash MPLSMPLS
ndashndash etcetc
MAC AddressingMAC Addressing
bullbull SS has 48-bit IEEE MAC AddressSS has 48-bit IEEE MAC Address
bullbull BS has 48-bit Base Station IDBS has 48-bit Base Station IDndashndash Not a MAC addressNot a MAC address
ndashndash 24-bit operator indicator24-bit operator indicator
bullbull 16-bit Connection ID (CID)16-bit Connection ID (CID)ndashndash Used in MAC Used in MAC PDUsPDUs
MAC PDU TransmissionMAC PDU Transmission
bullbull MACMAC PDUs PDUs are transmitted in PHY bursts are transmitted in PHY bursts
bullbull A single PHY burst can contain multipleA single PHY burst can contain multipleConcatenated Concatenated MACMAC PDUs PDUs
bullbull The PHY burst can contain multiple FECThe PHY burst can contain multiple FECblocksblocks
bullbull MAC MAC PDUsPDUs may span FEC block boundaries may span FEC block boundaries
bullbull The TC layer between the MAC and theThe TC layer between the MAC and thePHY allows for capturing the start of the nextPHY allows for capturing the start of the nextMAC PDU in case of erroneous FEC blocksMAC PDU in case of erroneous FEC blocks
MAC PDU TransmissionMAC PDU Transmission
Preamble FEC block
Burst
MAC PDUs PDU 1 PDU 2 PDU 3 PDU 4 PDU 5
FEC 1 FEC 2 FEC 3
MAC PDUs
P
P
MAC Message SDU 1 SDU 2
MAC PDU formatMAC PDU format
bullbull The Generic MAC header has fixed formatThe Generic MAC header has fixed formatbullbull One or more MAC sub-headers may be part of theOne or more MAC sub-headers may be part of the
payloadpayloadbullbull The presence of sub-headers is indicated by a TypeThe presence of sub-headers is indicated by a Type
field in the Generic MAC headerfield in the Generic MAC header
Generic MAC HeaderGeneric MAC Header
FragmentationFragmentationbullbull Partitioning a MAC SDU into fragments transportedPartitioning a MAC SDU into fragments transported
in multiple MACin multiple MAC PDUs PDUs
bullbull Each connection can be in only a singleEach connection can be in only a singlefragmentation state at any timefragmentation state at any time
bullbull Contents of the fragmentation sub-headerContents of the fragmentation sub-header
ndashndash 2-bit Fragmentation Control (FC)2-bit Fragmentation Control (FC)bullbull UnfragmentedUnfragmented Last fragment First fragment Last fragment First fragment
Continuing fragmentContinuing fragment
ndashndash 3-bit Fragmentation Sequence Number (FSN)3-bit Fragmentation Sequence Number (FSN)bullbull required to detect missing continuing fragmentsrequired to detect missing continuing fragments
bullbull continuous counter across continuous counter across SDUsSDUs
PackingPacking
bullbull The process of combining multiple MACThe process of combining multiple MAC SDUs SDUs(or fragments thereof) into a single MAC PDU(or fragments thereof) into a single MAC PDU
bullbull On connections with variable length MAC On connections with variable length MAC SDUsSDUsndashndash Packed PDU contains a sub-header for each packedPacked PDU contains a sub-header for each packed
SDU (or fragment thereof)SDU (or fragment thereof)
bullbull On connections with fixed length MAC On connections with fixed length MAC SDUsSDUsndashndash No packing sub-header neededNo packing sub-header needed
bullbull Packing and fragmentation can be combinedPacking and fragmentation can be combined
bullbull Can in certain situations save up to 10 ofCan in certain situations save up to 10 ofsystem bandwidthsystem bandwidth
Packing Fixed-Length Packing Fixed-Length SDUsSDUs
Packing Variable-Length Packing Variable-Length SDUsSDUs
bullbull2 Byte Packing Sub-Header before each SDU2 Byte Packing Sub-Header before each SDUbullbullLength of the SDU 11 bitsLength of the SDU 11 bitsbullbullfragmentation control (FC) 2 bitsfragmentation control (FC) 2 bitsbullbullfragmentation sequence number (FS) 3 bitsfragmentation sequence number (FS) 3 bits
Packing with FragmentationPacking with Fragmentation
Downlink transmissionsDownlink transmissionsbullbull Two kinds of bursts TDM and TDMATwo kinds of bursts TDM and TDMA
bullbull All bursts are identified by a DIUCAll bursts are identified by a DIUC
ndashndash DownlinkDownlink Interval Usage Code Interval Usage Code
bullbull TDMA bursts haveTDMA bursts have resync resync preamble preamblendashndash allows for more flexible schedulingallows for more flexible scheduling
bullbull Each terminal listens to all bursts at its operationalEach terminal listens to all bursts at its operationalIUC or at a more robust one except when told toIUC or at a more robust one except when told totransmittransmit
bullbull Each burst may contain data for several terminalsEach burst may contain data for several terminals
bullbull SS must recognize the SS must recognize the PDUsPDUs with known CIDs with known CIDs
bullbull DL-MAP message signals downlink usageDL-MAP message signals downlink usage
Downlink Channel DescriptorDownlink Channel Descriptor
bullbull Used for advertising downlink burst profilesUsed for advertising downlink burst profiles
bullbull Burst profile of DL broadcast channel is well-Burst profile of DL broadcast channel is well-knownknown
bullbull All others are acquiredAll others are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the flywithout interrupting the servicewithout interrupting the servicendashndash Not intended as super-adaptive modulationNot intended as super-adaptive modulation
bullbull Establishes association between DIUC andEstablishes association between DIUC andactual PHY parametersactual PHY parameters
Burst profilesBurst profilesbullbull Each burst profile hasEach burst profile has
mandatory exit thresholdmandatory exit thresholdand minimum entryand minimum entrythresholdthreshold
bullbull SS allowed to request a lessSS allowed to request a lessrobust DIUC once above therobust DIUC once above theminimum entry levelminimum entry level
bullbull SS must request fall back toSS must request fall back tomore robust DIUC once atmore robust DIUC once atmandatory exit thresholdmandatory exit threshold
bullbull Requests to change DIUCRequests to change DIUCdone with DBPC-REQ ordone with DBPC-REQ orRNG-REQ messagesRNG-REQ messages
Downlink Map MessageDownlink Map Message
bullbull DL-MAP message defines usage ofDL-MAP message defines usage ofdownlink and contains carrier-specific datadownlink and contains carrier-specific data
bullbull DL-MAP is first message in each frameDL-MAP is first message in each frame
bullbull Decoding very time-criticalDecoding very time-criticalndashndash typically done in hardwaretypically done in hardware
bullbull Entries denote instants when the burstEntries denote instants when the burstprofile changesprofile changes
Uplink TransmissionsUplink Transmissionsbullbull Invited transmissionsInvited transmissions
bullbull Transmissions in contention slotsTransmissions in contention slotsndashndash Bandwidth requestsBandwidth requests
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Transmissions in initial ranging slotsTransmissions in initial ranging slotsndashndash Ranging Requests (RNG-REQ)Ranging Requests (RNG-REQ)
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Bursts defined by Bursts defined by UIUCsUIUCs
bullbull Transmissions allocated by the UL-MAP messageTransmissions allocated by the UL-MAP message
bullbull All transmissions have synchronization preambleAll transmissions have synchronization preamble
bullbull Ideally all data from a single SS is concatenated intoIdeally all data from a single SS is concatenated intoa single PHY bursta single PHY burst
Uplink Channel DescriptorUplink Channel Descriptor
bullbull Defines uplink burst profilesDefines uplink burst profiles
bullbull Sent regularlySent regularly
bullbull All Uplink Burst profiles are acquiredAll Uplink Burst profiles are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the fly
bullbull Establishes association between UIUCEstablishes association between UIUCand actual PHY parametersand actual PHY parameters
Uplink MAP MessageUplink MAP Message
bullbull UL-MAP message defines usage of the uplinkUL-MAP message defines usage of the uplink
bullbull Contains the grantsContains the grants
bullbull Grants addressed to the SSGrants addressed to the SS
bullbull Time given in mini-slotsTime given in mini-slotsndashndash unit ofunit of uplink uplink bandwidth allocation bandwidth allocation
ndashndash 22mm physical slots physical slotsbullbull in 10-66in 10-66 GHz GHz PHY physical slot is 4 symbols PHY physical slot is 4 symbols
bullbull TTime expressed as arrival time at BSime expressed as arrival time at BS
Classes of Uplink ServiceClasses of Uplink ServiceCharacteristic of the Service FlowCharacteristic of the Service Flow
bullbull Unsolicited Grant Services (UGS)Unsolicited Grant Services (UGS)ndashndash for constant bit-rate (CBR) or CBR-like servicefor constant bit-rate (CBR) or CBR-like service
flows (flows (SFsSFs) such as T1E1) such as T1E1
bullbull Real-time Polling Services (Real-time Polling Services (rtPSrtPS))ndashndash for for rtrt-VBR-like -VBR-like SFsSFs such as MPEG video such as MPEG video
bullbull Non-real-time Polling Services (Non-real-time Polling Services (nrtPSnrtPS))ndashndash for for nrtnrt SFsSFs with better than best effort service with better than best effort service
such as bandwidth-intensive file transfersuch as bandwidth-intensive file transfer
bullbull Best Effort (BE)Best Effort (BE)ndashndash for best-effort trafficfor best-effort traffic
Uplink Services - UGSUplink Services - UGS
bullbull No explicit bandwidth requests issued by SSNo explicit bandwidth requests issued by SS
bullbull Prohibited from using any contention requestsProhibited from using any contention requests
bullbull No No unicast unicast request opportunity providedrequest opportunity provided
bullbull May include a Grant Management (GM) sub-May include a Grant Management (GM) sub-header containingheader containingndashndash Slip indicator indicates that there is an backlog inSlip indicator indicates that there is an backlog in
the buffer due to clock skew or loss of mapsthe buffer due to clock skew or loss of maps
ndashndash Poll-me bit indicates that the terminal needs to bePoll-me bit indicates that the terminal needs to bepolled (allows for not polling terminals with UGS-polled (allows for not polling terminals with UGS-only services)only services)
Uplink Services - Uplink Services - rtPSrtPS
bullbull Intended for Intended for rtrt-VBR-like service flows such as-VBR-like service flows such asMPEG videoMPEG video
bullbull Prohibited from using any contention requestsProhibited from using any contention requestsbullbull Terminals polled frequently enough to meetTerminals polled frequently enough to meet
the delay requirements of the the delay requirements of the SFsSFsbullbull Bandwidth requested with BW requestBandwidth requested with BW request
messages (a special MAC PDU header)messages (a special MAC PDU header)bullbull May use Grant Management sub-headerMay use Grant Management sub-header
ndashndash new request can be piggybacked with eachnew request can be piggybacked with eachtransmitted PDUtransmitted PDU
Uplink Service - Uplink Service - nrtPSnrtPS
bullbull Intended for non-real-time service flows withIntended for non-real-time service flows withbetter than best effort servicebetter than best effort servicendashndash eg bandwidth-intensive file transfer eg bandwidth-intensive file transfer
bullbull Works like Works like rtrt-polling except that polls are-polling except that polls areissued less frequentlyissued less frequently
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
Uplink Service - BEUplink Service - BE
bullbull Generic dataGeneric datandashndash eg HTTP SMTP etceg HTTP SMTP etc
bullbull No QoS guaranteesNo QoS guarantees
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
RequestGrant SchemeRequestGrant Scheme
bullbull Self CorrectingSelf Correctingndashndash No acknowledgementNo acknowledgement
ndashndash All errors are handled in the same way ieAll errors are handled in the same way ieperiodical aggregate requestsperiodical aggregate requests
bullbull Bandwidth Requests are always per ConnectionBandwidth Requests are always per Connection
bullbull Grants are either per Connection (GPC) or perGrants are either per Connection (GPC) or perSubscriber Station (GPSS)Subscriber Station (GPSS)
ndashndash Grants (given as Grants (given as durationsdurations) are carried in the) are carried in theUL-MAP messagesUL-MAP messages
ndashndash SS needs to convert the time to amount of dataSS needs to convert the time to amount of datausing information about the UIUCusing information about the UIUC
GPSS vs GPCGPSS vs GPCbullbull Bandwidth Grant per Subscriber Station (GPSS)Bandwidth Grant per Subscriber Station (GPSS)
ndashndash Base station grants bandwidth to the subscriber stationBase station grants bandwidth to the subscriber stationndashndash Subscriber station may re-distribute bandwidth among itsSubscriber station may re-distribute bandwidth among its
connections maintaining QoS and service-levelconnections maintaining QoS and service-levelagreementsagreements
ndashndash Suitable for many connections per terminal off-loadingSuitable for many connections per terminal off-loadingbase stationrsquos workbase stationrsquos work
ndashndash Allows more sophisticated reaction to QoS needsAllows more sophisticated reaction to QoS needsndashndash Low overhead but requires intelligent subscriber stationLow overhead but requires intelligent subscriber stationndashndash Mandatory for P80216 10-66 GHz PHYMandatory for P80216 10-66 GHz PHY
bullbull Bandwidth Grant per Connection (GPC)Bandwidth Grant per Connection (GPC)ndashndash Base station grants bandwidth to a connectionBase station grants bandwidth to a connectionndashndash Mostly suitable for few users per subscriber stationMostly suitable for few users per subscriber stationndashndash Higher overhead but allows simpler subscriber stationHigher overhead but allows simpler subscriber station
Bandwidth RequestsBandwidth Requestsbullbull Come from the Come from the ConnectionConnection
bullbull Several kinds of requestsSeveral kinds of requestsndashndash Implicit requests (UGS)Implicit requests (UGS)
bullbull No actual messages negotiated at connection setupNo actual messages negotiated at connection setup
ndashndash BW request messagesBW request messagesbullbull Uses the special BW request headerUses the special BW request header
bullbull Requests up to 32 KB with a single messageRequests up to 32 KB with a single message
bullbull Incremental or aggregate as indicated by MAC headerIncremental or aggregate as indicated by MAC header
ndashndash Piggybacked request (for non-UGS services only)Piggybacked request (for non-UGS services only)bullbull Presented in GM sub-header and always incrementalPresented in GM sub-header and always incremental
bullbull Up to 32 KB per request for the CIDUp to 32 KB per request for the CID
ndashndash Poll-Me bit (for UGS services only)Poll-Me bit (for UGS services only)bullbull Used by the SS to request a bandwidth poll for non-UGS servicesUsed by the SS to request a bandwidth poll for non-UGS services
BW Request MessageBW Request Message
Maintaining QoS in GPSSMaintaining QoS in GPSSbullbull Semi-distributed approachSemi-distributed approachbullbull BS sees the requests for each connectionBS sees the requests for each connection
based on this grants bandwidth (BW) to thebased on this grants bandwidth (BW) to theSSsSSs (maintaining QoS and fairness) (maintaining QoS and fairness)
bullbull SS scheduler maintains QoS among itsSS scheduler maintains QoS among itsconnections and is responsible to share theconnections and is responsible to share theBW among the connections (maintaining QoSBW among the connections (maintaining QoSand fairness)and fairness)
bullbull Algorithm in BS and SS can be very differentAlgorithm in BS and SS can be very differentSS may use BW in a way unforeseen by theSS may use BW in a way unforeseen by theBSBS
SS initializationSS initializationbullbull Scan forScan for downlink downlink channel and establish channel and establish
synchronization with the BSsynchronization with the BS
bullbull Obtain transmit parameters (from UCD message)Obtain transmit parameters (from UCD message)
bullbull Perform rangingPerform ranging
bullbull Negotiate basic capabilitiesNegotiate basic capabilities
bullbull Authorize SS and perform key exchangeAuthorize SS and perform key exchange
bullbull Perform registrationPerform registration
bullbull Establish IP connectivityEstablish IP connectivity
bullbull Establish time of dayEstablish time of day
bullbull Transfer operational parametersTransfer operational parameters
bullbull Set up connectionsSet up connections
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
Duplex Scheme SupportDuplex Scheme Support
bullbull OnOn downlink downlink SS is associated with a specific burst SS is associated with a specific burstbullbull OnOn uplink uplink SS is allotted a variable length time slot SS is allotted a variable length time slot
for their transmissionsfor their transmissionsbullbull Time-Division Duplex (TDD)Time-Division Duplex (TDD)
ndashndash DownlinkDownlink amp amp Uplink Uplink time share the same RF channel time share the same RF channelndashndash Dynamic asymmetryDynamic asymmetryndashndash SS does not transmit amp receive simultaneously (low cost)SS does not transmit amp receive simultaneously (low cost)
bullbull Frequency-Division Duplex (FDD)Frequency-Division Duplex (FDD)ndashndash DownlinkDownlink amp amp Uplink Uplink on separate RF channels on separate RF channelsndashndash Static asymmetryStatic asymmetryndashndash Half-duplex Half-duplex SSsSSs supported supported
bullbull SS does not transmit amp receive simultaneously (low cost)SS does not transmit amp receive simultaneously (low cost)
TDD Frame (10-66 TDD Frame (10-66 GHzGHz))
TDD Downlink TDD Downlink SubframeSubframe
DIUC Downlink Interval Usage Code
Burst FDD FramingBurst FDD Framing
frame
Broadcast
Full Duplex Capable User
Half Duplex Terminal 1
Half Duplex Terminal 2
UPLINK
DOWNLINK
Allows scheduling flexibility
FDD Downlink FDD Downlink SubframeSubframe
TDMA portion transmits data to some half-duplex SSs (the onesscheduled to transmit earlier in the frame than they receive)
bull Need preamble to re-sync (carrier phase)
Baud Rates amp Channel SizeBaud Rates amp Channel Size
(10-66 (10-66 GHzGHz))bullbull Flexible plan - allows equipmentFlexible plan - allows equipment
manufactures to choose according tomanufactures to choose according tospectrum requirementsspectrum requirements
QPSK QPSK 16-QAM16-QAM 64-QAM64-QAMChannelChannel SymbolSymbol Bit Rate Bit Rate Bit Rate Bit Rate Bit RateBit RateWidthWidth RateRate (MHz)(MHz) ((MsymMsyms)s) ((MbitMbits) s) ((MbitMbits)s) ((MbitMbits)s)
2020 1616 3232 6464 969625 25 2020 40 40 80 80 12012028 28 224224 448 448 896 896 13441344
MAC RequirementsMAC Requirementsbullbull Provide Network AccessProvide Network Accessbullbull Address the Address the Wireless Wireless environmentenvironment
ndashndash eg very efficient use of spectrum eg very efficient use of spectrum
bullbull Broadband servicesBroadband servicesndashndash Very high bit rates downlink and uplinkVery high bit rates downlink and uplinkndashndash A range of QoS requirementsA range of QoS requirementsndashndash Ethernet IPv4 IPv6 ATM Ethernet IPv4 IPv6 ATM
bullbull Likelihood of terminal being sharedLikelihood of terminal being sharedndashndash Base Station may be heavily loadedBase Station may be heavily loaded
bullbull SecuritySecuritybullbull Protocol-Independent EngineProtocol-Independent Engine
ndashndash Convergence layers to ATM IP Ethernet Convergence layers to ATM IP Ethernet
bullbull Support both TDD and FDD in the PHYSupport both TDD and FDD in the PHY
80216 MAC Overview80216 MAC Overviewbullbull Point-to-MultipointPoint-to-Multipointbullbull Metropolitan Area NetworkMetropolitan Area Networkbullbull Connection-orientedConnection-orientedbullbull Supports difficult user environmentsSupports difficult user environments
ndashndash High bandwidth hundreds of users per channelHigh bandwidth hundreds of users per channelndashndash Continuous and burst trafficContinuous and burst trafficndashndash Very efficient use of spectrumVery efficient use of spectrum
bullbull Protocol-Independent core (ATM IP Ethernet hellip)Protocol-Independent core (ATM IP Ethernet hellip)bullbull Balances between stability of Balances between stability of contentionlesscontentionless and and
efficiency of contention-based operationefficiency of contention-based operationbullbull Flexible QoS offeringsFlexible QoS offerings
ndashndash CBR CBR rtrt-VBR -VBR nrtnrt-VBR BE with granularity within classes-VBR BE with granularity within classes
bullbull Supports multiple 80216 Supports multiple 80216 PHYsPHYs
Relationship to DOCSISRelationship to DOCSIS
bullbull ManagementManagementndashndash Dynamic service ldquoeditingrdquo protocol (AddChangeDelete)Dynamic service ldquoeditingrdquo protocol (AddChangeDelete)ndashndash Management message payload formatManagement message payload format
bullbull SecuritySecurityndashndash Authentication and PrivacyAuthentication and Privacy
bullbull Polling categoriesPolling categoriesbullbull Initial AccessInitial Access
ndashndash Slightly modified allowing terminal capability negotiationSlightly modified allowing terminal capability negotiation
bullbull Core MAC protocol engine is new design forCore MAC protocol engine is new design forWireless Metropolitan Area NetworksWireless Metropolitan Area Networks
DefinitionsDefinitionsbullbull Service Data Unit (SDU)Service Data Unit (SDU)
ndashndash Data units exchanged between adjacent layersData units exchanged between adjacent layers
bullbull Protocol Data Unit (PDU)Protocol Data Unit (PDU)ndashndash Data units exchanged between peer entitiesData units exchanged between peer entities
bullbull Connection and Connection IDConnection and Connection IDndashndash a unidirectional mapping between MAC peersa unidirectional mapping between MAC peers
over the over the airlinkairlink (uniquely identified by a CID) (uniquely identified by a CID)
bullbull Service Flow and Service Flow IDService Flow and Service Flow IDndashndash a unidirectional flow of MAC a unidirectional flow of MAC PDUsPDUs on a on a
connection that provides a particular QoSconnection that provides a particular QoS(uniquely identified by a SFID)(uniquely identified by a SFID)
ATM Convergence SublayerATM Convergence Sublayer
bullbull Support forSupport forndashndash VP (Virtual Path) switched connectionsVP (Virtual Path) switched connections
ndashndash VC (Virtual Channel) switched connectionsVC (Virtual Channel) switched connections
bullbull Support for end-to-end signaling ofSupport for end-to-end signaling ofdynamically created connectionsdynamically created connectionsndashndash SVCsSVCs
ndashndash soft soft PVCsPVCs
bullbull ATM header suppressionATM header suppression
bullbull Full QoS supportFull QoS support
Packet Convergence SublayerPacket Convergence Sublayer
bullbull Initial support for Ethernet IPv4 and IPv6Initial support for Ethernet IPv4 and IPv6
bullbull Payload header suppressionPayload header suppressionndashndash generic plus IP-specificgeneric plus IP-specific
bullbull Full QoS supportFull QoS support
bullbull Possible future support forPossible future support forndashndash PPPPPP
ndashndash MPLSMPLS
ndashndash etcetc
MAC AddressingMAC Addressing
bullbull SS has 48-bit IEEE MAC AddressSS has 48-bit IEEE MAC Address
bullbull BS has 48-bit Base Station IDBS has 48-bit Base Station IDndashndash Not a MAC addressNot a MAC address
ndashndash 24-bit operator indicator24-bit operator indicator
bullbull 16-bit Connection ID (CID)16-bit Connection ID (CID)ndashndash Used in MAC Used in MAC PDUsPDUs
MAC PDU TransmissionMAC PDU Transmission
bullbull MACMAC PDUs PDUs are transmitted in PHY bursts are transmitted in PHY bursts
bullbull A single PHY burst can contain multipleA single PHY burst can contain multipleConcatenated Concatenated MACMAC PDUs PDUs
bullbull The PHY burst can contain multiple FECThe PHY burst can contain multiple FECblocksblocks
bullbull MAC MAC PDUsPDUs may span FEC block boundaries may span FEC block boundaries
bullbull The TC layer between the MAC and theThe TC layer between the MAC and thePHY allows for capturing the start of the nextPHY allows for capturing the start of the nextMAC PDU in case of erroneous FEC blocksMAC PDU in case of erroneous FEC blocks
MAC PDU TransmissionMAC PDU Transmission
Preamble FEC block
Burst
MAC PDUs PDU 1 PDU 2 PDU 3 PDU 4 PDU 5
FEC 1 FEC 2 FEC 3
MAC PDUs
P
P
MAC Message SDU 1 SDU 2
MAC PDU formatMAC PDU format
bullbull The Generic MAC header has fixed formatThe Generic MAC header has fixed formatbullbull One or more MAC sub-headers may be part of theOne or more MAC sub-headers may be part of the
payloadpayloadbullbull The presence of sub-headers is indicated by a TypeThe presence of sub-headers is indicated by a Type
field in the Generic MAC headerfield in the Generic MAC header
Generic MAC HeaderGeneric MAC Header
FragmentationFragmentationbullbull Partitioning a MAC SDU into fragments transportedPartitioning a MAC SDU into fragments transported
in multiple MACin multiple MAC PDUs PDUs
bullbull Each connection can be in only a singleEach connection can be in only a singlefragmentation state at any timefragmentation state at any time
bullbull Contents of the fragmentation sub-headerContents of the fragmentation sub-header
ndashndash 2-bit Fragmentation Control (FC)2-bit Fragmentation Control (FC)bullbull UnfragmentedUnfragmented Last fragment First fragment Last fragment First fragment
Continuing fragmentContinuing fragment
ndashndash 3-bit Fragmentation Sequence Number (FSN)3-bit Fragmentation Sequence Number (FSN)bullbull required to detect missing continuing fragmentsrequired to detect missing continuing fragments
bullbull continuous counter across continuous counter across SDUsSDUs
PackingPacking
bullbull The process of combining multiple MACThe process of combining multiple MAC SDUs SDUs(or fragments thereof) into a single MAC PDU(or fragments thereof) into a single MAC PDU
bullbull On connections with variable length MAC On connections with variable length MAC SDUsSDUsndashndash Packed PDU contains a sub-header for each packedPacked PDU contains a sub-header for each packed
SDU (or fragment thereof)SDU (or fragment thereof)
bullbull On connections with fixed length MAC On connections with fixed length MAC SDUsSDUsndashndash No packing sub-header neededNo packing sub-header needed
bullbull Packing and fragmentation can be combinedPacking and fragmentation can be combined
bullbull Can in certain situations save up to 10 ofCan in certain situations save up to 10 ofsystem bandwidthsystem bandwidth
Packing Fixed-Length Packing Fixed-Length SDUsSDUs
Packing Variable-Length Packing Variable-Length SDUsSDUs
bullbull2 Byte Packing Sub-Header before each SDU2 Byte Packing Sub-Header before each SDUbullbullLength of the SDU 11 bitsLength of the SDU 11 bitsbullbullfragmentation control (FC) 2 bitsfragmentation control (FC) 2 bitsbullbullfragmentation sequence number (FS) 3 bitsfragmentation sequence number (FS) 3 bits
Packing with FragmentationPacking with Fragmentation
Downlink transmissionsDownlink transmissionsbullbull Two kinds of bursts TDM and TDMATwo kinds of bursts TDM and TDMA
bullbull All bursts are identified by a DIUCAll bursts are identified by a DIUC
ndashndash DownlinkDownlink Interval Usage Code Interval Usage Code
bullbull TDMA bursts haveTDMA bursts have resync resync preamble preamblendashndash allows for more flexible schedulingallows for more flexible scheduling
bullbull Each terminal listens to all bursts at its operationalEach terminal listens to all bursts at its operationalIUC or at a more robust one except when told toIUC or at a more robust one except when told totransmittransmit
bullbull Each burst may contain data for several terminalsEach burst may contain data for several terminals
bullbull SS must recognize the SS must recognize the PDUsPDUs with known CIDs with known CIDs
bullbull DL-MAP message signals downlink usageDL-MAP message signals downlink usage
Downlink Channel DescriptorDownlink Channel Descriptor
bullbull Used for advertising downlink burst profilesUsed for advertising downlink burst profiles
bullbull Burst profile of DL broadcast channel is well-Burst profile of DL broadcast channel is well-knownknown
bullbull All others are acquiredAll others are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the flywithout interrupting the servicewithout interrupting the servicendashndash Not intended as super-adaptive modulationNot intended as super-adaptive modulation
bullbull Establishes association between DIUC andEstablishes association between DIUC andactual PHY parametersactual PHY parameters
Burst profilesBurst profilesbullbull Each burst profile hasEach burst profile has
mandatory exit thresholdmandatory exit thresholdand minimum entryand minimum entrythresholdthreshold
bullbull SS allowed to request a lessSS allowed to request a lessrobust DIUC once above therobust DIUC once above theminimum entry levelminimum entry level
bullbull SS must request fall back toSS must request fall back tomore robust DIUC once atmore robust DIUC once atmandatory exit thresholdmandatory exit threshold
bullbull Requests to change DIUCRequests to change DIUCdone with DBPC-REQ ordone with DBPC-REQ orRNG-REQ messagesRNG-REQ messages
Downlink Map MessageDownlink Map Message
bullbull DL-MAP message defines usage ofDL-MAP message defines usage ofdownlink and contains carrier-specific datadownlink and contains carrier-specific data
bullbull DL-MAP is first message in each frameDL-MAP is first message in each frame
bullbull Decoding very time-criticalDecoding very time-criticalndashndash typically done in hardwaretypically done in hardware
bullbull Entries denote instants when the burstEntries denote instants when the burstprofile changesprofile changes
Uplink TransmissionsUplink Transmissionsbullbull Invited transmissionsInvited transmissions
bullbull Transmissions in contention slotsTransmissions in contention slotsndashndash Bandwidth requestsBandwidth requests
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Transmissions in initial ranging slotsTransmissions in initial ranging slotsndashndash Ranging Requests (RNG-REQ)Ranging Requests (RNG-REQ)
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Bursts defined by Bursts defined by UIUCsUIUCs
bullbull Transmissions allocated by the UL-MAP messageTransmissions allocated by the UL-MAP message
bullbull All transmissions have synchronization preambleAll transmissions have synchronization preamble
bullbull Ideally all data from a single SS is concatenated intoIdeally all data from a single SS is concatenated intoa single PHY bursta single PHY burst
Uplink Channel DescriptorUplink Channel Descriptor
bullbull Defines uplink burst profilesDefines uplink burst profiles
bullbull Sent regularlySent regularly
bullbull All Uplink Burst profiles are acquiredAll Uplink Burst profiles are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the fly
bullbull Establishes association between UIUCEstablishes association between UIUCand actual PHY parametersand actual PHY parameters
Uplink MAP MessageUplink MAP Message
bullbull UL-MAP message defines usage of the uplinkUL-MAP message defines usage of the uplink
bullbull Contains the grantsContains the grants
bullbull Grants addressed to the SSGrants addressed to the SS
bullbull Time given in mini-slotsTime given in mini-slotsndashndash unit ofunit of uplink uplink bandwidth allocation bandwidth allocation
ndashndash 22mm physical slots physical slotsbullbull in 10-66in 10-66 GHz GHz PHY physical slot is 4 symbols PHY physical slot is 4 symbols
bullbull TTime expressed as arrival time at BSime expressed as arrival time at BS
Classes of Uplink ServiceClasses of Uplink ServiceCharacteristic of the Service FlowCharacteristic of the Service Flow
bullbull Unsolicited Grant Services (UGS)Unsolicited Grant Services (UGS)ndashndash for constant bit-rate (CBR) or CBR-like servicefor constant bit-rate (CBR) or CBR-like service
flows (flows (SFsSFs) such as T1E1) such as T1E1
bullbull Real-time Polling Services (Real-time Polling Services (rtPSrtPS))ndashndash for for rtrt-VBR-like -VBR-like SFsSFs such as MPEG video such as MPEG video
bullbull Non-real-time Polling Services (Non-real-time Polling Services (nrtPSnrtPS))ndashndash for for nrtnrt SFsSFs with better than best effort service with better than best effort service
such as bandwidth-intensive file transfersuch as bandwidth-intensive file transfer
bullbull Best Effort (BE)Best Effort (BE)ndashndash for best-effort trafficfor best-effort traffic
Uplink Services - UGSUplink Services - UGS
bullbull No explicit bandwidth requests issued by SSNo explicit bandwidth requests issued by SS
bullbull Prohibited from using any contention requestsProhibited from using any contention requests
bullbull No No unicast unicast request opportunity providedrequest opportunity provided
bullbull May include a Grant Management (GM) sub-May include a Grant Management (GM) sub-header containingheader containingndashndash Slip indicator indicates that there is an backlog inSlip indicator indicates that there is an backlog in
the buffer due to clock skew or loss of mapsthe buffer due to clock skew or loss of maps
ndashndash Poll-me bit indicates that the terminal needs to bePoll-me bit indicates that the terminal needs to bepolled (allows for not polling terminals with UGS-polled (allows for not polling terminals with UGS-only services)only services)
Uplink Services - Uplink Services - rtPSrtPS
bullbull Intended for Intended for rtrt-VBR-like service flows such as-VBR-like service flows such asMPEG videoMPEG video
bullbull Prohibited from using any contention requestsProhibited from using any contention requestsbullbull Terminals polled frequently enough to meetTerminals polled frequently enough to meet
the delay requirements of the the delay requirements of the SFsSFsbullbull Bandwidth requested with BW requestBandwidth requested with BW request
messages (a special MAC PDU header)messages (a special MAC PDU header)bullbull May use Grant Management sub-headerMay use Grant Management sub-header
ndashndash new request can be piggybacked with eachnew request can be piggybacked with eachtransmitted PDUtransmitted PDU
Uplink Service - Uplink Service - nrtPSnrtPS
bullbull Intended for non-real-time service flows withIntended for non-real-time service flows withbetter than best effort servicebetter than best effort servicendashndash eg bandwidth-intensive file transfer eg bandwidth-intensive file transfer
bullbull Works like Works like rtrt-polling except that polls are-polling except that polls areissued less frequentlyissued less frequently
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
Uplink Service - BEUplink Service - BE
bullbull Generic dataGeneric datandashndash eg HTTP SMTP etceg HTTP SMTP etc
bullbull No QoS guaranteesNo QoS guarantees
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
RequestGrant SchemeRequestGrant Scheme
bullbull Self CorrectingSelf Correctingndashndash No acknowledgementNo acknowledgement
ndashndash All errors are handled in the same way ieAll errors are handled in the same way ieperiodical aggregate requestsperiodical aggregate requests
bullbull Bandwidth Requests are always per ConnectionBandwidth Requests are always per Connection
bullbull Grants are either per Connection (GPC) or perGrants are either per Connection (GPC) or perSubscriber Station (GPSS)Subscriber Station (GPSS)
ndashndash Grants (given as Grants (given as durationsdurations) are carried in the) are carried in theUL-MAP messagesUL-MAP messages
ndashndash SS needs to convert the time to amount of dataSS needs to convert the time to amount of datausing information about the UIUCusing information about the UIUC
GPSS vs GPCGPSS vs GPCbullbull Bandwidth Grant per Subscriber Station (GPSS)Bandwidth Grant per Subscriber Station (GPSS)
ndashndash Base station grants bandwidth to the subscriber stationBase station grants bandwidth to the subscriber stationndashndash Subscriber station may re-distribute bandwidth among itsSubscriber station may re-distribute bandwidth among its
connections maintaining QoS and service-levelconnections maintaining QoS and service-levelagreementsagreements
ndashndash Suitable for many connections per terminal off-loadingSuitable for many connections per terminal off-loadingbase stationrsquos workbase stationrsquos work
ndashndash Allows more sophisticated reaction to QoS needsAllows more sophisticated reaction to QoS needsndashndash Low overhead but requires intelligent subscriber stationLow overhead but requires intelligent subscriber stationndashndash Mandatory for P80216 10-66 GHz PHYMandatory for P80216 10-66 GHz PHY
bullbull Bandwidth Grant per Connection (GPC)Bandwidth Grant per Connection (GPC)ndashndash Base station grants bandwidth to a connectionBase station grants bandwidth to a connectionndashndash Mostly suitable for few users per subscriber stationMostly suitable for few users per subscriber stationndashndash Higher overhead but allows simpler subscriber stationHigher overhead but allows simpler subscriber station
Bandwidth RequestsBandwidth Requestsbullbull Come from the Come from the ConnectionConnection
bullbull Several kinds of requestsSeveral kinds of requestsndashndash Implicit requests (UGS)Implicit requests (UGS)
bullbull No actual messages negotiated at connection setupNo actual messages negotiated at connection setup
ndashndash BW request messagesBW request messagesbullbull Uses the special BW request headerUses the special BW request header
bullbull Requests up to 32 KB with a single messageRequests up to 32 KB with a single message
bullbull Incremental or aggregate as indicated by MAC headerIncremental or aggregate as indicated by MAC header
ndashndash Piggybacked request (for non-UGS services only)Piggybacked request (for non-UGS services only)bullbull Presented in GM sub-header and always incrementalPresented in GM sub-header and always incremental
bullbull Up to 32 KB per request for the CIDUp to 32 KB per request for the CID
ndashndash Poll-Me bit (for UGS services only)Poll-Me bit (for UGS services only)bullbull Used by the SS to request a bandwidth poll for non-UGS servicesUsed by the SS to request a bandwidth poll for non-UGS services
BW Request MessageBW Request Message
Maintaining QoS in GPSSMaintaining QoS in GPSSbullbull Semi-distributed approachSemi-distributed approachbullbull BS sees the requests for each connectionBS sees the requests for each connection
based on this grants bandwidth (BW) to thebased on this grants bandwidth (BW) to theSSsSSs (maintaining QoS and fairness) (maintaining QoS and fairness)
bullbull SS scheduler maintains QoS among itsSS scheduler maintains QoS among itsconnections and is responsible to share theconnections and is responsible to share theBW among the connections (maintaining QoSBW among the connections (maintaining QoSand fairness)and fairness)
bullbull Algorithm in BS and SS can be very differentAlgorithm in BS and SS can be very differentSS may use BW in a way unforeseen by theSS may use BW in a way unforeseen by theBSBS
SS initializationSS initializationbullbull Scan forScan for downlink downlink channel and establish channel and establish
synchronization with the BSsynchronization with the BS
bullbull Obtain transmit parameters (from UCD message)Obtain transmit parameters (from UCD message)
bullbull Perform rangingPerform ranging
bullbull Negotiate basic capabilitiesNegotiate basic capabilities
bullbull Authorize SS and perform key exchangeAuthorize SS and perform key exchange
bullbull Perform registrationPerform registration
bullbull Establish IP connectivityEstablish IP connectivity
bullbull Establish time of dayEstablish time of day
bullbull Transfer operational parametersTransfer operational parameters
bullbull Set up connectionsSet up connections
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
TDD Frame (10-66 TDD Frame (10-66 GHzGHz))
TDD Downlink TDD Downlink SubframeSubframe
DIUC Downlink Interval Usage Code
Burst FDD FramingBurst FDD Framing
frame
Broadcast
Full Duplex Capable User
Half Duplex Terminal 1
Half Duplex Terminal 2
UPLINK
DOWNLINK
Allows scheduling flexibility
FDD Downlink FDD Downlink SubframeSubframe
TDMA portion transmits data to some half-duplex SSs (the onesscheduled to transmit earlier in the frame than they receive)
bull Need preamble to re-sync (carrier phase)
Baud Rates amp Channel SizeBaud Rates amp Channel Size
(10-66 (10-66 GHzGHz))bullbull Flexible plan - allows equipmentFlexible plan - allows equipment
manufactures to choose according tomanufactures to choose according tospectrum requirementsspectrum requirements
QPSK QPSK 16-QAM16-QAM 64-QAM64-QAMChannelChannel SymbolSymbol Bit Rate Bit Rate Bit Rate Bit Rate Bit RateBit RateWidthWidth RateRate (MHz)(MHz) ((MsymMsyms)s) ((MbitMbits) s) ((MbitMbits)s) ((MbitMbits)s)
2020 1616 3232 6464 969625 25 2020 40 40 80 80 12012028 28 224224 448 448 896 896 13441344
MAC RequirementsMAC Requirementsbullbull Provide Network AccessProvide Network Accessbullbull Address the Address the Wireless Wireless environmentenvironment
ndashndash eg very efficient use of spectrum eg very efficient use of spectrum
bullbull Broadband servicesBroadband servicesndashndash Very high bit rates downlink and uplinkVery high bit rates downlink and uplinkndashndash A range of QoS requirementsA range of QoS requirementsndashndash Ethernet IPv4 IPv6 ATM Ethernet IPv4 IPv6 ATM
bullbull Likelihood of terminal being sharedLikelihood of terminal being sharedndashndash Base Station may be heavily loadedBase Station may be heavily loaded
bullbull SecuritySecuritybullbull Protocol-Independent EngineProtocol-Independent Engine
ndashndash Convergence layers to ATM IP Ethernet Convergence layers to ATM IP Ethernet
bullbull Support both TDD and FDD in the PHYSupport both TDD and FDD in the PHY
80216 MAC Overview80216 MAC Overviewbullbull Point-to-MultipointPoint-to-Multipointbullbull Metropolitan Area NetworkMetropolitan Area Networkbullbull Connection-orientedConnection-orientedbullbull Supports difficult user environmentsSupports difficult user environments
ndashndash High bandwidth hundreds of users per channelHigh bandwidth hundreds of users per channelndashndash Continuous and burst trafficContinuous and burst trafficndashndash Very efficient use of spectrumVery efficient use of spectrum
bullbull Protocol-Independent core (ATM IP Ethernet hellip)Protocol-Independent core (ATM IP Ethernet hellip)bullbull Balances between stability of Balances between stability of contentionlesscontentionless and and
efficiency of contention-based operationefficiency of contention-based operationbullbull Flexible QoS offeringsFlexible QoS offerings
ndashndash CBR CBR rtrt-VBR -VBR nrtnrt-VBR BE with granularity within classes-VBR BE with granularity within classes
bullbull Supports multiple 80216 Supports multiple 80216 PHYsPHYs
Relationship to DOCSISRelationship to DOCSIS
bullbull ManagementManagementndashndash Dynamic service ldquoeditingrdquo protocol (AddChangeDelete)Dynamic service ldquoeditingrdquo protocol (AddChangeDelete)ndashndash Management message payload formatManagement message payload format
bullbull SecuritySecurityndashndash Authentication and PrivacyAuthentication and Privacy
bullbull Polling categoriesPolling categoriesbullbull Initial AccessInitial Access
ndashndash Slightly modified allowing terminal capability negotiationSlightly modified allowing terminal capability negotiation
bullbull Core MAC protocol engine is new design forCore MAC protocol engine is new design forWireless Metropolitan Area NetworksWireless Metropolitan Area Networks
DefinitionsDefinitionsbullbull Service Data Unit (SDU)Service Data Unit (SDU)
ndashndash Data units exchanged between adjacent layersData units exchanged between adjacent layers
bullbull Protocol Data Unit (PDU)Protocol Data Unit (PDU)ndashndash Data units exchanged between peer entitiesData units exchanged between peer entities
bullbull Connection and Connection IDConnection and Connection IDndashndash a unidirectional mapping between MAC peersa unidirectional mapping between MAC peers
over the over the airlinkairlink (uniquely identified by a CID) (uniquely identified by a CID)
bullbull Service Flow and Service Flow IDService Flow and Service Flow IDndashndash a unidirectional flow of MAC a unidirectional flow of MAC PDUsPDUs on a on a
connection that provides a particular QoSconnection that provides a particular QoS(uniquely identified by a SFID)(uniquely identified by a SFID)
ATM Convergence SublayerATM Convergence Sublayer
bullbull Support forSupport forndashndash VP (Virtual Path) switched connectionsVP (Virtual Path) switched connections
ndashndash VC (Virtual Channel) switched connectionsVC (Virtual Channel) switched connections
bullbull Support for end-to-end signaling ofSupport for end-to-end signaling ofdynamically created connectionsdynamically created connectionsndashndash SVCsSVCs
ndashndash soft soft PVCsPVCs
bullbull ATM header suppressionATM header suppression
bullbull Full QoS supportFull QoS support
Packet Convergence SublayerPacket Convergence Sublayer
bullbull Initial support for Ethernet IPv4 and IPv6Initial support for Ethernet IPv4 and IPv6
bullbull Payload header suppressionPayload header suppressionndashndash generic plus IP-specificgeneric plus IP-specific
bullbull Full QoS supportFull QoS support
bullbull Possible future support forPossible future support forndashndash PPPPPP
ndashndash MPLSMPLS
ndashndash etcetc
MAC AddressingMAC Addressing
bullbull SS has 48-bit IEEE MAC AddressSS has 48-bit IEEE MAC Address
bullbull BS has 48-bit Base Station IDBS has 48-bit Base Station IDndashndash Not a MAC addressNot a MAC address
ndashndash 24-bit operator indicator24-bit operator indicator
bullbull 16-bit Connection ID (CID)16-bit Connection ID (CID)ndashndash Used in MAC Used in MAC PDUsPDUs
MAC PDU TransmissionMAC PDU Transmission
bullbull MACMAC PDUs PDUs are transmitted in PHY bursts are transmitted in PHY bursts
bullbull A single PHY burst can contain multipleA single PHY burst can contain multipleConcatenated Concatenated MACMAC PDUs PDUs
bullbull The PHY burst can contain multiple FECThe PHY burst can contain multiple FECblocksblocks
bullbull MAC MAC PDUsPDUs may span FEC block boundaries may span FEC block boundaries
bullbull The TC layer between the MAC and theThe TC layer between the MAC and thePHY allows for capturing the start of the nextPHY allows for capturing the start of the nextMAC PDU in case of erroneous FEC blocksMAC PDU in case of erroneous FEC blocks
MAC PDU TransmissionMAC PDU Transmission
Preamble FEC block
Burst
MAC PDUs PDU 1 PDU 2 PDU 3 PDU 4 PDU 5
FEC 1 FEC 2 FEC 3
MAC PDUs
P
P
MAC Message SDU 1 SDU 2
MAC PDU formatMAC PDU format
bullbull The Generic MAC header has fixed formatThe Generic MAC header has fixed formatbullbull One or more MAC sub-headers may be part of theOne or more MAC sub-headers may be part of the
payloadpayloadbullbull The presence of sub-headers is indicated by a TypeThe presence of sub-headers is indicated by a Type
field in the Generic MAC headerfield in the Generic MAC header
Generic MAC HeaderGeneric MAC Header
FragmentationFragmentationbullbull Partitioning a MAC SDU into fragments transportedPartitioning a MAC SDU into fragments transported
in multiple MACin multiple MAC PDUs PDUs
bullbull Each connection can be in only a singleEach connection can be in only a singlefragmentation state at any timefragmentation state at any time
bullbull Contents of the fragmentation sub-headerContents of the fragmentation sub-header
ndashndash 2-bit Fragmentation Control (FC)2-bit Fragmentation Control (FC)bullbull UnfragmentedUnfragmented Last fragment First fragment Last fragment First fragment
Continuing fragmentContinuing fragment
ndashndash 3-bit Fragmentation Sequence Number (FSN)3-bit Fragmentation Sequence Number (FSN)bullbull required to detect missing continuing fragmentsrequired to detect missing continuing fragments
bullbull continuous counter across continuous counter across SDUsSDUs
PackingPacking
bullbull The process of combining multiple MACThe process of combining multiple MAC SDUs SDUs(or fragments thereof) into a single MAC PDU(or fragments thereof) into a single MAC PDU
bullbull On connections with variable length MAC On connections with variable length MAC SDUsSDUsndashndash Packed PDU contains a sub-header for each packedPacked PDU contains a sub-header for each packed
SDU (or fragment thereof)SDU (or fragment thereof)
bullbull On connections with fixed length MAC On connections with fixed length MAC SDUsSDUsndashndash No packing sub-header neededNo packing sub-header needed
bullbull Packing and fragmentation can be combinedPacking and fragmentation can be combined
bullbull Can in certain situations save up to 10 ofCan in certain situations save up to 10 ofsystem bandwidthsystem bandwidth
Packing Fixed-Length Packing Fixed-Length SDUsSDUs
Packing Variable-Length Packing Variable-Length SDUsSDUs
bullbull2 Byte Packing Sub-Header before each SDU2 Byte Packing Sub-Header before each SDUbullbullLength of the SDU 11 bitsLength of the SDU 11 bitsbullbullfragmentation control (FC) 2 bitsfragmentation control (FC) 2 bitsbullbullfragmentation sequence number (FS) 3 bitsfragmentation sequence number (FS) 3 bits
Packing with FragmentationPacking with Fragmentation
Downlink transmissionsDownlink transmissionsbullbull Two kinds of bursts TDM and TDMATwo kinds of bursts TDM and TDMA
bullbull All bursts are identified by a DIUCAll bursts are identified by a DIUC
ndashndash DownlinkDownlink Interval Usage Code Interval Usage Code
bullbull TDMA bursts haveTDMA bursts have resync resync preamble preamblendashndash allows for more flexible schedulingallows for more flexible scheduling
bullbull Each terminal listens to all bursts at its operationalEach terminal listens to all bursts at its operationalIUC or at a more robust one except when told toIUC or at a more robust one except when told totransmittransmit
bullbull Each burst may contain data for several terminalsEach burst may contain data for several terminals
bullbull SS must recognize the SS must recognize the PDUsPDUs with known CIDs with known CIDs
bullbull DL-MAP message signals downlink usageDL-MAP message signals downlink usage
Downlink Channel DescriptorDownlink Channel Descriptor
bullbull Used for advertising downlink burst profilesUsed for advertising downlink burst profiles
bullbull Burst profile of DL broadcast channel is well-Burst profile of DL broadcast channel is well-knownknown
bullbull All others are acquiredAll others are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the flywithout interrupting the servicewithout interrupting the servicendashndash Not intended as super-adaptive modulationNot intended as super-adaptive modulation
bullbull Establishes association between DIUC andEstablishes association between DIUC andactual PHY parametersactual PHY parameters
Burst profilesBurst profilesbullbull Each burst profile hasEach burst profile has
mandatory exit thresholdmandatory exit thresholdand minimum entryand minimum entrythresholdthreshold
bullbull SS allowed to request a lessSS allowed to request a lessrobust DIUC once above therobust DIUC once above theminimum entry levelminimum entry level
bullbull SS must request fall back toSS must request fall back tomore robust DIUC once atmore robust DIUC once atmandatory exit thresholdmandatory exit threshold
bullbull Requests to change DIUCRequests to change DIUCdone with DBPC-REQ ordone with DBPC-REQ orRNG-REQ messagesRNG-REQ messages
Downlink Map MessageDownlink Map Message
bullbull DL-MAP message defines usage ofDL-MAP message defines usage ofdownlink and contains carrier-specific datadownlink and contains carrier-specific data
bullbull DL-MAP is first message in each frameDL-MAP is first message in each frame
bullbull Decoding very time-criticalDecoding very time-criticalndashndash typically done in hardwaretypically done in hardware
bullbull Entries denote instants when the burstEntries denote instants when the burstprofile changesprofile changes
Uplink TransmissionsUplink Transmissionsbullbull Invited transmissionsInvited transmissions
bullbull Transmissions in contention slotsTransmissions in contention slotsndashndash Bandwidth requestsBandwidth requests
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Transmissions in initial ranging slotsTransmissions in initial ranging slotsndashndash Ranging Requests (RNG-REQ)Ranging Requests (RNG-REQ)
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Bursts defined by Bursts defined by UIUCsUIUCs
bullbull Transmissions allocated by the UL-MAP messageTransmissions allocated by the UL-MAP message
bullbull All transmissions have synchronization preambleAll transmissions have synchronization preamble
bullbull Ideally all data from a single SS is concatenated intoIdeally all data from a single SS is concatenated intoa single PHY bursta single PHY burst
Uplink Channel DescriptorUplink Channel Descriptor
bullbull Defines uplink burst profilesDefines uplink burst profiles
bullbull Sent regularlySent regularly
bullbull All Uplink Burst profiles are acquiredAll Uplink Burst profiles are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the fly
bullbull Establishes association between UIUCEstablishes association between UIUCand actual PHY parametersand actual PHY parameters
Uplink MAP MessageUplink MAP Message
bullbull UL-MAP message defines usage of the uplinkUL-MAP message defines usage of the uplink
bullbull Contains the grantsContains the grants
bullbull Grants addressed to the SSGrants addressed to the SS
bullbull Time given in mini-slotsTime given in mini-slotsndashndash unit ofunit of uplink uplink bandwidth allocation bandwidth allocation
ndashndash 22mm physical slots physical slotsbullbull in 10-66in 10-66 GHz GHz PHY physical slot is 4 symbols PHY physical slot is 4 symbols
bullbull TTime expressed as arrival time at BSime expressed as arrival time at BS
Classes of Uplink ServiceClasses of Uplink ServiceCharacteristic of the Service FlowCharacteristic of the Service Flow
bullbull Unsolicited Grant Services (UGS)Unsolicited Grant Services (UGS)ndashndash for constant bit-rate (CBR) or CBR-like servicefor constant bit-rate (CBR) or CBR-like service
flows (flows (SFsSFs) such as T1E1) such as T1E1
bullbull Real-time Polling Services (Real-time Polling Services (rtPSrtPS))ndashndash for for rtrt-VBR-like -VBR-like SFsSFs such as MPEG video such as MPEG video
bullbull Non-real-time Polling Services (Non-real-time Polling Services (nrtPSnrtPS))ndashndash for for nrtnrt SFsSFs with better than best effort service with better than best effort service
such as bandwidth-intensive file transfersuch as bandwidth-intensive file transfer
bullbull Best Effort (BE)Best Effort (BE)ndashndash for best-effort trafficfor best-effort traffic
Uplink Services - UGSUplink Services - UGS
bullbull No explicit bandwidth requests issued by SSNo explicit bandwidth requests issued by SS
bullbull Prohibited from using any contention requestsProhibited from using any contention requests
bullbull No No unicast unicast request opportunity providedrequest opportunity provided
bullbull May include a Grant Management (GM) sub-May include a Grant Management (GM) sub-header containingheader containingndashndash Slip indicator indicates that there is an backlog inSlip indicator indicates that there is an backlog in
the buffer due to clock skew or loss of mapsthe buffer due to clock skew or loss of maps
ndashndash Poll-me bit indicates that the terminal needs to bePoll-me bit indicates that the terminal needs to bepolled (allows for not polling terminals with UGS-polled (allows for not polling terminals with UGS-only services)only services)
Uplink Services - Uplink Services - rtPSrtPS
bullbull Intended for Intended for rtrt-VBR-like service flows such as-VBR-like service flows such asMPEG videoMPEG video
bullbull Prohibited from using any contention requestsProhibited from using any contention requestsbullbull Terminals polled frequently enough to meetTerminals polled frequently enough to meet
the delay requirements of the the delay requirements of the SFsSFsbullbull Bandwidth requested with BW requestBandwidth requested with BW request
messages (a special MAC PDU header)messages (a special MAC PDU header)bullbull May use Grant Management sub-headerMay use Grant Management sub-header
ndashndash new request can be piggybacked with eachnew request can be piggybacked with eachtransmitted PDUtransmitted PDU
Uplink Service - Uplink Service - nrtPSnrtPS
bullbull Intended for non-real-time service flows withIntended for non-real-time service flows withbetter than best effort servicebetter than best effort servicendashndash eg bandwidth-intensive file transfer eg bandwidth-intensive file transfer
bullbull Works like Works like rtrt-polling except that polls are-polling except that polls areissued less frequentlyissued less frequently
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
Uplink Service - BEUplink Service - BE
bullbull Generic dataGeneric datandashndash eg HTTP SMTP etceg HTTP SMTP etc
bullbull No QoS guaranteesNo QoS guarantees
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
RequestGrant SchemeRequestGrant Scheme
bullbull Self CorrectingSelf Correctingndashndash No acknowledgementNo acknowledgement
ndashndash All errors are handled in the same way ieAll errors are handled in the same way ieperiodical aggregate requestsperiodical aggregate requests
bullbull Bandwidth Requests are always per ConnectionBandwidth Requests are always per Connection
bullbull Grants are either per Connection (GPC) or perGrants are either per Connection (GPC) or perSubscriber Station (GPSS)Subscriber Station (GPSS)
ndashndash Grants (given as Grants (given as durationsdurations) are carried in the) are carried in theUL-MAP messagesUL-MAP messages
ndashndash SS needs to convert the time to amount of dataSS needs to convert the time to amount of datausing information about the UIUCusing information about the UIUC
GPSS vs GPCGPSS vs GPCbullbull Bandwidth Grant per Subscriber Station (GPSS)Bandwidth Grant per Subscriber Station (GPSS)
ndashndash Base station grants bandwidth to the subscriber stationBase station grants bandwidth to the subscriber stationndashndash Subscriber station may re-distribute bandwidth among itsSubscriber station may re-distribute bandwidth among its
connections maintaining QoS and service-levelconnections maintaining QoS and service-levelagreementsagreements
ndashndash Suitable for many connections per terminal off-loadingSuitable for many connections per terminal off-loadingbase stationrsquos workbase stationrsquos work
ndashndash Allows more sophisticated reaction to QoS needsAllows more sophisticated reaction to QoS needsndashndash Low overhead but requires intelligent subscriber stationLow overhead but requires intelligent subscriber stationndashndash Mandatory for P80216 10-66 GHz PHYMandatory for P80216 10-66 GHz PHY
bullbull Bandwidth Grant per Connection (GPC)Bandwidth Grant per Connection (GPC)ndashndash Base station grants bandwidth to a connectionBase station grants bandwidth to a connectionndashndash Mostly suitable for few users per subscriber stationMostly suitable for few users per subscriber stationndashndash Higher overhead but allows simpler subscriber stationHigher overhead but allows simpler subscriber station
Bandwidth RequestsBandwidth Requestsbullbull Come from the Come from the ConnectionConnection
bullbull Several kinds of requestsSeveral kinds of requestsndashndash Implicit requests (UGS)Implicit requests (UGS)
bullbull No actual messages negotiated at connection setupNo actual messages negotiated at connection setup
ndashndash BW request messagesBW request messagesbullbull Uses the special BW request headerUses the special BW request header
bullbull Requests up to 32 KB with a single messageRequests up to 32 KB with a single message
bullbull Incremental or aggregate as indicated by MAC headerIncremental or aggregate as indicated by MAC header
ndashndash Piggybacked request (for non-UGS services only)Piggybacked request (for non-UGS services only)bullbull Presented in GM sub-header and always incrementalPresented in GM sub-header and always incremental
bullbull Up to 32 KB per request for the CIDUp to 32 KB per request for the CID
ndashndash Poll-Me bit (for UGS services only)Poll-Me bit (for UGS services only)bullbull Used by the SS to request a bandwidth poll for non-UGS servicesUsed by the SS to request a bandwidth poll for non-UGS services
BW Request MessageBW Request Message
Maintaining QoS in GPSSMaintaining QoS in GPSSbullbull Semi-distributed approachSemi-distributed approachbullbull BS sees the requests for each connectionBS sees the requests for each connection
based on this grants bandwidth (BW) to thebased on this grants bandwidth (BW) to theSSsSSs (maintaining QoS and fairness) (maintaining QoS and fairness)
bullbull SS scheduler maintains QoS among itsSS scheduler maintains QoS among itsconnections and is responsible to share theconnections and is responsible to share theBW among the connections (maintaining QoSBW among the connections (maintaining QoSand fairness)and fairness)
bullbull Algorithm in BS and SS can be very differentAlgorithm in BS and SS can be very differentSS may use BW in a way unforeseen by theSS may use BW in a way unforeseen by theBSBS
SS initializationSS initializationbullbull Scan forScan for downlink downlink channel and establish channel and establish
synchronization with the BSsynchronization with the BS
bullbull Obtain transmit parameters (from UCD message)Obtain transmit parameters (from UCD message)
bullbull Perform rangingPerform ranging
bullbull Negotiate basic capabilitiesNegotiate basic capabilities
bullbull Authorize SS and perform key exchangeAuthorize SS and perform key exchange
bullbull Perform registrationPerform registration
bullbull Establish IP connectivityEstablish IP connectivity
bullbull Establish time of dayEstablish time of day
bullbull Transfer operational parametersTransfer operational parameters
bullbull Set up connectionsSet up connections
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
TDD Downlink TDD Downlink SubframeSubframe
DIUC Downlink Interval Usage Code
Burst FDD FramingBurst FDD Framing
frame
Broadcast
Full Duplex Capable User
Half Duplex Terminal 1
Half Duplex Terminal 2
UPLINK
DOWNLINK
Allows scheduling flexibility
FDD Downlink FDD Downlink SubframeSubframe
TDMA portion transmits data to some half-duplex SSs (the onesscheduled to transmit earlier in the frame than they receive)
bull Need preamble to re-sync (carrier phase)
Baud Rates amp Channel SizeBaud Rates amp Channel Size
(10-66 (10-66 GHzGHz))bullbull Flexible plan - allows equipmentFlexible plan - allows equipment
manufactures to choose according tomanufactures to choose according tospectrum requirementsspectrum requirements
QPSK QPSK 16-QAM16-QAM 64-QAM64-QAMChannelChannel SymbolSymbol Bit Rate Bit Rate Bit Rate Bit Rate Bit RateBit RateWidthWidth RateRate (MHz)(MHz) ((MsymMsyms)s) ((MbitMbits) s) ((MbitMbits)s) ((MbitMbits)s)
2020 1616 3232 6464 969625 25 2020 40 40 80 80 12012028 28 224224 448 448 896 896 13441344
MAC RequirementsMAC Requirementsbullbull Provide Network AccessProvide Network Accessbullbull Address the Address the Wireless Wireless environmentenvironment
ndashndash eg very efficient use of spectrum eg very efficient use of spectrum
bullbull Broadband servicesBroadband servicesndashndash Very high bit rates downlink and uplinkVery high bit rates downlink and uplinkndashndash A range of QoS requirementsA range of QoS requirementsndashndash Ethernet IPv4 IPv6 ATM Ethernet IPv4 IPv6 ATM
bullbull Likelihood of terminal being sharedLikelihood of terminal being sharedndashndash Base Station may be heavily loadedBase Station may be heavily loaded
bullbull SecuritySecuritybullbull Protocol-Independent EngineProtocol-Independent Engine
ndashndash Convergence layers to ATM IP Ethernet Convergence layers to ATM IP Ethernet
bullbull Support both TDD and FDD in the PHYSupport both TDD and FDD in the PHY
80216 MAC Overview80216 MAC Overviewbullbull Point-to-MultipointPoint-to-Multipointbullbull Metropolitan Area NetworkMetropolitan Area Networkbullbull Connection-orientedConnection-orientedbullbull Supports difficult user environmentsSupports difficult user environments
ndashndash High bandwidth hundreds of users per channelHigh bandwidth hundreds of users per channelndashndash Continuous and burst trafficContinuous and burst trafficndashndash Very efficient use of spectrumVery efficient use of spectrum
bullbull Protocol-Independent core (ATM IP Ethernet hellip)Protocol-Independent core (ATM IP Ethernet hellip)bullbull Balances between stability of Balances between stability of contentionlesscontentionless and and
efficiency of contention-based operationefficiency of contention-based operationbullbull Flexible QoS offeringsFlexible QoS offerings
ndashndash CBR CBR rtrt-VBR -VBR nrtnrt-VBR BE with granularity within classes-VBR BE with granularity within classes
bullbull Supports multiple 80216 Supports multiple 80216 PHYsPHYs
Relationship to DOCSISRelationship to DOCSIS
bullbull ManagementManagementndashndash Dynamic service ldquoeditingrdquo protocol (AddChangeDelete)Dynamic service ldquoeditingrdquo protocol (AddChangeDelete)ndashndash Management message payload formatManagement message payload format
bullbull SecuritySecurityndashndash Authentication and PrivacyAuthentication and Privacy
bullbull Polling categoriesPolling categoriesbullbull Initial AccessInitial Access
ndashndash Slightly modified allowing terminal capability negotiationSlightly modified allowing terminal capability negotiation
bullbull Core MAC protocol engine is new design forCore MAC protocol engine is new design forWireless Metropolitan Area NetworksWireless Metropolitan Area Networks
DefinitionsDefinitionsbullbull Service Data Unit (SDU)Service Data Unit (SDU)
ndashndash Data units exchanged between adjacent layersData units exchanged between adjacent layers
bullbull Protocol Data Unit (PDU)Protocol Data Unit (PDU)ndashndash Data units exchanged between peer entitiesData units exchanged between peer entities
bullbull Connection and Connection IDConnection and Connection IDndashndash a unidirectional mapping between MAC peersa unidirectional mapping between MAC peers
over the over the airlinkairlink (uniquely identified by a CID) (uniquely identified by a CID)
bullbull Service Flow and Service Flow IDService Flow and Service Flow IDndashndash a unidirectional flow of MAC a unidirectional flow of MAC PDUsPDUs on a on a
connection that provides a particular QoSconnection that provides a particular QoS(uniquely identified by a SFID)(uniquely identified by a SFID)
ATM Convergence SublayerATM Convergence Sublayer
bullbull Support forSupport forndashndash VP (Virtual Path) switched connectionsVP (Virtual Path) switched connections
ndashndash VC (Virtual Channel) switched connectionsVC (Virtual Channel) switched connections
bullbull Support for end-to-end signaling ofSupport for end-to-end signaling ofdynamically created connectionsdynamically created connectionsndashndash SVCsSVCs
ndashndash soft soft PVCsPVCs
bullbull ATM header suppressionATM header suppression
bullbull Full QoS supportFull QoS support
Packet Convergence SublayerPacket Convergence Sublayer
bullbull Initial support for Ethernet IPv4 and IPv6Initial support for Ethernet IPv4 and IPv6
bullbull Payload header suppressionPayload header suppressionndashndash generic plus IP-specificgeneric plus IP-specific
bullbull Full QoS supportFull QoS support
bullbull Possible future support forPossible future support forndashndash PPPPPP
ndashndash MPLSMPLS
ndashndash etcetc
MAC AddressingMAC Addressing
bullbull SS has 48-bit IEEE MAC AddressSS has 48-bit IEEE MAC Address
bullbull BS has 48-bit Base Station IDBS has 48-bit Base Station IDndashndash Not a MAC addressNot a MAC address
ndashndash 24-bit operator indicator24-bit operator indicator
bullbull 16-bit Connection ID (CID)16-bit Connection ID (CID)ndashndash Used in MAC Used in MAC PDUsPDUs
MAC PDU TransmissionMAC PDU Transmission
bullbull MACMAC PDUs PDUs are transmitted in PHY bursts are transmitted in PHY bursts
bullbull A single PHY burst can contain multipleA single PHY burst can contain multipleConcatenated Concatenated MACMAC PDUs PDUs
bullbull The PHY burst can contain multiple FECThe PHY burst can contain multiple FECblocksblocks
bullbull MAC MAC PDUsPDUs may span FEC block boundaries may span FEC block boundaries
bullbull The TC layer between the MAC and theThe TC layer between the MAC and thePHY allows for capturing the start of the nextPHY allows for capturing the start of the nextMAC PDU in case of erroneous FEC blocksMAC PDU in case of erroneous FEC blocks
MAC PDU TransmissionMAC PDU Transmission
Preamble FEC block
Burst
MAC PDUs PDU 1 PDU 2 PDU 3 PDU 4 PDU 5
FEC 1 FEC 2 FEC 3
MAC PDUs
P
P
MAC Message SDU 1 SDU 2
MAC PDU formatMAC PDU format
bullbull The Generic MAC header has fixed formatThe Generic MAC header has fixed formatbullbull One or more MAC sub-headers may be part of theOne or more MAC sub-headers may be part of the
payloadpayloadbullbull The presence of sub-headers is indicated by a TypeThe presence of sub-headers is indicated by a Type
field in the Generic MAC headerfield in the Generic MAC header
Generic MAC HeaderGeneric MAC Header
FragmentationFragmentationbullbull Partitioning a MAC SDU into fragments transportedPartitioning a MAC SDU into fragments transported
in multiple MACin multiple MAC PDUs PDUs
bullbull Each connection can be in only a singleEach connection can be in only a singlefragmentation state at any timefragmentation state at any time
bullbull Contents of the fragmentation sub-headerContents of the fragmentation sub-header
ndashndash 2-bit Fragmentation Control (FC)2-bit Fragmentation Control (FC)bullbull UnfragmentedUnfragmented Last fragment First fragment Last fragment First fragment
Continuing fragmentContinuing fragment
ndashndash 3-bit Fragmentation Sequence Number (FSN)3-bit Fragmentation Sequence Number (FSN)bullbull required to detect missing continuing fragmentsrequired to detect missing continuing fragments
bullbull continuous counter across continuous counter across SDUsSDUs
PackingPacking
bullbull The process of combining multiple MACThe process of combining multiple MAC SDUs SDUs(or fragments thereof) into a single MAC PDU(or fragments thereof) into a single MAC PDU
bullbull On connections with variable length MAC On connections with variable length MAC SDUsSDUsndashndash Packed PDU contains a sub-header for each packedPacked PDU contains a sub-header for each packed
SDU (or fragment thereof)SDU (or fragment thereof)
bullbull On connections with fixed length MAC On connections with fixed length MAC SDUsSDUsndashndash No packing sub-header neededNo packing sub-header needed
bullbull Packing and fragmentation can be combinedPacking and fragmentation can be combined
bullbull Can in certain situations save up to 10 ofCan in certain situations save up to 10 ofsystem bandwidthsystem bandwidth
Packing Fixed-Length Packing Fixed-Length SDUsSDUs
Packing Variable-Length Packing Variable-Length SDUsSDUs
bullbull2 Byte Packing Sub-Header before each SDU2 Byte Packing Sub-Header before each SDUbullbullLength of the SDU 11 bitsLength of the SDU 11 bitsbullbullfragmentation control (FC) 2 bitsfragmentation control (FC) 2 bitsbullbullfragmentation sequence number (FS) 3 bitsfragmentation sequence number (FS) 3 bits
Packing with FragmentationPacking with Fragmentation
Downlink transmissionsDownlink transmissionsbullbull Two kinds of bursts TDM and TDMATwo kinds of bursts TDM and TDMA
bullbull All bursts are identified by a DIUCAll bursts are identified by a DIUC
ndashndash DownlinkDownlink Interval Usage Code Interval Usage Code
bullbull TDMA bursts haveTDMA bursts have resync resync preamble preamblendashndash allows for more flexible schedulingallows for more flexible scheduling
bullbull Each terminal listens to all bursts at its operationalEach terminal listens to all bursts at its operationalIUC or at a more robust one except when told toIUC or at a more robust one except when told totransmittransmit
bullbull Each burst may contain data for several terminalsEach burst may contain data for several terminals
bullbull SS must recognize the SS must recognize the PDUsPDUs with known CIDs with known CIDs
bullbull DL-MAP message signals downlink usageDL-MAP message signals downlink usage
Downlink Channel DescriptorDownlink Channel Descriptor
bullbull Used for advertising downlink burst profilesUsed for advertising downlink burst profiles
bullbull Burst profile of DL broadcast channel is well-Burst profile of DL broadcast channel is well-knownknown
bullbull All others are acquiredAll others are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the flywithout interrupting the servicewithout interrupting the servicendashndash Not intended as super-adaptive modulationNot intended as super-adaptive modulation
bullbull Establishes association between DIUC andEstablishes association between DIUC andactual PHY parametersactual PHY parameters
Burst profilesBurst profilesbullbull Each burst profile hasEach burst profile has
mandatory exit thresholdmandatory exit thresholdand minimum entryand minimum entrythresholdthreshold
bullbull SS allowed to request a lessSS allowed to request a lessrobust DIUC once above therobust DIUC once above theminimum entry levelminimum entry level
bullbull SS must request fall back toSS must request fall back tomore robust DIUC once atmore robust DIUC once atmandatory exit thresholdmandatory exit threshold
bullbull Requests to change DIUCRequests to change DIUCdone with DBPC-REQ ordone with DBPC-REQ orRNG-REQ messagesRNG-REQ messages
Downlink Map MessageDownlink Map Message
bullbull DL-MAP message defines usage ofDL-MAP message defines usage ofdownlink and contains carrier-specific datadownlink and contains carrier-specific data
bullbull DL-MAP is first message in each frameDL-MAP is first message in each frame
bullbull Decoding very time-criticalDecoding very time-criticalndashndash typically done in hardwaretypically done in hardware
bullbull Entries denote instants when the burstEntries denote instants when the burstprofile changesprofile changes
Uplink TransmissionsUplink Transmissionsbullbull Invited transmissionsInvited transmissions
bullbull Transmissions in contention slotsTransmissions in contention slotsndashndash Bandwidth requestsBandwidth requests
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Transmissions in initial ranging slotsTransmissions in initial ranging slotsndashndash Ranging Requests (RNG-REQ)Ranging Requests (RNG-REQ)
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Bursts defined by Bursts defined by UIUCsUIUCs
bullbull Transmissions allocated by the UL-MAP messageTransmissions allocated by the UL-MAP message
bullbull All transmissions have synchronization preambleAll transmissions have synchronization preamble
bullbull Ideally all data from a single SS is concatenated intoIdeally all data from a single SS is concatenated intoa single PHY bursta single PHY burst
Uplink Channel DescriptorUplink Channel Descriptor
bullbull Defines uplink burst profilesDefines uplink burst profiles
bullbull Sent regularlySent regularly
bullbull All Uplink Burst profiles are acquiredAll Uplink Burst profiles are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the fly
bullbull Establishes association between UIUCEstablishes association between UIUCand actual PHY parametersand actual PHY parameters
Uplink MAP MessageUplink MAP Message
bullbull UL-MAP message defines usage of the uplinkUL-MAP message defines usage of the uplink
bullbull Contains the grantsContains the grants
bullbull Grants addressed to the SSGrants addressed to the SS
bullbull Time given in mini-slotsTime given in mini-slotsndashndash unit ofunit of uplink uplink bandwidth allocation bandwidth allocation
ndashndash 22mm physical slots physical slotsbullbull in 10-66in 10-66 GHz GHz PHY physical slot is 4 symbols PHY physical slot is 4 symbols
bullbull TTime expressed as arrival time at BSime expressed as arrival time at BS
Classes of Uplink ServiceClasses of Uplink ServiceCharacteristic of the Service FlowCharacteristic of the Service Flow
bullbull Unsolicited Grant Services (UGS)Unsolicited Grant Services (UGS)ndashndash for constant bit-rate (CBR) or CBR-like servicefor constant bit-rate (CBR) or CBR-like service
flows (flows (SFsSFs) such as T1E1) such as T1E1
bullbull Real-time Polling Services (Real-time Polling Services (rtPSrtPS))ndashndash for for rtrt-VBR-like -VBR-like SFsSFs such as MPEG video such as MPEG video
bullbull Non-real-time Polling Services (Non-real-time Polling Services (nrtPSnrtPS))ndashndash for for nrtnrt SFsSFs with better than best effort service with better than best effort service
such as bandwidth-intensive file transfersuch as bandwidth-intensive file transfer
bullbull Best Effort (BE)Best Effort (BE)ndashndash for best-effort trafficfor best-effort traffic
Uplink Services - UGSUplink Services - UGS
bullbull No explicit bandwidth requests issued by SSNo explicit bandwidth requests issued by SS
bullbull Prohibited from using any contention requestsProhibited from using any contention requests
bullbull No No unicast unicast request opportunity providedrequest opportunity provided
bullbull May include a Grant Management (GM) sub-May include a Grant Management (GM) sub-header containingheader containingndashndash Slip indicator indicates that there is an backlog inSlip indicator indicates that there is an backlog in
the buffer due to clock skew or loss of mapsthe buffer due to clock skew or loss of maps
ndashndash Poll-me bit indicates that the terminal needs to bePoll-me bit indicates that the terminal needs to bepolled (allows for not polling terminals with UGS-polled (allows for not polling terminals with UGS-only services)only services)
Uplink Services - Uplink Services - rtPSrtPS
bullbull Intended for Intended for rtrt-VBR-like service flows such as-VBR-like service flows such asMPEG videoMPEG video
bullbull Prohibited from using any contention requestsProhibited from using any contention requestsbullbull Terminals polled frequently enough to meetTerminals polled frequently enough to meet
the delay requirements of the the delay requirements of the SFsSFsbullbull Bandwidth requested with BW requestBandwidth requested with BW request
messages (a special MAC PDU header)messages (a special MAC PDU header)bullbull May use Grant Management sub-headerMay use Grant Management sub-header
ndashndash new request can be piggybacked with eachnew request can be piggybacked with eachtransmitted PDUtransmitted PDU
Uplink Service - Uplink Service - nrtPSnrtPS
bullbull Intended for non-real-time service flows withIntended for non-real-time service flows withbetter than best effort servicebetter than best effort servicendashndash eg bandwidth-intensive file transfer eg bandwidth-intensive file transfer
bullbull Works like Works like rtrt-polling except that polls are-polling except that polls areissued less frequentlyissued less frequently
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
Uplink Service - BEUplink Service - BE
bullbull Generic dataGeneric datandashndash eg HTTP SMTP etceg HTTP SMTP etc
bullbull No QoS guaranteesNo QoS guarantees
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
RequestGrant SchemeRequestGrant Scheme
bullbull Self CorrectingSelf Correctingndashndash No acknowledgementNo acknowledgement
ndashndash All errors are handled in the same way ieAll errors are handled in the same way ieperiodical aggregate requestsperiodical aggregate requests
bullbull Bandwidth Requests are always per ConnectionBandwidth Requests are always per Connection
bullbull Grants are either per Connection (GPC) or perGrants are either per Connection (GPC) or perSubscriber Station (GPSS)Subscriber Station (GPSS)
ndashndash Grants (given as Grants (given as durationsdurations) are carried in the) are carried in theUL-MAP messagesUL-MAP messages
ndashndash SS needs to convert the time to amount of dataSS needs to convert the time to amount of datausing information about the UIUCusing information about the UIUC
GPSS vs GPCGPSS vs GPCbullbull Bandwidth Grant per Subscriber Station (GPSS)Bandwidth Grant per Subscriber Station (GPSS)
ndashndash Base station grants bandwidth to the subscriber stationBase station grants bandwidth to the subscriber stationndashndash Subscriber station may re-distribute bandwidth among itsSubscriber station may re-distribute bandwidth among its
connections maintaining QoS and service-levelconnections maintaining QoS and service-levelagreementsagreements
ndashndash Suitable for many connections per terminal off-loadingSuitable for many connections per terminal off-loadingbase stationrsquos workbase stationrsquos work
ndashndash Allows more sophisticated reaction to QoS needsAllows more sophisticated reaction to QoS needsndashndash Low overhead but requires intelligent subscriber stationLow overhead but requires intelligent subscriber stationndashndash Mandatory for P80216 10-66 GHz PHYMandatory for P80216 10-66 GHz PHY
bullbull Bandwidth Grant per Connection (GPC)Bandwidth Grant per Connection (GPC)ndashndash Base station grants bandwidth to a connectionBase station grants bandwidth to a connectionndashndash Mostly suitable for few users per subscriber stationMostly suitable for few users per subscriber stationndashndash Higher overhead but allows simpler subscriber stationHigher overhead but allows simpler subscriber station
Bandwidth RequestsBandwidth Requestsbullbull Come from the Come from the ConnectionConnection
bullbull Several kinds of requestsSeveral kinds of requestsndashndash Implicit requests (UGS)Implicit requests (UGS)
bullbull No actual messages negotiated at connection setupNo actual messages negotiated at connection setup
ndashndash BW request messagesBW request messagesbullbull Uses the special BW request headerUses the special BW request header
bullbull Requests up to 32 KB with a single messageRequests up to 32 KB with a single message
bullbull Incremental or aggregate as indicated by MAC headerIncremental or aggregate as indicated by MAC header
ndashndash Piggybacked request (for non-UGS services only)Piggybacked request (for non-UGS services only)bullbull Presented in GM sub-header and always incrementalPresented in GM sub-header and always incremental
bullbull Up to 32 KB per request for the CIDUp to 32 KB per request for the CID
ndashndash Poll-Me bit (for UGS services only)Poll-Me bit (for UGS services only)bullbull Used by the SS to request a bandwidth poll for non-UGS servicesUsed by the SS to request a bandwidth poll for non-UGS services
BW Request MessageBW Request Message
Maintaining QoS in GPSSMaintaining QoS in GPSSbullbull Semi-distributed approachSemi-distributed approachbullbull BS sees the requests for each connectionBS sees the requests for each connection
based on this grants bandwidth (BW) to thebased on this grants bandwidth (BW) to theSSsSSs (maintaining QoS and fairness) (maintaining QoS and fairness)
bullbull SS scheduler maintains QoS among itsSS scheduler maintains QoS among itsconnections and is responsible to share theconnections and is responsible to share theBW among the connections (maintaining QoSBW among the connections (maintaining QoSand fairness)and fairness)
bullbull Algorithm in BS and SS can be very differentAlgorithm in BS and SS can be very differentSS may use BW in a way unforeseen by theSS may use BW in a way unforeseen by theBSBS
SS initializationSS initializationbullbull Scan forScan for downlink downlink channel and establish channel and establish
synchronization with the BSsynchronization with the BS
bullbull Obtain transmit parameters (from UCD message)Obtain transmit parameters (from UCD message)
bullbull Perform rangingPerform ranging
bullbull Negotiate basic capabilitiesNegotiate basic capabilities
bullbull Authorize SS and perform key exchangeAuthorize SS and perform key exchange
bullbull Perform registrationPerform registration
bullbull Establish IP connectivityEstablish IP connectivity
bullbull Establish time of dayEstablish time of day
bullbull Transfer operational parametersTransfer operational parameters
bullbull Set up connectionsSet up connections
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
Burst FDD FramingBurst FDD Framing
frame
Broadcast
Full Duplex Capable User
Half Duplex Terminal 1
Half Duplex Terminal 2
UPLINK
DOWNLINK
Allows scheduling flexibility
FDD Downlink FDD Downlink SubframeSubframe
TDMA portion transmits data to some half-duplex SSs (the onesscheduled to transmit earlier in the frame than they receive)
bull Need preamble to re-sync (carrier phase)
Baud Rates amp Channel SizeBaud Rates amp Channel Size
(10-66 (10-66 GHzGHz))bullbull Flexible plan - allows equipmentFlexible plan - allows equipment
manufactures to choose according tomanufactures to choose according tospectrum requirementsspectrum requirements
QPSK QPSK 16-QAM16-QAM 64-QAM64-QAMChannelChannel SymbolSymbol Bit Rate Bit Rate Bit Rate Bit Rate Bit RateBit RateWidthWidth RateRate (MHz)(MHz) ((MsymMsyms)s) ((MbitMbits) s) ((MbitMbits)s) ((MbitMbits)s)
2020 1616 3232 6464 969625 25 2020 40 40 80 80 12012028 28 224224 448 448 896 896 13441344
MAC RequirementsMAC Requirementsbullbull Provide Network AccessProvide Network Accessbullbull Address the Address the Wireless Wireless environmentenvironment
ndashndash eg very efficient use of spectrum eg very efficient use of spectrum
bullbull Broadband servicesBroadband servicesndashndash Very high bit rates downlink and uplinkVery high bit rates downlink and uplinkndashndash A range of QoS requirementsA range of QoS requirementsndashndash Ethernet IPv4 IPv6 ATM Ethernet IPv4 IPv6 ATM
bullbull Likelihood of terminal being sharedLikelihood of terminal being sharedndashndash Base Station may be heavily loadedBase Station may be heavily loaded
bullbull SecuritySecuritybullbull Protocol-Independent EngineProtocol-Independent Engine
ndashndash Convergence layers to ATM IP Ethernet Convergence layers to ATM IP Ethernet
bullbull Support both TDD and FDD in the PHYSupport both TDD and FDD in the PHY
80216 MAC Overview80216 MAC Overviewbullbull Point-to-MultipointPoint-to-Multipointbullbull Metropolitan Area NetworkMetropolitan Area Networkbullbull Connection-orientedConnection-orientedbullbull Supports difficult user environmentsSupports difficult user environments
ndashndash High bandwidth hundreds of users per channelHigh bandwidth hundreds of users per channelndashndash Continuous and burst trafficContinuous and burst trafficndashndash Very efficient use of spectrumVery efficient use of spectrum
bullbull Protocol-Independent core (ATM IP Ethernet hellip)Protocol-Independent core (ATM IP Ethernet hellip)bullbull Balances between stability of Balances between stability of contentionlesscontentionless and and
efficiency of contention-based operationefficiency of contention-based operationbullbull Flexible QoS offeringsFlexible QoS offerings
ndashndash CBR CBR rtrt-VBR -VBR nrtnrt-VBR BE with granularity within classes-VBR BE with granularity within classes
bullbull Supports multiple 80216 Supports multiple 80216 PHYsPHYs
Relationship to DOCSISRelationship to DOCSIS
bullbull ManagementManagementndashndash Dynamic service ldquoeditingrdquo protocol (AddChangeDelete)Dynamic service ldquoeditingrdquo protocol (AddChangeDelete)ndashndash Management message payload formatManagement message payload format
bullbull SecuritySecurityndashndash Authentication and PrivacyAuthentication and Privacy
bullbull Polling categoriesPolling categoriesbullbull Initial AccessInitial Access
ndashndash Slightly modified allowing terminal capability negotiationSlightly modified allowing terminal capability negotiation
bullbull Core MAC protocol engine is new design forCore MAC protocol engine is new design forWireless Metropolitan Area NetworksWireless Metropolitan Area Networks
DefinitionsDefinitionsbullbull Service Data Unit (SDU)Service Data Unit (SDU)
ndashndash Data units exchanged between adjacent layersData units exchanged between adjacent layers
bullbull Protocol Data Unit (PDU)Protocol Data Unit (PDU)ndashndash Data units exchanged between peer entitiesData units exchanged between peer entities
bullbull Connection and Connection IDConnection and Connection IDndashndash a unidirectional mapping between MAC peersa unidirectional mapping between MAC peers
over the over the airlinkairlink (uniquely identified by a CID) (uniquely identified by a CID)
bullbull Service Flow and Service Flow IDService Flow and Service Flow IDndashndash a unidirectional flow of MAC a unidirectional flow of MAC PDUsPDUs on a on a
connection that provides a particular QoSconnection that provides a particular QoS(uniquely identified by a SFID)(uniquely identified by a SFID)
ATM Convergence SublayerATM Convergence Sublayer
bullbull Support forSupport forndashndash VP (Virtual Path) switched connectionsVP (Virtual Path) switched connections
ndashndash VC (Virtual Channel) switched connectionsVC (Virtual Channel) switched connections
bullbull Support for end-to-end signaling ofSupport for end-to-end signaling ofdynamically created connectionsdynamically created connectionsndashndash SVCsSVCs
ndashndash soft soft PVCsPVCs
bullbull ATM header suppressionATM header suppression
bullbull Full QoS supportFull QoS support
Packet Convergence SublayerPacket Convergence Sublayer
bullbull Initial support for Ethernet IPv4 and IPv6Initial support for Ethernet IPv4 and IPv6
bullbull Payload header suppressionPayload header suppressionndashndash generic plus IP-specificgeneric plus IP-specific
bullbull Full QoS supportFull QoS support
bullbull Possible future support forPossible future support forndashndash PPPPPP
ndashndash MPLSMPLS
ndashndash etcetc
MAC AddressingMAC Addressing
bullbull SS has 48-bit IEEE MAC AddressSS has 48-bit IEEE MAC Address
bullbull BS has 48-bit Base Station IDBS has 48-bit Base Station IDndashndash Not a MAC addressNot a MAC address
ndashndash 24-bit operator indicator24-bit operator indicator
bullbull 16-bit Connection ID (CID)16-bit Connection ID (CID)ndashndash Used in MAC Used in MAC PDUsPDUs
MAC PDU TransmissionMAC PDU Transmission
bullbull MACMAC PDUs PDUs are transmitted in PHY bursts are transmitted in PHY bursts
bullbull A single PHY burst can contain multipleA single PHY burst can contain multipleConcatenated Concatenated MACMAC PDUs PDUs
bullbull The PHY burst can contain multiple FECThe PHY burst can contain multiple FECblocksblocks
bullbull MAC MAC PDUsPDUs may span FEC block boundaries may span FEC block boundaries
bullbull The TC layer between the MAC and theThe TC layer between the MAC and thePHY allows for capturing the start of the nextPHY allows for capturing the start of the nextMAC PDU in case of erroneous FEC blocksMAC PDU in case of erroneous FEC blocks
MAC PDU TransmissionMAC PDU Transmission
Preamble FEC block
Burst
MAC PDUs PDU 1 PDU 2 PDU 3 PDU 4 PDU 5
FEC 1 FEC 2 FEC 3
MAC PDUs
P
P
MAC Message SDU 1 SDU 2
MAC PDU formatMAC PDU format
bullbull The Generic MAC header has fixed formatThe Generic MAC header has fixed formatbullbull One or more MAC sub-headers may be part of theOne or more MAC sub-headers may be part of the
payloadpayloadbullbull The presence of sub-headers is indicated by a TypeThe presence of sub-headers is indicated by a Type
field in the Generic MAC headerfield in the Generic MAC header
Generic MAC HeaderGeneric MAC Header
FragmentationFragmentationbullbull Partitioning a MAC SDU into fragments transportedPartitioning a MAC SDU into fragments transported
in multiple MACin multiple MAC PDUs PDUs
bullbull Each connection can be in only a singleEach connection can be in only a singlefragmentation state at any timefragmentation state at any time
bullbull Contents of the fragmentation sub-headerContents of the fragmentation sub-header
ndashndash 2-bit Fragmentation Control (FC)2-bit Fragmentation Control (FC)bullbull UnfragmentedUnfragmented Last fragment First fragment Last fragment First fragment
Continuing fragmentContinuing fragment
ndashndash 3-bit Fragmentation Sequence Number (FSN)3-bit Fragmentation Sequence Number (FSN)bullbull required to detect missing continuing fragmentsrequired to detect missing continuing fragments
bullbull continuous counter across continuous counter across SDUsSDUs
PackingPacking
bullbull The process of combining multiple MACThe process of combining multiple MAC SDUs SDUs(or fragments thereof) into a single MAC PDU(or fragments thereof) into a single MAC PDU
bullbull On connections with variable length MAC On connections with variable length MAC SDUsSDUsndashndash Packed PDU contains a sub-header for each packedPacked PDU contains a sub-header for each packed
SDU (or fragment thereof)SDU (or fragment thereof)
bullbull On connections with fixed length MAC On connections with fixed length MAC SDUsSDUsndashndash No packing sub-header neededNo packing sub-header needed
bullbull Packing and fragmentation can be combinedPacking and fragmentation can be combined
bullbull Can in certain situations save up to 10 ofCan in certain situations save up to 10 ofsystem bandwidthsystem bandwidth
Packing Fixed-Length Packing Fixed-Length SDUsSDUs
Packing Variable-Length Packing Variable-Length SDUsSDUs
bullbull2 Byte Packing Sub-Header before each SDU2 Byte Packing Sub-Header before each SDUbullbullLength of the SDU 11 bitsLength of the SDU 11 bitsbullbullfragmentation control (FC) 2 bitsfragmentation control (FC) 2 bitsbullbullfragmentation sequence number (FS) 3 bitsfragmentation sequence number (FS) 3 bits
Packing with FragmentationPacking with Fragmentation
Downlink transmissionsDownlink transmissionsbullbull Two kinds of bursts TDM and TDMATwo kinds of bursts TDM and TDMA
bullbull All bursts are identified by a DIUCAll bursts are identified by a DIUC
ndashndash DownlinkDownlink Interval Usage Code Interval Usage Code
bullbull TDMA bursts haveTDMA bursts have resync resync preamble preamblendashndash allows for more flexible schedulingallows for more flexible scheduling
bullbull Each terminal listens to all bursts at its operationalEach terminal listens to all bursts at its operationalIUC or at a more robust one except when told toIUC or at a more robust one except when told totransmittransmit
bullbull Each burst may contain data for several terminalsEach burst may contain data for several terminals
bullbull SS must recognize the SS must recognize the PDUsPDUs with known CIDs with known CIDs
bullbull DL-MAP message signals downlink usageDL-MAP message signals downlink usage
Downlink Channel DescriptorDownlink Channel Descriptor
bullbull Used for advertising downlink burst profilesUsed for advertising downlink burst profiles
bullbull Burst profile of DL broadcast channel is well-Burst profile of DL broadcast channel is well-knownknown
bullbull All others are acquiredAll others are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the flywithout interrupting the servicewithout interrupting the servicendashndash Not intended as super-adaptive modulationNot intended as super-adaptive modulation
bullbull Establishes association between DIUC andEstablishes association between DIUC andactual PHY parametersactual PHY parameters
Burst profilesBurst profilesbullbull Each burst profile hasEach burst profile has
mandatory exit thresholdmandatory exit thresholdand minimum entryand minimum entrythresholdthreshold
bullbull SS allowed to request a lessSS allowed to request a lessrobust DIUC once above therobust DIUC once above theminimum entry levelminimum entry level
bullbull SS must request fall back toSS must request fall back tomore robust DIUC once atmore robust DIUC once atmandatory exit thresholdmandatory exit threshold
bullbull Requests to change DIUCRequests to change DIUCdone with DBPC-REQ ordone with DBPC-REQ orRNG-REQ messagesRNG-REQ messages
Downlink Map MessageDownlink Map Message
bullbull DL-MAP message defines usage ofDL-MAP message defines usage ofdownlink and contains carrier-specific datadownlink and contains carrier-specific data
bullbull DL-MAP is first message in each frameDL-MAP is first message in each frame
bullbull Decoding very time-criticalDecoding very time-criticalndashndash typically done in hardwaretypically done in hardware
bullbull Entries denote instants when the burstEntries denote instants when the burstprofile changesprofile changes
Uplink TransmissionsUplink Transmissionsbullbull Invited transmissionsInvited transmissions
bullbull Transmissions in contention slotsTransmissions in contention slotsndashndash Bandwidth requestsBandwidth requests
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Transmissions in initial ranging slotsTransmissions in initial ranging slotsndashndash Ranging Requests (RNG-REQ)Ranging Requests (RNG-REQ)
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Bursts defined by Bursts defined by UIUCsUIUCs
bullbull Transmissions allocated by the UL-MAP messageTransmissions allocated by the UL-MAP message
bullbull All transmissions have synchronization preambleAll transmissions have synchronization preamble
bullbull Ideally all data from a single SS is concatenated intoIdeally all data from a single SS is concatenated intoa single PHY bursta single PHY burst
Uplink Channel DescriptorUplink Channel Descriptor
bullbull Defines uplink burst profilesDefines uplink burst profiles
bullbull Sent regularlySent regularly
bullbull All Uplink Burst profiles are acquiredAll Uplink Burst profiles are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the fly
bullbull Establishes association between UIUCEstablishes association between UIUCand actual PHY parametersand actual PHY parameters
Uplink MAP MessageUplink MAP Message
bullbull UL-MAP message defines usage of the uplinkUL-MAP message defines usage of the uplink
bullbull Contains the grantsContains the grants
bullbull Grants addressed to the SSGrants addressed to the SS
bullbull Time given in mini-slotsTime given in mini-slotsndashndash unit ofunit of uplink uplink bandwidth allocation bandwidth allocation
ndashndash 22mm physical slots physical slotsbullbull in 10-66in 10-66 GHz GHz PHY physical slot is 4 symbols PHY physical slot is 4 symbols
bullbull TTime expressed as arrival time at BSime expressed as arrival time at BS
Classes of Uplink ServiceClasses of Uplink ServiceCharacteristic of the Service FlowCharacteristic of the Service Flow
bullbull Unsolicited Grant Services (UGS)Unsolicited Grant Services (UGS)ndashndash for constant bit-rate (CBR) or CBR-like servicefor constant bit-rate (CBR) or CBR-like service
flows (flows (SFsSFs) such as T1E1) such as T1E1
bullbull Real-time Polling Services (Real-time Polling Services (rtPSrtPS))ndashndash for for rtrt-VBR-like -VBR-like SFsSFs such as MPEG video such as MPEG video
bullbull Non-real-time Polling Services (Non-real-time Polling Services (nrtPSnrtPS))ndashndash for for nrtnrt SFsSFs with better than best effort service with better than best effort service
such as bandwidth-intensive file transfersuch as bandwidth-intensive file transfer
bullbull Best Effort (BE)Best Effort (BE)ndashndash for best-effort trafficfor best-effort traffic
Uplink Services - UGSUplink Services - UGS
bullbull No explicit bandwidth requests issued by SSNo explicit bandwidth requests issued by SS
bullbull Prohibited from using any contention requestsProhibited from using any contention requests
bullbull No No unicast unicast request opportunity providedrequest opportunity provided
bullbull May include a Grant Management (GM) sub-May include a Grant Management (GM) sub-header containingheader containingndashndash Slip indicator indicates that there is an backlog inSlip indicator indicates that there is an backlog in
the buffer due to clock skew or loss of mapsthe buffer due to clock skew or loss of maps
ndashndash Poll-me bit indicates that the terminal needs to bePoll-me bit indicates that the terminal needs to bepolled (allows for not polling terminals with UGS-polled (allows for not polling terminals with UGS-only services)only services)
Uplink Services - Uplink Services - rtPSrtPS
bullbull Intended for Intended for rtrt-VBR-like service flows such as-VBR-like service flows such asMPEG videoMPEG video
bullbull Prohibited from using any contention requestsProhibited from using any contention requestsbullbull Terminals polled frequently enough to meetTerminals polled frequently enough to meet
the delay requirements of the the delay requirements of the SFsSFsbullbull Bandwidth requested with BW requestBandwidth requested with BW request
messages (a special MAC PDU header)messages (a special MAC PDU header)bullbull May use Grant Management sub-headerMay use Grant Management sub-header
ndashndash new request can be piggybacked with eachnew request can be piggybacked with eachtransmitted PDUtransmitted PDU
Uplink Service - Uplink Service - nrtPSnrtPS
bullbull Intended for non-real-time service flows withIntended for non-real-time service flows withbetter than best effort servicebetter than best effort servicendashndash eg bandwidth-intensive file transfer eg bandwidth-intensive file transfer
bullbull Works like Works like rtrt-polling except that polls are-polling except that polls areissued less frequentlyissued less frequently
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
Uplink Service - BEUplink Service - BE
bullbull Generic dataGeneric datandashndash eg HTTP SMTP etceg HTTP SMTP etc
bullbull No QoS guaranteesNo QoS guarantees
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
RequestGrant SchemeRequestGrant Scheme
bullbull Self CorrectingSelf Correctingndashndash No acknowledgementNo acknowledgement
ndashndash All errors are handled in the same way ieAll errors are handled in the same way ieperiodical aggregate requestsperiodical aggregate requests
bullbull Bandwidth Requests are always per ConnectionBandwidth Requests are always per Connection
bullbull Grants are either per Connection (GPC) or perGrants are either per Connection (GPC) or perSubscriber Station (GPSS)Subscriber Station (GPSS)
ndashndash Grants (given as Grants (given as durationsdurations) are carried in the) are carried in theUL-MAP messagesUL-MAP messages
ndashndash SS needs to convert the time to amount of dataSS needs to convert the time to amount of datausing information about the UIUCusing information about the UIUC
GPSS vs GPCGPSS vs GPCbullbull Bandwidth Grant per Subscriber Station (GPSS)Bandwidth Grant per Subscriber Station (GPSS)
ndashndash Base station grants bandwidth to the subscriber stationBase station grants bandwidth to the subscriber stationndashndash Subscriber station may re-distribute bandwidth among itsSubscriber station may re-distribute bandwidth among its
connections maintaining QoS and service-levelconnections maintaining QoS and service-levelagreementsagreements
ndashndash Suitable for many connections per terminal off-loadingSuitable for many connections per terminal off-loadingbase stationrsquos workbase stationrsquos work
ndashndash Allows more sophisticated reaction to QoS needsAllows more sophisticated reaction to QoS needsndashndash Low overhead but requires intelligent subscriber stationLow overhead but requires intelligent subscriber stationndashndash Mandatory for P80216 10-66 GHz PHYMandatory for P80216 10-66 GHz PHY
bullbull Bandwidth Grant per Connection (GPC)Bandwidth Grant per Connection (GPC)ndashndash Base station grants bandwidth to a connectionBase station grants bandwidth to a connectionndashndash Mostly suitable for few users per subscriber stationMostly suitable for few users per subscriber stationndashndash Higher overhead but allows simpler subscriber stationHigher overhead but allows simpler subscriber station
Bandwidth RequestsBandwidth Requestsbullbull Come from the Come from the ConnectionConnection
bullbull Several kinds of requestsSeveral kinds of requestsndashndash Implicit requests (UGS)Implicit requests (UGS)
bullbull No actual messages negotiated at connection setupNo actual messages negotiated at connection setup
ndashndash BW request messagesBW request messagesbullbull Uses the special BW request headerUses the special BW request header
bullbull Requests up to 32 KB with a single messageRequests up to 32 KB with a single message
bullbull Incremental or aggregate as indicated by MAC headerIncremental or aggregate as indicated by MAC header
ndashndash Piggybacked request (for non-UGS services only)Piggybacked request (for non-UGS services only)bullbull Presented in GM sub-header and always incrementalPresented in GM sub-header and always incremental
bullbull Up to 32 KB per request for the CIDUp to 32 KB per request for the CID
ndashndash Poll-Me bit (for UGS services only)Poll-Me bit (for UGS services only)bullbull Used by the SS to request a bandwidth poll for non-UGS servicesUsed by the SS to request a bandwidth poll for non-UGS services
BW Request MessageBW Request Message
Maintaining QoS in GPSSMaintaining QoS in GPSSbullbull Semi-distributed approachSemi-distributed approachbullbull BS sees the requests for each connectionBS sees the requests for each connection
based on this grants bandwidth (BW) to thebased on this grants bandwidth (BW) to theSSsSSs (maintaining QoS and fairness) (maintaining QoS and fairness)
bullbull SS scheduler maintains QoS among itsSS scheduler maintains QoS among itsconnections and is responsible to share theconnections and is responsible to share theBW among the connections (maintaining QoSBW among the connections (maintaining QoSand fairness)and fairness)
bullbull Algorithm in BS and SS can be very differentAlgorithm in BS and SS can be very differentSS may use BW in a way unforeseen by theSS may use BW in a way unforeseen by theBSBS
SS initializationSS initializationbullbull Scan forScan for downlink downlink channel and establish channel and establish
synchronization with the BSsynchronization with the BS
bullbull Obtain transmit parameters (from UCD message)Obtain transmit parameters (from UCD message)
bullbull Perform rangingPerform ranging
bullbull Negotiate basic capabilitiesNegotiate basic capabilities
bullbull Authorize SS and perform key exchangeAuthorize SS and perform key exchange
bullbull Perform registrationPerform registration
bullbull Establish IP connectivityEstablish IP connectivity
bullbull Establish time of dayEstablish time of day
bullbull Transfer operational parametersTransfer operational parameters
bullbull Set up connectionsSet up connections
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
FDD Downlink FDD Downlink SubframeSubframe
TDMA portion transmits data to some half-duplex SSs (the onesscheduled to transmit earlier in the frame than they receive)
bull Need preamble to re-sync (carrier phase)
Baud Rates amp Channel SizeBaud Rates amp Channel Size
(10-66 (10-66 GHzGHz))bullbull Flexible plan - allows equipmentFlexible plan - allows equipment
manufactures to choose according tomanufactures to choose according tospectrum requirementsspectrum requirements
QPSK QPSK 16-QAM16-QAM 64-QAM64-QAMChannelChannel SymbolSymbol Bit Rate Bit Rate Bit Rate Bit Rate Bit RateBit RateWidthWidth RateRate (MHz)(MHz) ((MsymMsyms)s) ((MbitMbits) s) ((MbitMbits)s) ((MbitMbits)s)
2020 1616 3232 6464 969625 25 2020 40 40 80 80 12012028 28 224224 448 448 896 896 13441344
MAC RequirementsMAC Requirementsbullbull Provide Network AccessProvide Network Accessbullbull Address the Address the Wireless Wireless environmentenvironment
ndashndash eg very efficient use of spectrum eg very efficient use of spectrum
bullbull Broadband servicesBroadband servicesndashndash Very high bit rates downlink and uplinkVery high bit rates downlink and uplinkndashndash A range of QoS requirementsA range of QoS requirementsndashndash Ethernet IPv4 IPv6 ATM Ethernet IPv4 IPv6 ATM
bullbull Likelihood of terminal being sharedLikelihood of terminal being sharedndashndash Base Station may be heavily loadedBase Station may be heavily loaded
bullbull SecuritySecuritybullbull Protocol-Independent EngineProtocol-Independent Engine
ndashndash Convergence layers to ATM IP Ethernet Convergence layers to ATM IP Ethernet
bullbull Support both TDD and FDD in the PHYSupport both TDD and FDD in the PHY
80216 MAC Overview80216 MAC Overviewbullbull Point-to-MultipointPoint-to-Multipointbullbull Metropolitan Area NetworkMetropolitan Area Networkbullbull Connection-orientedConnection-orientedbullbull Supports difficult user environmentsSupports difficult user environments
ndashndash High bandwidth hundreds of users per channelHigh bandwidth hundreds of users per channelndashndash Continuous and burst trafficContinuous and burst trafficndashndash Very efficient use of spectrumVery efficient use of spectrum
bullbull Protocol-Independent core (ATM IP Ethernet hellip)Protocol-Independent core (ATM IP Ethernet hellip)bullbull Balances between stability of Balances between stability of contentionlesscontentionless and and
efficiency of contention-based operationefficiency of contention-based operationbullbull Flexible QoS offeringsFlexible QoS offerings
ndashndash CBR CBR rtrt-VBR -VBR nrtnrt-VBR BE with granularity within classes-VBR BE with granularity within classes
bullbull Supports multiple 80216 Supports multiple 80216 PHYsPHYs
Relationship to DOCSISRelationship to DOCSIS
bullbull ManagementManagementndashndash Dynamic service ldquoeditingrdquo protocol (AddChangeDelete)Dynamic service ldquoeditingrdquo protocol (AddChangeDelete)ndashndash Management message payload formatManagement message payload format
bullbull SecuritySecurityndashndash Authentication and PrivacyAuthentication and Privacy
bullbull Polling categoriesPolling categoriesbullbull Initial AccessInitial Access
ndashndash Slightly modified allowing terminal capability negotiationSlightly modified allowing terminal capability negotiation
bullbull Core MAC protocol engine is new design forCore MAC protocol engine is new design forWireless Metropolitan Area NetworksWireless Metropolitan Area Networks
DefinitionsDefinitionsbullbull Service Data Unit (SDU)Service Data Unit (SDU)
ndashndash Data units exchanged between adjacent layersData units exchanged between adjacent layers
bullbull Protocol Data Unit (PDU)Protocol Data Unit (PDU)ndashndash Data units exchanged between peer entitiesData units exchanged between peer entities
bullbull Connection and Connection IDConnection and Connection IDndashndash a unidirectional mapping between MAC peersa unidirectional mapping between MAC peers
over the over the airlinkairlink (uniquely identified by a CID) (uniquely identified by a CID)
bullbull Service Flow and Service Flow IDService Flow and Service Flow IDndashndash a unidirectional flow of MAC a unidirectional flow of MAC PDUsPDUs on a on a
connection that provides a particular QoSconnection that provides a particular QoS(uniquely identified by a SFID)(uniquely identified by a SFID)
ATM Convergence SublayerATM Convergence Sublayer
bullbull Support forSupport forndashndash VP (Virtual Path) switched connectionsVP (Virtual Path) switched connections
ndashndash VC (Virtual Channel) switched connectionsVC (Virtual Channel) switched connections
bullbull Support for end-to-end signaling ofSupport for end-to-end signaling ofdynamically created connectionsdynamically created connectionsndashndash SVCsSVCs
ndashndash soft soft PVCsPVCs
bullbull ATM header suppressionATM header suppression
bullbull Full QoS supportFull QoS support
Packet Convergence SublayerPacket Convergence Sublayer
bullbull Initial support for Ethernet IPv4 and IPv6Initial support for Ethernet IPv4 and IPv6
bullbull Payload header suppressionPayload header suppressionndashndash generic plus IP-specificgeneric plus IP-specific
bullbull Full QoS supportFull QoS support
bullbull Possible future support forPossible future support forndashndash PPPPPP
ndashndash MPLSMPLS
ndashndash etcetc
MAC AddressingMAC Addressing
bullbull SS has 48-bit IEEE MAC AddressSS has 48-bit IEEE MAC Address
bullbull BS has 48-bit Base Station IDBS has 48-bit Base Station IDndashndash Not a MAC addressNot a MAC address
ndashndash 24-bit operator indicator24-bit operator indicator
bullbull 16-bit Connection ID (CID)16-bit Connection ID (CID)ndashndash Used in MAC Used in MAC PDUsPDUs
MAC PDU TransmissionMAC PDU Transmission
bullbull MACMAC PDUs PDUs are transmitted in PHY bursts are transmitted in PHY bursts
bullbull A single PHY burst can contain multipleA single PHY burst can contain multipleConcatenated Concatenated MACMAC PDUs PDUs
bullbull The PHY burst can contain multiple FECThe PHY burst can contain multiple FECblocksblocks
bullbull MAC MAC PDUsPDUs may span FEC block boundaries may span FEC block boundaries
bullbull The TC layer between the MAC and theThe TC layer between the MAC and thePHY allows for capturing the start of the nextPHY allows for capturing the start of the nextMAC PDU in case of erroneous FEC blocksMAC PDU in case of erroneous FEC blocks
MAC PDU TransmissionMAC PDU Transmission
Preamble FEC block
Burst
MAC PDUs PDU 1 PDU 2 PDU 3 PDU 4 PDU 5
FEC 1 FEC 2 FEC 3
MAC PDUs
P
P
MAC Message SDU 1 SDU 2
MAC PDU formatMAC PDU format
bullbull The Generic MAC header has fixed formatThe Generic MAC header has fixed formatbullbull One or more MAC sub-headers may be part of theOne or more MAC sub-headers may be part of the
payloadpayloadbullbull The presence of sub-headers is indicated by a TypeThe presence of sub-headers is indicated by a Type
field in the Generic MAC headerfield in the Generic MAC header
Generic MAC HeaderGeneric MAC Header
FragmentationFragmentationbullbull Partitioning a MAC SDU into fragments transportedPartitioning a MAC SDU into fragments transported
in multiple MACin multiple MAC PDUs PDUs
bullbull Each connection can be in only a singleEach connection can be in only a singlefragmentation state at any timefragmentation state at any time
bullbull Contents of the fragmentation sub-headerContents of the fragmentation sub-header
ndashndash 2-bit Fragmentation Control (FC)2-bit Fragmentation Control (FC)bullbull UnfragmentedUnfragmented Last fragment First fragment Last fragment First fragment
Continuing fragmentContinuing fragment
ndashndash 3-bit Fragmentation Sequence Number (FSN)3-bit Fragmentation Sequence Number (FSN)bullbull required to detect missing continuing fragmentsrequired to detect missing continuing fragments
bullbull continuous counter across continuous counter across SDUsSDUs
PackingPacking
bullbull The process of combining multiple MACThe process of combining multiple MAC SDUs SDUs(or fragments thereof) into a single MAC PDU(or fragments thereof) into a single MAC PDU
bullbull On connections with variable length MAC On connections with variable length MAC SDUsSDUsndashndash Packed PDU contains a sub-header for each packedPacked PDU contains a sub-header for each packed
SDU (or fragment thereof)SDU (or fragment thereof)
bullbull On connections with fixed length MAC On connections with fixed length MAC SDUsSDUsndashndash No packing sub-header neededNo packing sub-header needed
bullbull Packing and fragmentation can be combinedPacking and fragmentation can be combined
bullbull Can in certain situations save up to 10 ofCan in certain situations save up to 10 ofsystem bandwidthsystem bandwidth
Packing Fixed-Length Packing Fixed-Length SDUsSDUs
Packing Variable-Length Packing Variable-Length SDUsSDUs
bullbull2 Byte Packing Sub-Header before each SDU2 Byte Packing Sub-Header before each SDUbullbullLength of the SDU 11 bitsLength of the SDU 11 bitsbullbullfragmentation control (FC) 2 bitsfragmentation control (FC) 2 bitsbullbullfragmentation sequence number (FS) 3 bitsfragmentation sequence number (FS) 3 bits
Packing with FragmentationPacking with Fragmentation
Downlink transmissionsDownlink transmissionsbullbull Two kinds of bursts TDM and TDMATwo kinds of bursts TDM and TDMA
bullbull All bursts are identified by a DIUCAll bursts are identified by a DIUC
ndashndash DownlinkDownlink Interval Usage Code Interval Usage Code
bullbull TDMA bursts haveTDMA bursts have resync resync preamble preamblendashndash allows for more flexible schedulingallows for more flexible scheduling
bullbull Each terminal listens to all bursts at its operationalEach terminal listens to all bursts at its operationalIUC or at a more robust one except when told toIUC or at a more robust one except when told totransmittransmit
bullbull Each burst may contain data for several terminalsEach burst may contain data for several terminals
bullbull SS must recognize the SS must recognize the PDUsPDUs with known CIDs with known CIDs
bullbull DL-MAP message signals downlink usageDL-MAP message signals downlink usage
Downlink Channel DescriptorDownlink Channel Descriptor
bullbull Used for advertising downlink burst profilesUsed for advertising downlink burst profiles
bullbull Burst profile of DL broadcast channel is well-Burst profile of DL broadcast channel is well-knownknown
bullbull All others are acquiredAll others are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the flywithout interrupting the servicewithout interrupting the servicendashndash Not intended as super-adaptive modulationNot intended as super-adaptive modulation
bullbull Establishes association between DIUC andEstablishes association between DIUC andactual PHY parametersactual PHY parameters
Burst profilesBurst profilesbullbull Each burst profile hasEach burst profile has
mandatory exit thresholdmandatory exit thresholdand minimum entryand minimum entrythresholdthreshold
bullbull SS allowed to request a lessSS allowed to request a lessrobust DIUC once above therobust DIUC once above theminimum entry levelminimum entry level
bullbull SS must request fall back toSS must request fall back tomore robust DIUC once atmore robust DIUC once atmandatory exit thresholdmandatory exit threshold
bullbull Requests to change DIUCRequests to change DIUCdone with DBPC-REQ ordone with DBPC-REQ orRNG-REQ messagesRNG-REQ messages
Downlink Map MessageDownlink Map Message
bullbull DL-MAP message defines usage ofDL-MAP message defines usage ofdownlink and contains carrier-specific datadownlink and contains carrier-specific data
bullbull DL-MAP is first message in each frameDL-MAP is first message in each frame
bullbull Decoding very time-criticalDecoding very time-criticalndashndash typically done in hardwaretypically done in hardware
bullbull Entries denote instants when the burstEntries denote instants when the burstprofile changesprofile changes
Uplink TransmissionsUplink Transmissionsbullbull Invited transmissionsInvited transmissions
bullbull Transmissions in contention slotsTransmissions in contention slotsndashndash Bandwidth requestsBandwidth requests
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Transmissions in initial ranging slotsTransmissions in initial ranging slotsndashndash Ranging Requests (RNG-REQ)Ranging Requests (RNG-REQ)
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Bursts defined by Bursts defined by UIUCsUIUCs
bullbull Transmissions allocated by the UL-MAP messageTransmissions allocated by the UL-MAP message
bullbull All transmissions have synchronization preambleAll transmissions have synchronization preamble
bullbull Ideally all data from a single SS is concatenated intoIdeally all data from a single SS is concatenated intoa single PHY bursta single PHY burst
Uplink Channel DescriptorUplink Channel Descriptor
bullbull Defines uplink burst profilesDefines uplink burst profiles
bullbull Sent regularlySent regularly
bullbull All Uplink Burst profiles are acquiredAll Uplink Burst profiles are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the fly
bullbull Establishes association between UIUCEstablishes association between UIUCand actual PHY parametersand actual PHY parameters
Uplink MAP MessageUplink MAP Message
bullbull UL-MAP message defines usage of the uplinkUL-MAP message defines usage of the uplink
bullbull Contains the grantsContains the grants
bullbull Grants addressed to the SSGrants addressed to the SS
bullbull Time given in mini-slotsTime given in mini-slotsndashndash unit ofunit of uplink uplink bandwidth allocation bandwidth allocation
ndashndash 22mm physical slots physical slotsbullbull in 10-66in 10-66 GHz GHz PHY physical slot is 4 symbols PHY physical slot is 4 symbols
bullbull TTime expressed as arrival time at BSime expressed as arrival time at BS
Classes of Uplink ServiceClasses of Uplink ServiceCharacteristic of the Service FlowCharacteristic of the Service Flow
bullbull Unsolicited Grant Services (UGS)Unsolicited Grant Services (UGS)ndashndash for constant bit-rate (CBR) or CBR-like servicefor constant bit-rate (CBR) or CBR-like service
flows (flows (SFsSFs) such as T1E1) such as T1E1
bullbull Real-time Polling Services (Real-time Polling Services (rtPSrtPS))ndashndash for for rtrt-VBR-like -VBR-like SFsSFs such as MPEG video such as MPEG video
bullbull Non-real-time Polling Services (Non-real-time Polling Services (nrtPSnrtPS))ndashndash for for nrtnrt SFsSFs with better than best effort service with better than best effort service
such as bandwidth-intensive file transfersuch as bandwidth-intensive file transfer
bullbull Best Effort (BE)Best Effort (BE)ndashndash for best-effort trafficfor best-effort traffic
Uplink Services - UGSUplink Services - UGS
bullbull No explicit bandwidth requests issued by SSNo explicit bandwidth requests issued by SS
bullbull Prohibited from using any contention requestsProhibited from using any contention requests
bullbull No No unicast unicast request opportunity providedrequest opportunity provided
bullbull May include a Grant Management (GM) sub-May include a Grant Management (GM) sub-header containingheader containingndashndash Slip indicator indicates that there is an backlog inSlip indicator indicates that there is an backlog in
the buffer due to clock skew or loss of mapsthe buffer due to clock skew or loss of maps
ndashndash Poll-me bit indicates that the terminal needs to bePoll-me bit indicates that the terminal needs to bepolled (allows for not polling terminals with UGS-polled (allows for not polling terminals with UGS-only services)only services)
Uplink Services - Uplink Services - rtPSrtPS
bullbull Intended for Intended for rtrt-VBR-like service flows such as-VBR-like service flows such asMPEG videoMPEG video
bullbull Prohibited from using any contention requestsProhibited from using any contention requestsbullbull Terminals polled frequently enough to meetTerminals polled frequently enough to meet
the delay requirements of the the delay requirements of the SFsSFsbullbull Bandwidth requested with BW requestBandwidth requested with BW request
messages (a special MAC PDU header)messages (a special MAC PDU header)bullbull May use Grant Management sub-headerMay use Grant Management sub-header
ndashndash new request can be piggybacked with eachnew request can be piggybacked with eachtransmitted PDUtransmitted PDU
Uplink Service - Uplink Service - nrtPSnrtPS
bullbull Intended for non-real-time service flows withIntended for non-real-time service flows withbetter than best effort servicebetter than best effort servicendashndash eg bandwidth-intensive file transfer eg bandwidth-intensive file transfer
bullbull Works like Works like rtrt-polling except that polls are-polling except that polls areissued less frequentlyissued less frequently
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
Uplink Service - BEUplink Service - BE
bullbull Generic dataGeneric datandashndash eg HTTP SMTP etceg HTTP SMTP etc
bullbull No QoS guaranteesNo QoS guarantees
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
RequestGrant SchemeRequestGrant Scheme
bullbull Self CorrectingSelf Correctingndashndash No acknowledgementNo acknowledgement
ndashndash All errors are handled in the same way ieAll errors are handled in the same way ieperiodical aggregate requestsperiodical aggregate requests
bullbull Bandwidth Requests are always per ConnectionBandwidth Requests are always per Connection
bullbull Grants are either per Connection (GPC) or perGrants are either per Connection (GPC) or perSubscriber Station (GPSS)Subscriber Station (GPSS)
ndashndash Grants (given as Grants (given as durationsdurations) are carried in the) are carried in theUL-MAP messagesUL-MAP messages
ndashndash SS needs to convert the time to amount of dataSS needs to convert the time to amount of datausing information about the UIUCusing information about the UIUC
GPSS vs GPCGPSS vs GPCbullbull Bandwidth Grant per Subscriber Station (GPSS)Bandwidth Grant per Subscriber Station (GPSS)
ndashndash Base station grants bandwidth to the subscriber stationBase station grants bandwidth to the subscriber stationndashndash Subscriber station may re-distribute bandwidth among itsSubscriber station may re-distribute bandwidth among its
connections maintaining QoS and service-levelconnections maintaining QoS and service-levelagreementsagreements
ndashndash Suitable for many connections per terminal off-loadingSuitable for many connections per terminal off-loadingbase stationrsquos workbase stationrsquos work
ndashndash Allows more sophisticated reaction to QoS needsAllows more sophisticated reaction to QoS needsndashndash Low overhead but requires intelligent subscriber stationLow overhead but requires intelligent subscriber stationndashndash Mandatory for P80216 10-66 GHz PHYMandatory for P80216 10-66 GHz PHY
bullbull Bandwidth Grant per Connection (GPC)Bandwidth Grant per Connection (GPC)ndashndash Base station grants bandwidth to a connectionBase station grants bandwidth to a connectionndashndash Mostly suitable for few users per subscriber stationMostly suitable for few users per subscriber stationndashndash Higher overhead but allows simpler subscriber stationHigher overhead but allows simpler subscriber station
Bandwidth RequestsBandwidth Requestsbullbull Come from the Come from the ConnectionConnection
bullbull Several kinds of requestsSeveral kinds of requestsndashndash Implicit requests (UGS)Implicit requests (UGS)
bullbull No actual messages negotiated at connection setupNo actual messages negotiated at connection setup
ndashndash BW request messagesBW request messagesbullbull Uses the special BW request headerUses the special BW request header
bullbull Requests up to 32 KB with a single messageRequests up to 32 KB with a single message
bullbull Incremental or aggregate as indicated by MAC headerIncremental or aggregate as indicated by MAC header
ndashndash Piggybacked request (for non-UGS services only)Piggybacked request (for non-UGS services only)bullbull Presented in GM sub-header and always incrementalPresented in GM sub-header and always incremental
bullbull Up to 32 KB per request for the CIDUp to 32 KB per request for the CID
ndashndash Poll-Me bit (for UGS services only)Poll-Me bit (for UGS services only)bullbull Used by the SS to request a bandwidth poll for non-UGS servicesUsed by the SS to request a bandwidth poll for non-UGS services
BW Request MessageBW Request Message
Maintaining QoS in GPSSMaintaining QoS in GPSSbullbull Semi-distributed approachSemi-distributed approachbullbull BS sees the requests for each connectionBS sees the requests for each connection
based on this grants bandwidth (BW) to thebased on this grants bandwidth (BW) to theSSsSSs (maintaining QoS and fairness) (maintaining QoS and fairness)
bullbull SS scheduler maintains QoS among itsSS scheduler maintains QoS among itsconnections and is responsible to share theconnections and is responsible to share theBW among the connections (maintaining QoSBW among the connections (maintaining QoSand fairness)and fairness)
bullbull Algorithm in BS and SS can be very differentAlgorithm in BS and SS can be very differentSS may use BW in a way unforeseen by theSS may use BW in a way unforeseen by theBSBS
SS initializationSS initializationbullbull Scan forScan for downlink downlink channel and establish channel and establish
synchronization with the BSsynchronization with the BS
bullbull Obtain transmit parameters (from UCD message)Obtain transmit parameters (from UCD message)
bullbull Perform rangingPerform ranging
bullbull Negotiate basic capabilitiesNegotiate basic capabilities
bullbull Authorize SS and perform key exchangeAuthorize SS and perform key exchange
bullbull Perform registrationPerform registration
bullbull Establish IP connectivityEstablish IP connectivity
bullbull Establish time of dayEstablish time of day
bullbull Transfer operational parametersTransfer operational parameters
bullbull Set up connectionsSet up connections
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
Baud Rates amp Channel SizeBaud Rates amp Channel Size
(10-66 (10-66 GHzGHz))bullbull Flexible plan - allows equipmentFlexible plan - allows equipment
manufactures to choose according tomanufactures to choose according tospectrum requirementsspectrum requirements
QPSK QPSK 16-QAM16-QAM 64-QAM64-QAMChannelChannel SymbolSymbol Bit Rate Bit Rate Bit Rate Bit Rate Bit RateBit RateWidthWidth RateRate (MHz)(MHz) ((MsymMsyms)s) ((MbitMbits) s) ((MbitMbits)s) ((MbitMbits)s)
2020 1616 3232 6464 969625 25 2020 40 40 80 80 12012028 28 224224 448 448 896 896 13441344
MAC RequirementsMAC Requirementsbullbull Provide Network AccessProvide Network Accessbullbull Address the Address the Wireless Wireless environmentenvironment
ndashndash eg very efficient use of spectrum eg very efficient use of spectrum
bullbull Broadband servicesBroadband servicesndashndash Very high bit rates downlink and uplinkVery high bit rates downlink and uplinkndashndash A range of QoS requirementsA range of QoS requirementsndashndash Ethernet IPv4 IPv6 ATM Ethernet IPv4 IPv6 ATM
bullbull Likelihood of terminal being sharedLikelihood of terminal being sharedndashndash Base Station may be heavily loadedBase Station may be heavily loaded
bullbull SecuritySecuritybullbull Protocol-Independent EngineProtocol-Independent Engine
ndashndash Convergence layers to ATM IP Ethernet Convergence layers to ATM IP Ethernet
bullbull Support both TDD and FDD in the PHYSupport both TDD and FDD in the PHY
80216 MAC Overview80216 MAC Overviewbullbull Point-to-MultipointPoint-to-Multipointbullbull Metropolitan Area NetworkMetropolitan Area Networkbullbull Connection-orientedConnection-orientedbullbull Supports difficult user environmentsSupports difficult user environments
ndashndash High bandwidth hundreds of users per channelHigh bandwidth hundreds of users per channelndashndash Continuous and burst trafficContinuous and burst trafficndashndash Very efficient use of spectrumVery efficient use of spectrum
bullbull Protocol-Independent core (ATM IP Ethernet hellip)Protocol-Independent core (ATM IP Ethernet hellip)bullbull Balances between stability of Balances between stability of contentionlesscontentionless and and
efficiency of contention-based operationefficiency of contention-based operationbullbull Flexible QoS offeringsFlexible QoS offerings
ndashndash CBR CBR rtrt-VBR -VBR nrtnrt-VBR BE with granularity within classes-VBR BE with granularity within classes
bullbull Supports multiple 80216 Supports multiple 80216 PHYsPHYs
Relationship to DOCSISRelationship to DOCSIS
bullbull ManagementManagementndashndash Dynamic service ldquoeditingrdquo protocol (AddChangeDelete)Dynamic service ldquoeditingrdquo protocol (AddChangeDelete)ndashndash Management message payload formatManagement message payload format
bullbull SecuritySecurityndashndash Authentication and PrivacyAuthentication and Privacy
bullbull Polling categoriesPolling categoriesbullbull Initial AccessInitial Access
ndashndash Slightly modified allowing terminal capability negotiationSlightly modified allowing terminal capability negotiation
bullbull Core MAC protocol engine is new design forCore MAC protocol engine is new design forWireless Metropolitan Area NetworksWireless Metropolitan Area Networks
DefinitionsDefinitionsbullbull Service Data Unit (SDU)Service Data Unit (SDU)
ndashndash Data units exchanged between adjacent layersData units exchanged between adjacent layers
bullbull Protocol Data Unit (PDU)Protocol Data Unit (PDU)ndashndash Data units exchanged between peer entitiesData units exchanged between peer entities
bullbull Connection and Connection IDConnection and Connection IDndashndash a unidirectional mapping between MAC peersa unidirectional mapping between MAC peers
over the over the airlinkairlink (uniquely identified by a CID) (uniquely identified by a CID)
bullbull Service Flow and Service Flow IDService Flow and Service Flow IDndashndash a unidirectional flow of MAC a unidirectional flow of MAC PDUsPDUs on a on a
connection that provides a particular QoSconnection that provides a particular QoS(uniquely identified by a SFID)(uniquely identified by a SFID)
ATM Convergence SublayerATM Convergence Sublayer
bullbull Support forSupport forndashndash VP (Virtual Path) switched connectionsVP (Virtual Path) switched connections
ndashndash VC (Virtual Channel) switched connectionsVC (Virtual Channel) switched connections
bullbull Support for end-to-end signaling ofSupport for end-to-end signaling ofdynamically created connectionsdynamically created connectionsndashndash SVCsSVCs
ndashndash soft soft PVCsPVCs
bullbull ATM header suppressionATM header suppression
bullbull Full QoS supportFull QoS support
Packet Convergence SublayerPacket Convergence Sublayer
bullbull Initial support for Ethernet IPv4 and IPv6Initial support for Ethernet IPv4 and IPv6
bullbull Payload header suppressionPayload header suppressionndashndash generic plus IP-specificgeneric plus IP-specific
bullbull Full QoS supportFull QoS support
bullbull Possible future support forPossible future support forndashndash PPPPPP
ndashndash MPLSMPLS
ndashndash etcetc
MAC AddressingMAC Addressing
bullbull SS has 48-bit IEEE MAC AddressSS has 48-bit IEEE MAC Address
bullbull BS has 48-bit Base Station IDBS has 48-bit Base Station IDndashndash Not a MAC addressNot a MAC address
ndashndash 24-bit operator indicator24-bit operator indicator
bullbull 16-bit Connection ID (CID)16-bit Connection ID (CID)ndashndash Used in MAC Used in MAC PDUsPDUs
MAC PDU TransmissionMAC PDU Transmission
bullbull MACMAC PDUs PDUs are transmitted in PHY bursts are transmitted in PHY bursts
bullbull A single PHY burst can contain multipleA single PHY burst can contain multipleConcatenated Concatenated MACMAC PDUs PDUs
bullbull The PHY burst can contain multiple FECThe PHY burst can contain multiple FECblocksblocks
bullbull MAC MAC PDUsPDUs may span FEC block boundaries may span FEC block boundaries
bullbull The TC layer between the MAC and theThe TC layer between the MAC and thePHY allows for capturing the start of the nextPHY allows for capturing the start of the nextMAC PDU in case of erroneous FEC blocksMAC PDU in case of erroneous FEC blocks
MAC PDU TransmissionMAC PDU Transmission
Preamble FEC block
Burst
MAC PDUs PDU 1 PDU 2 PDU 3 PDU 4 PDU 5
FEC 1 FEC 2 FEC 3
MAC PDUs
P
P
MAC Message SDU 1 SDU 2
MAC PDU formatMAC PDU format
bullbull The Generic MAC header has fixed formatThe Generic MAC header has fixed formatbullbull One or more MAC sub-headers may be part of theOne or more MAC sub-headers may be part of the
payloadpayloadbullbull The presence of sub-headers is indicated by a TypeThe presence of sub-headers is indicated by a Type
field in the Generic MAC headerfield in the Generic MAC header
Generic MAC HeaderGeneric MAC Header
FragmentationFragmentationbullbull Partitioning a MAC SDU into fragments transportedPartitioning a MAC SDU into fragments transported
in multiple MACin multiple MAC PDUs PDUs
bullbull Each connection can be in only a singleEach connection can be in only a singlefragmentation state at any timefragmentation state at any time
bullbull Contents of the fragmentation sub-headerContents of the fragmentation sub-header
ndashndash 2-bit Fragmentation Control (FC)2-bit Fragmentation Control (FC)bullbull UnfragmentedUnfragmented Last fragment First fragment Last fragment First fragment
Continuing fragmentContinuing fragment
ndashndash 3-bit Fragmentation Sequence Number (FSN)3-bit Fragmentation Sequence Number (FSN)bullbull required to detect missing continuing fragmentsrequired to detect missing continuing fragments
bullbull continuous counter across continuous counter across SDUsSDUs
PackingPacking
bullbull The process of combining multiple MACThe process of combining multiple MAC SDUs SDUs(or fragments thereof) into a single MAC PDU(or fragments thereof) into a single MAC PDU
bullbull On connections with variable length MAC On connections with variable length MAC SDUsSDUsndashndash Packed PDU contains a sub-header for each packedPacked PDU contains a sub-header for each packed
SDU (or fragment thereof)SDU (or fragment thereof)
bullbull On connections with fixed length MAC On connections with fixed length MAC SDUsSDUsndashndash No packing sub-header neededNo packing sub-header needed
bullbull Packing and fragmentation can be combinedPacking and fragmentation can be combined
bullbull Can in certain situations save up to 10 ofCan in certain situations save up to 10 ofsystem bandwidthsystem bandwidth
Packing Fixed-Length Packing Fixed-Length SDUsSDUs
Packing Variable-Length Packing Variable-Length SDUsSDUs
bullbull2 Byte Packing Sub-Header before each SDU2 Byte Packing Sub-Header before each SDUbullbullLength of the SDU 11 bitsLength of the SDU 11 bitsbullbullfragmentation control (FC) 2 bitsfragmentation control (FC) 2 bitsbullbullfragmentation sequence number (FS) 3 bitsfragmentation sequence number (FS) 3 bits
Packing with FragmentationPacking with Fragmentation
Downlink transmissionsDownlink transmissionsbullbull Two kinds of bursts TDM and TDMATwo kinds of bursts TDM and TDMA
bullbull All bursts are identified by a DIUCAll bursts are identified by a DIUC
ndashndash DownlinkDownlink Interval Usage Code Interval Usage Code
bullbull TDMA bursts haveTDMA bursts have resync resync preamble preamblendashndash allows for more flexible schedulingallows for more flexible scheduling
bullbull Each terminal listens to all bursts at its operationalEach terminal listens to all bursts at its operationalIUC or at a more robust one except when told toIUC or at a more robust one except when told totransmittransmit
bullbull Each burst may contain data for several terminalsEach burst may contain data for several terminals
bullbull SS must recognize the SS must recognize the PDUsPDUs with known CIDs with known CIDs
bullbull DL-MAP message signals downlink usageDL-MAP message signals downlink usage
Downlink Channel DescriptorDownlink Channel Descriptor
bullbull Used for advertising downlink burst profilesUsed for advertising downlink burst profiles
bullbull Burst profile of DL broadcast channel is well-Burst profile of DL broadcast channel is well-knownknown
bullbull All others are acquiredAll others are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the flywithout interrupting the servicewithout interrupting the servicendashndash Not intended as super-adaptive modulationNot intended as super-adaptive modulation
bullbull Establishes association between DIUC andEstablishes association between DIUC andactual PHY parametersactual PHY parameters
Burst profilesBurst profilesbullbull Each burst profile hasEach burst profile has
mandatory exit thresholdmandatory exit thresholdand minimum entryand minimum entrythresholdthreshold
bullbull SS allowed to request a lessSS allowed to request a lessrobust DIUC once above therobust DIUC once above theminimum entry levelminimum entry level
bullbull SS must request fall back toSS must request fall back tomore robust DIUC once atmore robust DIUC once atmandatory exit thresholdmandatory exit threshold
bullbull Requests to change DIUCRequests to change DIUCdone with DBPC-REQ ordone with DBPC-REQ orRNG-REQ messagesRNG-REQ messages
Downlink Map MessageDownlink Map Message
bullbull DL-MAP message defines usage ofDL-MAP message defines usage ofdownlink and contains carrier-specific datadownlink and contains carrier-specific data
bullbull DL-MAP is first message in each frameDL-MAP is first message in each frame
bullbull Decoding very time-criticalDecoding very time-criticalndashndash typically done in hardwaretypically done in hardware
bullbull Entries denote instants when the burstEntries denote instants when the burstprofile changesprofile changes
Uplink TransmissionsUplink Transmissionsbullbull Invited transmissionsInvited transmissions
bullbull Transmissions in contention slotsTransmissions in contention slotsndashndash Bandwidth requestsBandwidth requests
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Transmissions in initial ranging slotsTransmissions in initial ranging slotsndashndash Ranging Requests (RNG-REQ)Ranging Requests (RNG-REQ)
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Bursts defined by Bursts defined by UIUCsUIUCs
bullbull Transmissions allocated by the UL-MAP messageTransmissions allocated by the UL-MAP message
bullbull All transmissions have synchronization preambleAll transmissions have synchronization preamble
bullbull Ideally all data from a single SS is concatenated intoIdeally all data from a single SS is concatenated intoa single PHY bursta single PHY burst
Uplink Channel DescriptorUplink Channel Descriptor
bullbull Defines uplink burst profilesDefines uplink burst profiles
bullbull Sent regularlySent regularly
bullbull All Uplink Burst profiles are acquiredAll Uplink Burst profiles are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the fly
bullbull Establishes association between UIUCEstablishes association between UIUCand actual PHY parametersand actual PHY parameters
Uplink MAP MessageUplink MAP Message
bullbull UL-MAP message defines usage of the uplinkUL-MAP message defines usage of the uplink
bullbull Contains the grantsContains the grants
bullbull Grants addressed to the SSGrants addressed to the SS
bullbull Time given in mini-slotsTime given in mini-slotsndashndash unit ofunit of uplink uplink bandwidth allocation bandwidth allocation
ndashndash 22mm physical slots physical slotsbullbull in 10-66in 10-66 GHz GHz PHY physical slot is 4 symbols PHY physical slot is 4 symbols
bullbull TTime expressed as arrival time at BSime expressed as arrival time at BS
Classes of Uplink ServiceClasses of Uplink ServiceCharacteristic of the Service FlowCharacteristic of the Service Flow
bullbull Unsolicited Grant Services (UGS)Unsolicited Grant Services (UGS)ndashndash for constant bit-rate (CBR) or CBR-like servicefor constant bit-rate (CBR) or CBR-like service
flows (flows (SFsSFs) such as T1E1) such as T1E1
bullbull Real-time Polling Services (Real-time Polling Services (rtPSrtPS))ndashndash for for rtrt-VBR-like -VBR-like SFsSFs such as MPEG video such as MPEG video
bullbull Non-real-time Polling Services (Non-real-time Polling Services (nrtPSnrtPS))ndashndash for for nrtnrt SFsSFs with better than best effort service with better than best effort service
such as bandwidth-intensive file transfersuch as bandwidth-intensive file transfer
bullbull Best Effort (BE)Best Effort (BE)ndashndash for best-effort trafficfor best-effort traffic
Uplink Services - UGSUplink Services - UGS
bullbull No explicit bandwidth requests issued by SSNo explicit bandwidth requests issued by SS
bullbull Prohibited from using any contention requestsProhibited from using any contention requests
bullbull No No unicast unicast request opportunity providedrequest opportunity provided
bullbull May include a Grant Management (GM) sub-May include a Grant Management (GM) sub-header containingheader containingndashndash Slip indicator indicates that there is an backlog inSlip indicator indicates that there is an backlog in
the buffer due to clock skew or loss of mapsthe buffer due to clock skew or loss of maps
ndashndash Poll-me bit indicates that the terminal needs to bePoll-me bit indicates that the terminal needs to bepolled (allows for not polling terminals with UGS-polled (allows for not polling terminals with UGS-only services)only services)
Uplink Services - Uplink Services - rtPSrtPS
bullbull Intended for Intended for rtrt-VBR-like service flows such as-VBR-like service flows such asMPEG videoMPEG video
bullbull Prohibited from using any contention requestsProhibited from using any contention requestsbullbull Terminals polled frequently enough to meetTerminals polled frequently enough to meet
the delay requirements of the the delay requirements of the SFsSFsbullbull Bandwidth requested with BW requestBandwidth requested with BW request
messages (a special MAC PDU header)messages (a special MAC PDU header)bullbull May use Grant Management sub-headerMay use Grant Management sub-header
ndashndash new request can be piggybacked with eachnew request can be piggybacked with eachtransmitted PDUtransmitted PDU
Uplink Service - Uplink Service - nrtPSnrtPS
bullbull Intended for non-real-time service flows withIntended for non-real-time service flows withbetter than best effort servicebetter than best effort servicendashndash eg bandwidth-intensive file transfer eg bandwidth-intensive file transfer
bullbull Works like Works like rtrt-polling except that polls are-polling except that polls areissued less frequentlyissued less frequently
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
Uplink Service - BEUplink Service - BE
bullbull Generic dataGeneric datandashndash eg HTTP SMTP etceg HTTP SMTP etc
bullbull No QoS guaranteesNo QoS guarantees
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
RequestGrant SchemeRequestGrant Scheme
bullbull Self CorrectingSelf Correctingndashndash No acknowledgementNo acknowledgement
ndashndash All errors are handled in the same way ieAll errors are handled in the same way ieperiodical aggregate requestsperiodical aggregate requests
bullbull Bandwidth Requests are always per ConnectionBandwidth Requests are always per Connection
bullbull Grants are either per Connection (GPC) or perGrants are either per Connection (GPC) or perSubscriber Station (GPSS)Subscriber Station (GPSS)
ndashndash Grants (given as Grants (given as durationsdurations) are carried in the) are carried in theUL-MAP messagesUL-MAP messages
ndashndash SS needs to convert the time to amount of dataSS needs to convert the time to amount of datausing information about the UIUCusing information about the UIUC
GPSS vs GPCGPSS vs GPCbullbull Bandwidth Grant per Subscriber Station (GPSS)Bandwidth Grant per Subscriber Station (GPSS)
ndashndash Base station grants bandwidth to the subscriber stationBase station grants bandwidth to the subscriber stationndashndash Subscriber station may re-distribute bandwidth among itsSubscriber station may re-distribute bandwidth among its
connections maintaining QoS and service-levelconnections maintaining QoS and service-levelagreementsagreements
ndashndash Suitable for many connections per terminal off-loadingSuitable for many connections per terminal off-loadingbase stationrsquos workbase stationrsquos work
ndashndash Allows more sophisticated reaction to QoS needsAllows more sophisticated reaction to QoS needsndashndash Low overhead but requires intelligent subscriber stationLow overhead but requires intelligent subscriber stationndashndash Mandatory for P80216 10-66 GHz PHYMandatory for P80216 10-66 GHz PHY
bullbull Bandwidth Grant per Connection (GPC)Bandwidth Grant per Connection (GPC)ndashndash Base station grants bandwidth to a connectionBase station grants bandwidth to a connectionndashndash Mostly suitable for few users per subscriber stationMostly suitable for few users per subscriber stationndashndash Higher overhead but allows simpler subscriber stationHigher overhead but allows simpler subscriber station
Bandwidth RequestsBandwidth Requestsbullbull Come from the Come from the ConnectionConnection
bullbull Several kinds of requestsSeveral kinds of requestsndashndash Implicit requests (UGS)Implicit requests (UGS)
bullbull No actual messages negotiated at connection setupNo actual messages negotiated at connection setup
ndashndash BW request messagesBW request messagesbullbull Uses the special BW request headerUses the special BW request header
bullbull Requests up to 32 KB with a single messageRequests up to 32 KB with a single message
bullbull Incremental or aggregate as indicated by MAC headerIncremental or aggregate as indicated by MAC header
ndashndash Piggybacked request (for non-UGS services only)Piggybacked request (for non-UGS services only)bullbull Presented in GM sub-header and always incrementalPresented in GM sub-header and always incremental
bullbull Up to 32 KB per request for the CIDUp to 32 KB per request for the CID
ndashndash Poll-Me bit (for UGS services only)Poll-Me bit (for UGS services only)bullbull Used by the SS to request a bandwidth poll for non-UGS servicesUsed by the SS to request a bandwidth poll for non-UGS services
BW Request MessageBW Request Message
Maintaining QoS in GPSSMaintaining QoS in GPSSbullbull Semi-distributed approachSemi-distributed approachbullbull BS sees the requests for each connectionBS sees the requests for each connection
based on this grants bandwidth (BW) to thebased on this grants bandwidth (BW) to theSSsSSs (maintaining QoS and fairness) (maintaining QoS and fairness)
bullbull SS scheduler maintains QoS among itsSS scheduler maintains QoS among itsconnections and is responsible to share theconnections and is responsible to share theBW among the connections (maintaining QoSBW among the connections (maintaining QoSand fairness)and fairness)
bullbull Algorithm in BS and SS can be very differentAlgorithm in BS and SS can be very differentSS may use BW in a way unforeseen by theSS may use BW in a way unforeseen by theBSBS
SS initializationSS initializationbullbull Scan forScan for downlink downlink channel and establish channel and establish
synchronization with the BSsynchronization with the BS
bullbull Obtain transmit parameters (from UCD message)Obtain transmit parameters (from UCD message)
bullbull Perform rangingPerform ranging
bullbull Negotiate basic capabilitiesNegotiate basic capabilities
bullbull Authorize SS and perform key exchangeAuthorize SS and perform key exchange
bullbull Perform registrationPerform registration
bullbull Establish IP connectivityEstablish IP connectivity
bullbull Establish time of dayEstablish time of day
bullbull Transfer operational parametersTransfer operational parameters
bullbull Set up connectionsSet up connections
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
MAC RequirementsMAC Requirementsbullbull Provide Network AccessProvide Network Accessbullbull Address the Address the Wireless Wireless environmentenvironment
ndashndash eg very efficient use of spectrum eg very efficient use of spectrum
bullbull Broadband servicesBroadband servicesndashndash Very high bit rates downlink and uplinkVery high bit rates downlink and uplinkndashndash A range of QoS requirementsA range of QoS requirementsndashndash Ethernet IPv4 IPv6 ATM Ethernet IPv4 IPv6 ATM
bullbull Likelihood of terminal being sharedLikelihood of terminal being sharedndashndash Base Station may be heavily loadedBase Station may be heavily loaded
bullbull SecuritySecuritybullbull Protocol-Independent EngineProtocol-Independent Engine
ndashndash Convergence layers to ATM IP Ethernet Convergence layers to ATM IP Ethernet
bullbull Support both TDD and FDD in the PHYSupport both TDD and FDD in the PHY
80216 MAC Overview80216 MAC Overviewbullbull Point-to-MultipointPoint-to-Multipointbullbull Metropolitan Area NetworkMetropolitan Area Networkbullbull Connection-orientedConnection-orientedbullbull Supports difficult user environmentsSupports difficult user environments
ndashndash High bandwidth hundreds of users per channelHigh bandwidth hundreds of users per channelndashndash Continuous and burst trafficContinuous and burst trafficndashndash Very efficient use of spectrumVery efficient use of spectrum
bullbull Protocol-Independent core (ATM IP Ethernet hellip)Protocol-Independent core (ATM IP Ethernet hellip)bullbull Balances between stability of Balances between stability of contentionlesscontentionless and and
efficiency of contention-based operationefficiency of contention-based operationbullbull Flexible QoS offeringsFlexible QoS offerings
ndashndash CBR CBR rtrt-VBR -VBR nrtnrt-VBR BE with granularity within classes-VBR BE with granularity within classes
bullbull Supports multiple 80216 Supports multiple 80216 PHYsPHYs
Relationship to DOCSISRelationship to DOCSIS
bullbull ManagementManagementndashndash Dynamic service ldquoeditingrdquo protocol (AddChangeDelete)Dynamic service ldquoeditingrdquo protocol (AddChangeDelete)ndashndash Management message payload formatManagement message payload format
bullbull SecuritySecurityndashndash Authentication and PrivacyAuthentication and Privacy
bullbull Polling categoriesPolling categoriesbullbull Initial AccessInitial Access
ndashndash Slightly modified allowing terminal capability negotiationSlightly modified allowing terminal capability negotiation
bullbull Core MAC protocol engine is new design forCore MAC protocol engine is new design forWireless Metropolitan Area NetworksWireless Metropolitan Area Networks
DefinitionsDefinitionsbullbull Service Data Unit (SDU)Service Data Unit (SDU)
ndashndash Data units exchanged between adjacent layersData units exchanged between adjacent layers
bullbull Protocol Data Unit (PDU)Protocol Data Unit (PDU)ndashndash Data units exchanged between peer entitiesData units exchanged between peer entities
bullbull Connection and Connection IDConnection and Connection IDndashndash a unidirectional mapping between MAC peersa unidirectional mapping between MAC peers
over the over the airlinkairlink (uniquely identified by a CID) (uniquely identified by a CID)
bullbull Service Flow and Service Flow IDService Flow and Service Flow IDndashndash a unidirectional flow of MAC a unidirectional flow of MAC PDUsPDUs on a on a
connection that provides a particular QoSconnection that provides a particular QoS(uniquely identified by a SFID)(uniquely identified by a SFID)
ATM Convergence SublayerATM Convergence Sublayer
bullbull Support forSupport forndashndash VP (Virtual Path) switched connectionsVP (Virtual Path) switched connections
ndashndash VC (Virtual Channel) switched connectionsVC (Virtual Channel) switched connections
bullbull Support for end-to-end signaling ofSupport for end-to-end signaling ofdynamically created connectionsdynamically created connectionsndashndash SVCsSVCs
ndashndash soft soft PVCsPVCs
bullbull ATM header suppressionATM header suppression
bullbull Full QoS supportFull QoS support
Packet Convergence SublayerPacket Convergence Sublayer
bullbull Initial support for Ethernet IPv4 and IPv6Initial support for Ethernet IPv4 and IPv6
bullbull Payload header suppressionPayload header suppressionndashndash generic plus IP-specificgeneric plus IP-specific
bullbull Full QoS supportFull QoS support
bullbull Possible future support forPossible future support forndashndash PPPPPP
ndashndash MPLSMPLS
ndashndash etcetc
MAC AddressingMAC Addressing
bullbull SS has 48-bit IEEE MAC AddressSS has 48-bit IEEE MAC Address
bullbull BS has 48-bit Base Station IDBS has 48-bit Base Station IDndashndash Not a MAC addressNot a MAC address
ndashndash 24-bit operator indicator24-bit operator indicator
bullbull 16-bit Connection ID (CID)16-bit Connection ID (CID)ndashndash Used in MAC Used in MAC PDUsPDUs
MAC PDU TransmissionMAC PDU Transmission
bullbull MACMAC PDUs PDUs are transmitted in PHY bursts are transmitted in PHY bursts
bullbull A single PHY burst can contain multipleA single PHY burst can contain multipleConcatenated Concatenated MACMAC PDUs PDUs
bullbull The PHY burst can contain multiple FECThe PHY burst can contain multiple FECblocksblocks
bullbull MAC MAC PDUsPDUs may span FEC block boundaries may span FEC block boundaries
bullbull The TC layer between the MAC and theThe TC layer between the MAC and thePHY allows for capturing the start of the nextPHY allows for capturing the start of the nextMAC PDU in case of erroneous FEC blocksMAC PDU in case of erroneous FEC blocks
MAC PDU TransmissionMAC PDU Transmission
Preamble FEC block
Burst
MAC PDUs PDU 1 PDU 2 PDU 3 PDU 4 PDU 5
FEC 1 FEC 2 FEC 3
MAC PDUs
P
P
MAC Message SDU 1 SDU 2
MAC PDU formatMAC PDU format
bullbull The Generic MAC header has fixed formatThe Generic MAC header has fixed formatbullbull One or more MAC sub-headers may be part of theOne or more MAC sub-headers may be part of the
payloadpayloadbullbull The presence of sub-headers is indicated by a TypeThe presence of sub-headers is indicated by a Type
field in the Generic MAC headerfield in the Generic MAC header
Generic MAC HeaderGeneric MAC Header
FragmentationFragmentationbullbull Partitioning a MAC SDU into fragments transportedPartitioning a MAC SDU into fragments transported
in multiple MACin multiple MAC PDUs PDUs
bullbull Each connection can be in only a singleEach connection can be in only a singlefragmentation state at any timefragmentation state at any time
bullbull Contents of the fragmentation sub-headerContents of the fragmentation sub-header
ndashndash 2-bit Fragmentation Control (FC)2-bit Fragmentation Control (FC)bullbull UnfragmentedUnfragmented Last fragment First fragment Last fragment First fragment
Continuing fragmentContinuing fragment
ndashndash 3-bit Fragmentation Sequence Number (FSN)3-bit Fragmentation Sequence Number (FSN)bullbull required to detect missing continuing fragmentsrequired to detect missing continuing fragments
bullbull continuous counter across continuous counter across SDUsSDUs
PackingPacking
bullbull The process of combining multiple MACThe process of combining multiple MAC SDUs SDUs(or fragments thereof) into a single MAC PDU(or fragments thereof) into a single MAC PDU
bullbull On connections with variable length MAC On connections with variable length MAC SDUsSDUsndashndash Packed PDU contains a sub-header for each packedPacked PDU contains a sub-header for each packed
SDU (or fragment thereof)SDU (or fragment thereof)
bullbull On connections with fixed length MAC On connections with fixed length MAC SDUsSDUsndashndash No packing sub-header neededNo packing sub-header needed
bullbull Packing and fragmentation can be combinedPacking and fragmentation can be combined
bullbull Can in certain situations save up to 10 ofCan in certain situations save up to 10 ofsystem bandwidthsystem bandwidth
Packing Fixed-Length Packing Fixed-Length SDUsSDUs
Packing Variable-Length Packing Variable-Length SDUsSDUs
bullbull2 Byte Packing Sub-Header before each SDU2 Byte Packing Sub-Header before each SDUbullbullLength of the SDU 11 bitsLength of the SDU 11 bitsbullbullfragmentation control (FC) 2 bitsfragmentation control (FC) 2 bitsbullbullfragmentation sequence number (FS) 3 bitsfragmentation sequence number (FS) 3 bits
Packing with FragmentationPacking with Fragmentation
Downlink transmissionsDownlink transmissionsbullbull Two kinds of bursts TDM and TDMATwo kinds of bursts TDM and TDMA
bullbull All bursts are identified by a DIUCAll bursts are identified by a DIUC
ndashndash DownlinkDownlink Interval Usage Code Interval Usage Code
bullbull TDMA bursts haveTDMA bursts have resync resync preamble preamblendashndash allows for more flexible schedulingallows for more flexible scheduling
bullbull Each terminal listens to all bursts at its operationalEach terminal listens to all bursts at its operationalIUC or at a more robust one except when told toIUC or at a more robust one except when told totransmittransmit
bullbull Each burst may contain data for several terminalsEach burst may contain data for several terminals
bullbull SS must recognize the SS must recognize the PDUsPDUs with known CIDs with known CIDs
bullbull DL-MAP message signals downlink usageDL-MAP message signals downlink usage
Downlink Channel DescriptorDownlink Channel Descriptor
bullbull Used for advertising downlink burst profilesUsed for advertising downlink burst profiles
bullbull Burst profile of DL broadcast channel is well-Burst profile of DL broadcast channel is well-knownknown
bullbull All others are acquiredAll others are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the flywithout interrupting the servicewithout interrupting the servicendashndash Not intended as super-adaptive modulationNot intended as super-adaptive modulation
bullbull Establishes association between DIUC andEstablishes association between DIUC andactual PHY parametersactual PHY parameters
Burst profilesBurst profilesbullbull Each burst profile hasEach burst profile has
mandatory exit thresholdmandatory exit thresholdand minimum entryand minimum entrythresholdthreshold
bullbull SS allowed to request a lessSS allowed to request a lessrobust DIUC once above therobust DIUC once above theminimum entry levelminimum entry level
bullbull SS must request fall back toSS must request fall back tomore robust DIUC once atmore robust DIUC once atmandatory exit thresholdmandatory exit threshold
bullbull Requests to change DIUCRequests to change DIUCdone with DBPC-REQ ordone with DBPC-REQ orRNG-REQ messagesRNG-REQ messages
Downlink Map MessageDownlink Map Message
bullbull DL-MAP message defines usage ofDL-MAP message defines usage ofdownlink and contains carrier-specific datadownlink and contains carrier-specific data
bullbull DL-MAP is first message in each frameDL-MAP is first message in each frame
bullbull Decoding very time-criticalDecoding very time-criticalndashndash typically done in hardwaretypically done in hardware
bullbull Entries denote instants when the burstEntries denote instants when the burstprofile changesprofile changes
Uplink TransmissionsUplink Transmissionsbullbull Invited transmissionsInvited transmissions
bullbull Transmissions in contention slotsTransmissions in contention slotsndashndash Bandwidth requestsBandwidth requests
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Transmissions in initial ranging slotsTransmissions in initial ranging slotsndashndash Ranging Requests (RNG-REQ)Ranging Requests (RNG-REQ)
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Bursts defined by Bursts defined by UIUCsUIUCs
bullbull Transmissions allocated by the UL-MAP messageTransmissions allocated by the UL-MAP message
bullbull All transmissions have synchronization preambleAll transmissions have synchronization preamble
bullbull Ideally all data from a single SS is concatenated intoIdeally all data from a single SS is concatenated intoa single PHY bursta single PHY burst
Uplink Channel DescriptorUplink Channel Descriptor
bullbull Defines uplink burst profilesDefines uplink burst profiles
bullbull Sent regularlySent regularly
bullbull All Uplink Burst profiles are acquiredAll Uplink Burst profiles are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the fly
bullbull Establishes association between UIUCEstablishes association between UIUCand actual PHY parametersand actual PHY parameters
Uplink MAP MessageUplink MAP Message
bullbull UL-MAP message defines usage of the uplinkUL-MAP message defines usage of the uplink
bullbull Contains the grantsContains the grants
bullbull Grants addressed to the SSGrants addressed to the SS
bullbull Time given in mini-slotsTime given in mini-slotsndashndash unit ofunit of uplink uplink bandwidth allocation bandwidth allocation
ndashndash 22mm physical slots physical slotsbullbull in 10-66in 10-66 GHz GHz PHY physical slot is 4 symbols PHY physical slot is 4 symbols
bullbull TTime expressed as arrival time at BSime expressed as arrival time at BS
Classes of Uplink ServiceClasses of Uplink ServiceCharacteristic of the Service FlowCharacteristic of the Service Flow
bullbull Unsolicited Grant Services (UGS)Unsolicited Grant Services (UGS)ndashndash for constant bit-rate (CBR) or CBR-like servicefor constant bit-rate (CBR) or CBR-like service
flows (flows (SFsSFs) such as T1E1) such as T1E1
bullbull Real-time Polling Services (Real-time Polling Services (rtPSrtPS))ndashndash for for rtrt-VBR-like -VBR-like SFsSFs such as MPEG video such as MPEG video
bullbull Non-real-time Polling Services (Non-real-time Polling Services (nrtPSnrtPS))ndashndash for for nrtnrt SFsSFs with better than best effort service with better than best effort service
such as bandwidth-intensive file transfersuch as bandwidth-intensive file transfer
bullbull Best Effort (BE)Best Effort (BE)ndashndash for best-effort trafficfor best-effort traffic
Uplink Services - UGSUplink Services - UGS
bullbull No explicit bandwidth requests issued by SSNo explicit bandwidth requests issued by SS
bullbull Prohibited from using any contention requestsProhibited from using any contention requests
bullbull No No unicast unicast request opportunity providedrequest opportunity provided
bullbull May include a Grant Management (GM) sub-May include a Grant Management (GM) sub-header containingheader containingndashndash Slip indicator indicates that there is an backlog inSlip indicator indicates that there is an backlog in
the buffer due to clock skew or loss of mapsthe buffer due to clock skew or loss of maps
ndashndash Poll-me bit indicates that the terminal needs to bePoll-me bit indicates that the terminal needs to bepolled (allows for not polling terminals with UGS-polled (allows for not polling terminals with UGS-only services)only services)
Uplink Services - Uplink Services - rtPSrtPS
bullbull Intended for Intended for rtrt-VBR-like service flows such as-VBR-like service flows such asMPEG videoMPEG video
bullbull Prohibited from using any contention requestsProhibited from using any contention requestsbullbull Terminals polled frequently enough to meetTerminals polled frequently enough to meet
the delay requirements of the the delay requirements of the SFsSFsbullbull Bandwidth requested with BW requestBandwidth requested with BW request
messages (a special MAC PDU header)messages (a special MAC PDU header)bullbull May use Grant Management sub-headerMay use Grant Management sub-header
ndashndash new request can be piggybacked with eachnew request can be piggybacked with eachtransmitted PDUtransmitted PDU
Uplink Service - Uplink Service - nrtPSnrtPS
bullbull Intended for non-real-time service flows withIntended for non-real-time service flows withbetter than best effort servicebetter than best effort servicendashndash eg bandwidth-intensive file transfer eg bandwidth-intensive file transfer
bullbull Works like Works like rtrt-polling except that polls are-polling except that polls areissued less frequentlyissued less frequently
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
Uplink Service - BEUplink Service - BE
bullbull Generic dataGeneric datandashndash eg HTTP SMTP etceg HTTP SMTP etc
bullbull No QoS guaranteesNo QoS guarantees
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
RequestGrant SchemeRequestGrant Scheme
bullbull Self CorrectingSelf Correctingndashndash No acknowledgementNo acknowledgement
ndashndash All errors are handled in the same way ieAll errors are handled in the same way ieperiodical aggregate requestsperiodical aggregate requests
bullbull Bandwidth Requests are always per ConnectionBandwidth Requests are always per Connection
bullbull Grants are either per Connection (GPC) or perGrants are either per Connection (GPC) or perSubscriber Station (GPSS)Subscriber Station (GPSS)
ndashndash Grants (given as Grants (given as durationsdurations) are carried in the) are carried in theUL-MAP messagesUL-MAP messages
ndashndash SS needs to convert the time to amount of dataSS needs to convert the time to amount of datausing information about the UIUCusing information about the UIUC
GPSS vs GPCGPSS vs GPCbullbull Bandwidth Grant per Subscriber Station (GPSS)Bandwidth Grant per Subscriber Station (GPSS)
ndashndash Base station grants bandwidth to the subscriber stationBase station grants bandwidth to the subscriber stationndashndash Subscriber station may re-distribute bandwidth among itsSubscriber station may re-distribute bandwidth among its
connections maintaining QoS and service-levelconnections maintaining QoS and service-levelagreementsagreements
ndashndash Suitable for many connections per terminal off-loadingSuitable for many connections per terminal off-loadingbase stationrsquos workbase stationrsquos work
ndashndash Allows more sophisticated reaction to QoS needsAllows more sophisticated reaction to QoS needsndashndash Low overhead but requires intelligent subscriber stationLow overhead but requires intelligent subscriber stationndashndash Mandatory for P80216 10-66 GHz PHYMandatory for P80216 10-66 GHz PHY
bullbull Bandwidth Grant per Connection (GPC)Bandwidth Grant per Connection (GPC)ndashndash Base station grants bandwidth to a connectionBase station grants bandwidth to a connectionndashndash Mostly suitable for few users per subscriber stationMostly suitable for few users per subscriber stationndashndash Higher overhead but allows simpler subscriber stationHigher overhead but allows simpler subscriber station
Bandwidth RequestsBandwidth Requestsbullbull Come from the Come from the ConnectionConnection
bullbull Several kinds of requestsSeveral kinds of requestsndashndash Implicit requests (UGS)Implicit requests (UGS)
bullbull No actual messages negotiated at connection setupNo actual messages negotiated at connection setup
ndashndash BW request messagesBW request messagesbullbull Uses the special BW request headerUses the special BW request header
bullbull Requests up to 32 KB with a single messageRequests up to 32 KB with a single message
bullbull Incremental or aggregate as indicated by MAC headerIncremental or aggregate as indicated by MAC header
ndashndash Piggybacked request (for non-UGS services only)Piggybacked request (for non-UGS services only)bullbull Presented in GM sub-header and always incrementalPresented in GM sub-header and always incremental
bullbull Up to 32 KB per request for the CIDUp to 32 KB per request for the CID
ndashndash Poll-Me bit (for UGS services only)Poll-Me bit (for UGS services only)bullbull Used by the SS to request a bandwidth poll for non-UGS servicesUsed by the SS to request a bandwidth poll for non-UGS services
BW Request MessageBW Request Message
Maintaining QoS in GPSSMaintaining QoS in GPSSbullbull Semi-distributed approachSemi-distributed approachbullbull BS sees the requests for each connectionBS sees the requests for each connection
based on this grants bandwidth (BW) to thebased on this grants bandwidth (BW) to theSSsSSs (maintaining QoS and fairness) (maintaining QoS and fairness)
bullbull SS scheduler maintains QoS among itsSS scheduler maintains QoS among itsconnections and is responsible to share theconnections and is responsible to share theBW among the connections (maintaining QoSBW among the connections (maintaining QoSand fairness)and fairness)
bullbull Algorithm in BS and SS can be very differentAlgorithm in BS and SS can be very differentSS may use BW in a way unforeseen by theSS may use BW in a way unforeseen by theBSBS
SS initializationSS initializationbullbull Scan forScan for downlink downlink channel and establish channel and establish
synchronization with the BSsynchronization with the BS
bullbull Obtain transmit parameters (from UCD message)Obtain transmit parameters (from UCD message)
bullbull Perform rangingPerform ranging
bullbull Negotiate basic capabilitiesNegotiate basic capabilities
bullbull Authorize SS and perform key exchangeAuthorize SS and perform key exchange
bullbull Perform registrationPerform registration
bullbull Establish IP connectivityEstablish IP connectivity
bullbull Establish time of dayEstablish time of day
bullbull Transfer operational parametersTransfer operational parameters
bullbull Set up connectionsSet up connections
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
80216 MAC Overview80216 MAC Overviewbullbull Point-to-MultipointPoint-to-Multipointbullbull Metropolitan Area NetworkMetropolitan Area Networkbullbull Connection-orientedConnection-orientedbullbull Supports difficult user environmentsSupports difficult user environments
ndashndash High bandwidth hundreds of users per channelHigh bandwidth hundreds of users per channelndashndash Continuous and burst trafficContinuous and burst trafficndashndash Very efficient use of spectrumVery efficient use of spectrum
bullbull Protocol-Independent core (ATM IP Ethernet hellip)Protocol-Independent core (ATM IP Ethernet hellip)bullbull Balances between stability of Balances between stability of contentionlesscontentionless and and
efficiency of contention-based operationefficiency of contention-based operationbullbull Flexible QoS offeringsFlexible QoS offerings
ndashndash CBR CBR rtrt-VBR -VBR nrtnrt-VBR BE with granularity within classes-VBR BE with granularity within classes
bullbull Supports multiple 80216 Supports multiple 80216 PHYsPHYs
Relationship to DOCSISRelationship to DOCSIS
bullbull ManagementManagementndashndash Dynamic service ldquoeditingrdquo protocol (AddChangeDelete)Dynamic service ldquoeditingrdquo protocol (AddChangeDelete)ndashndash Management message payload formatManagement message payload format
bullbull SecuritySecurityndashndash Authentication and PrivacyAuthentication and Privacy
bullbull Polling categoriesPolling categoriesbullbull Initial AccessInitial Access
ndashndash Slightly modified allowing terminal capability negotiationSlightly modified allowing terminal capability negotiation
bullbull Core MAC protocol engine is new design forCore MAC protocol engine is new design forWireless Metropolitan Area NetworksWireless Metropolitan Area Networks
DefinitionsDefinitionsbullbull Service Data Unit (SDU)Service Data Unit (SDU)
ndashndash Data units exchanged between adjacent layersData units exchanged between adjacent layers
bullbull Protocol Data Unit (PDU)Protocol Data Unit (PDU)ndashndash Data units exchanged between peer entitiesData units exchanged between peer entities
bullbull Connection and Connection IDConnection and Connection IDndashndash a unidirectional mapping between MAC peersa unidirectional mapping between MAC peers
over the over the airlinkairlink (uniquely identified by a CID) (uniquely identified by a CID)
bullbull Service Flow and Service Flow IDService Flow and Service Flow IDndashndash a unidirectional flow of MAC a unidirectional flow of MAC PDUsPDUs on a on a
connection that provides a particular QoSconnection that provides a particular QoS(uniquely identified by a SFID)(uniquely identified by a SFID)
ATM Convergence SublayerATM Convergence Sublayer
bullbull Support forSupport forndashndash VP (Virtual Path) switched connectionsVP (Virtual Path) switched connections
ndashndash VC (Virtual Channel) switched connectionsVC (Virtual Channel) switched connections
bullbull Support for end-to-end signaling ofSupport for end-to-end signaling ofdynamically created connectionsdynamically created connectionsndashndash SVCsSVCs
ndashndash soft soft PVCsPVCs
bullbull ATM header suppressionATM header suppression
bullbull Full QoS supportFull QoS support
Packet Convergence SublayerPacket Convergence Sublayer
bullbull Initial support for Ethernet IPv4 and IPv6Initial support for Ethernet IPv4 and IPv6
bullbull Payload header suppressionPayload header suppressionndashndash generic plus IP-specificgeneric plus IP-specific
bullbull Full QoS supportFull QoS support
bullbull Possible future support forPossible future support forndashndash PPPPPP
ndashndash MPLSMPLS
ndashndash etcetc
MAC AddressingMAC Addressing
bullbull SS has 48-bit IEEE MAC AddressSS has 48-bit IEEE MAC Address
bullbull BS has 48-bit Base Station IDBS has 48-bit Base Station IDndashndash Not a MAC addressNot a MAC address
ndashndash 24-bit operator indicator24-bit operator indicator
bullbull 16-bit Connection ID (CID)16-bit Connection ID (CID)ndashndash Used in MAC Used in MAC PDUsPDUs
MAC PDU TransmissionMAC PDU Transmission
bullbull MACMAC PDUs PDUs are transmitted in PHY bursts are transmitted in PHY bursts
bullbull A single PHY burst can contain multipleA single PHY burst can contain multipleConcatenated Concatenated MACMAC PDUs PDUs
bullbull The PHY burst can contain multiple FECThe PHY burst can contain multiple FECblocksblocks
bullbull MAC MAC PDUsPDUs may span FEC block boundaries may span FEC block boundaries
bullbull The TC layer between the MAC and theThe TC layer between the MAC and thePHY allows for capturing the start of the nextPHY allows for capturing the start of the nextMAC PDU in case of erroneous FEC blocksMAC PDU in case of erroneous FEC blocks
MAC PDU TransmissionMAC PDU Transmission
Preamble FEC block
Burst
MAC PDUs PDU 1 PDU 2 PDU 3 PDU 4 PDU 5
FEC 1 FEC 2 FEC 3
MAC PDUs
P
P
MAC Message SDU 1 SDU 2
MAC PDU formatMAC PDU format
bullbull The Generic MAC header has fixed formatThe Generic MAC header has fixed formatbullbull One or more MAC sub-headers may be part of theOne or more MAC sub-headers may be part of the
payloadpayloadbullbull The presence of sub-headers is indicated by a TypeThe presence of sub-headers is indicated by a Type
field in the Generic MAC headerfield in the Generic MAC header
Generic MAC HeaderGeneric MAC Header
FragmentationFragmentationbullbull Partitioning a MAC SDU into fragments transportedPartitioning a MAC SDU into fragments transported
in multiple MACin multiple MAC PDUs PDUs
bullbull Each connection can be in only a singleEach connection can be in only a singlefragmentation state at any timefragmentation state at any time
bullbull Contents of the fragmentation sub-headerContents of the fragmentation sub-header
ndashndash 2-bit Fragmentation Control (FC)2-bit Fragmentation Control (FC)bullbull UnfragmentedUnfragmented Last fragment First fragment Last fragment First fragment
Continuing fragmentContinuing fragment
ndashndash 3-bit Fragmentation Sequence Number (FSN)3-bit Fragmentation Sequence Number (FSN)bullbull required to detect missing continuing fragmentsrequired to detect missing continuing fragments
bullbull continuous counter across continuous counter across SDUsSDUs
PackingPacking
bullbull The process of combining multiple MACThe process of combining multiple MAC SDUs SDUs(or fragments thereof) into a single MAC PDU(or fragments thereof) into a single MAC PDU
bullbull On connections with variable length MAC On connections with variable length MAC SDUsSDUsndashndash Packed PDU contains a sub-header for each packedPacked PDU contains a sub-header for each packed
SDU (or fragment thereof)SDU (or fragment thereof)
bullbull On connections with fixed length MAC On connections with fixed length MAC SDUsSDUsndashndash No packing sub-header neededNo packing sub-header needed
bullbull Packing and fragmentation can be combinedPacking and fragmentation can be combined
bullbull Can in certain situations save up to 10 ofCan in certain situations save up to 10 ofsystem bandwidthsystem bandwidth
Packing Fixed-Length Packing Fixed-Length SDUsSDUs
Packing Variable-Length Packing Variable-Length SDUsSDUs
bullbull2 Byte Packing Sub-Header before each SDU2 Byte Packing Sub-Header before each SDUbullbullLength of the SDU 11 bitsLength of the SDU 11 bitsbullbullfragmentation control (FC) 2 bitsfragmentation control (FC) 2 bitsbullbullfragmentation sequence number (FS) 3 bitsfragmentation sequence number (FS) 3 bits
Packing with FragmentationPacking with Fragmentation
Downlink transmissionsDownlink transmissionsbullbull Two kinds of bursts TDM and TDMATwo kinds of bursts TDM and TDMA
bullbull All bursts are identified by a DIUCAll bursts are identified by a DIUC
ndashndash DownlinkDownlink Interval Usage Code Interval Usage Code
bullbull TDMA bursts haveTDMA bursts have resync resync preamble preamblendashndash allows for more flexible schedulingallows for more flexible scheduling
bullbull Each terminal listens to all bursts at its operationalEach terminal listens to all bursts at its operationalIUC or at a more robust one except when told toIUC or at a more robust one except when told totransmittransmit
bullbull Each burst may contain data for several terminalsEach burst may contain data for several terminals
bullbull SS must recognize the SS must recognize the PDUsPDUs with known CIDs with known CIDs
bullbull DL-MAP message signals downlink usageDL-MAP message signals downlink usage
Downlink Channel DescriptorDownlink Channel Descriptor
bullbull Used for advertising downlink burst profilesUsed for advertising downlink burst profiles
bullbull Burst profile of DL broadcast channel is well-Burst profile of DL broadcast channel is well-knownknown
bullbull All others are acquiredAll others are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the flywithout interrupting the servicewithout interrupting the servicendashndash Not intended as super-adaptive modulationNot intended as super-adaptive modulation
bullbull Establishes association between DIUC andEstablishes association between DIUC andactual PHY parametersactual PHY parameters
Burst profilesBurst profilesbullbull Each burst profile hasEach burst profile has
mandatory exit thresholdmandatory exit thresholdand minimum entryand minimum entrythresholdthreshold
bullbull SS allowed to request a lessSS allowed to request a lessrobust DIUC once above therobust DIUC once above theminimum entry levelminimum entry level
bullbull SS must request fall back toSS must request fall back tomore robust DIUC once atmore robust DIUC once atmandatory exit thresholdmandatory exit threshold
bullbull Requests to change DIUCRequests to change DIUCdone with DBPC-REQ ordone with DBPC-REQ orRNG-REQ messagesRNG-REQ messages
Downlink Map MessageDownlink Map Message
bullbull DL-MAP message defines usage ofDL-MAP message defines usage ofdownlink and contains carrier-specific datadownlink and contains carrier-specific data
bullbull DL-MAP is first message in each frameDL-MAP is first message in each frame
bullbull Decoding very time-criticalDecoding very time-criticalndashndash typically done in hardwaretypically done in hardware
bullbull Entries denote instants when the burstEntries denote instants when the burstprofile changesprofile changes
Uplink TransmissionsUplink Transmissionsbullbull Invited transmissionsInvited transmissions
bullbull Transmissions in contention slotsTransmissions in contention slotsndashndash Bandwidth requestsBandwidth requests
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Transmissions in initial ranging slotsTransmissions in initial ranging slotsndashndash Ranging Requests (RNG-REQ)Ranging Requests (RNG-REQ)
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Bursts defined by Bursts defined by UIUCsUIUCs
bullbull Transmissions allocated by the UL-MAP messageTransmissions allocated by the UL-MAP message
bullbull All transmissions have synchronization preambleAll transmissions have synchronization preamble
bullbull Ideally all data from a single SS is concatenated intoIdeally all data from a single SS is concatenated intoa single PHY bursta single PHY burst
Uplink Channel DescriptorUplink Channel Descriptor
bullbull Defines uplink burst profilesDefines uplink burst profiles
bullbull Sent regularlySent regularly
bullbull All Uplink Burst profiles are acquiredAll Uplink Burst profiles are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the fly
bullbull Establishes association between UIUCEstablishes association between UIUCand actual PHY parametersand actual PHY parameters
Uplink MAP MessageUplink MAP Message
bullbull UL-MAP message defines usage of the uplinkUL-MAP message defines usage of the uplink
bullbull Contains the grantsContains the grants
bullbull Grants addressed to the SSGrants addressed to the SS
bullbull Time given in mini-slotsTime given in mini-slotsndashndash unit ofunit of uplink uplink bandwidth allocation bandwidth allocation
ndashndash 22mm physical slots physical slotsbullbull in 10-66in 10-66 GHz GHz PHY physical slot is 4 symbols PHY physical slot is 4 symbols
bullbull TTime expressed as arrival time at BSime expressed as arrival time at BS
Classes of Uplink ServiceClasses of Uplink ServiceCharacteristic of the Service FlowCharacteristic of the Service Flow
bullbull Unsolicited Grant Services (UGS)Unsolicited Grant Services (UGS)ndashndash for constant bit-rate (CBR) or CBR-like servicefor constant bit-rate (CBR) or CBR-like service
flows (flows (SFsSFs) such as T1E1) such as T1E1
bullbull Real-time Polling Services (Real-time Polling Services (rtPSrtPS))ndashndash for for rtrt-VBR-like -VBR-like SFsSFs such as MPEG video such as MPEG video
bullbull Non-real-time Polling Services (Non-real-time Polling Services (nrtPSnrtPS))ndashndash for for nrtnrt SFsSFs with better than best effort service with better than best effort service
such as bandwidth-intensive file transfersuch as bandwidth-intensive file transfer
bullbull Best Effort (BE)Best Effort (BE)ndashndash for best-effort trafficfor best-effort traffic
Uplink Services - UGSUplink Services - UGS
bullbull No explicit bandwidth requests issued by SSNo explicit bandwidth requests issued by SS
bullbull Prohibited from using any contention requestsProhibited from using any contention requests
bullbull No No unicast unicast request opportunity providedrequest opportunity provided
bullbull May include a Grant Management (GM) sub-May include a Grant Management (GM) sub-header containingheader containingndashndash Slip indicator indicates that there is an backlog inSlip indicator indicates that there is an backlog in
the buffer due to clock skew or loss of mapsthe buffer due to clock skew or loss of maps
ndashndash Poll-me bit indicates that the terminal needs to bePoll-me bit indicates that the terminal needs to bepolled (allows for not polling terminals with UGS-polled (allows for not polling terminals with UGS-only services)only services)
Uplink Services - Uplink Services - rtPSrtPS
bullbull Intended for Intended for rtrt-VBR-like service flows such as-VBR-like service flows such asMPEG videoMPEG video
bullbull Prohibited from using any contention requestsProhibited from using any contention requestsbullbull Terminals polled frequently enough to meetTerminals polled frequently enough to meet
the delay requirements of the the delay requirements of the SFsSFsbullbull Bandwidth requested with BW requestBandwidth requested with BW request
messages (a special MAC PDU header)messages (a special MAC PDU header)bullbull May use Grant Management sub-headerMay use Grant Management sub-header
ndashndash new request can be piggybacked with eachnew request can be piggybacked with eachtransmitted PDUtransmitted PDU
Uplink Service - Uplink Service - nrtPSnrtPS
bullbull Intended for non-real-time service flows withIntended for non-real-time service flows withbetter than best effort servicebetter than best effort servicendashndash eg bandwidth-intensive file transfer eg bandwidth-intensive file transfer
bullbull Works like Works like rtrt-polling except that polls are-polling except that polls areissued less frequentlyissued less frequently
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
Uplink Service - BEUplink Service - BE
bullbull Generic dataGeneric datandashndash eg HTTP SMTP etceg HTTP SMTP etc
bullbull No QoS guaranteesNo QoS guarantees
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
RequestGrant SchemeRequestGrant Scheme
bullbull Self CorrectingSelf Correctingndashndash No acknowledgementNo acknowledgement
ndashndash All errors are handled in the same way ieAll errors are handled in the same way ieperiodical aggregate requestsperiodical aggregate requests
bullbull Bandwidth Requests are always per ConnectionBandwidth Requests are always per Connection
bullbull Grants are either per Connection (GPC) or perGrants are either per Connection (GPC) or perSubscriber Station (GPSS)Subscriber Station (GPSS)
ndashndash Grants (given as Grants (given as durationsdurations) are carried in the) are carried in theUL-MAP messagesUL-MAP messages
ndashndash SS needs to convert the time to amount of dataSS needs to convert the time to amount of datausing information about the UIUCusing information about the UIUC
GPSS vs GPCGPSS vs GPCbullbull Bandwidth Grant per Subscriber Station (GPSS)Bandwidth Grant per Subscriber Station (GPSS)
ndashndash Base station grants bandwidth to the subscriber stationBase station grants bandwidth to the subscriber stationndashndash Subscriber station may re-distribute bandwidth among itsSubscriber station may re-distribute bandwidth among its
connections maintaining QoS and service-levelconnections maintaining QoS and service-levelagreementsagreements
ndashndash Suitable for many connections per terminal off-loadingSuitable for many connections per terminal off-loadingbase stationrsquos workbase stationrsquos work
ndashndash Allows more sophisticated reaction to QoS needsAllows more sophisticated reaction to QoS needsndashndash Low overhead but requires intelligent subscriber stationLow overhead but requires intelligent subscriber stationndashndash Mandatory for P80216 10-66 GHz PHYMandatory for P80216 10-66 GHz PHY
bullbull Bandwidth Grant per Connection (GPC)Bandwidth Grant per Connection (GPC)ndashndash Base station grants bandwidth to a connectionBase station grants bandwidth to a connectionndashndash Mostly suitable for few users per subscriber stationMostly suitable for few users per subscriber stationndashndash Higher overhead but allows simpler subscriber stationHigher overhead but allows simpler subscriber station
Bandwidth RequestsBandwidth Requestsbullbull Come from the Come from the ConnectionConnection
bullbull Several kinds of requestsSeveral kinds of requestsndashndash Implicit requests (UGS)Implicit requests (UGS)
bullbull No actual messages negotiated at connection setupNo actual messages negotiated at connection setup
ndashndash BW request messagesBW request messagesbullbull Uses the special BW request headerUses the special BW request header
bullbull Requests up to 32 KB with a single messageRequests up to 32 KB with a single message
bullbull Incremental or aggregate as indicated by MAC headerIncremental or aggregate as indicated by MAC header
ndashndash Piggybacked request (for non-UGS services only)Piggybacked request (for non-UGS services only)bullbull Presented in GM sub-header and always incrementalPresented in GM sub-header and always incremental
bullbull Up to 32 KB per request for the CIDUp to 32 KB per request for the CID
ndashndash Poll-Me bit (for UGS services only)Poll-Me bit (for UGS services only)bullbull Used by the SS to request a bandwidth poll for non-UGS servicesUsed by the SS to request a bandwidth poll for non-UGS services
BW Request MessageBW Request Message
Maintaining QoS in GPSSMaintaining QoS in GPSSbullbull Semi-distributed approachSemi-distributed approachbullbull BS sees the requests for each connectionBS sees the requests for each connection
based on this grants bandwidth (BW) to thebased on this grants bandwidth (BW) to theSSsSSs (maintaining QoS and fairness) (maintaining QoS and fairness)
bullbull SS scheduler maintains QoS among itsSS scheduler maintains QoS among itsconnections and is responsible to share theconnections and is responsible to share theBW among the connections (maintaining QoSBW among the connections (maintaining QoSand fairness)and fairness)
bullbull Algorithm in BS and SS can be very differentAlgorithm in BS and SS can be very differentSS may use BW in a way unforeseen by theSS may use BW in a way unforeseen by theBSBS
SS initializationSS initializationbullbull Scan forScan for downlink downlink channel and establish channel and establish
synchronization with the BSsynchronization with the BS
bullbull Obtain transmit parameters (from UCD message)Obtain transmit parameters (from UCD message)
bullbull Perform rangingPerform ranging
bullbull Negotiate basic capabilitiesNegotiate basic capabilities
bullbull Authorize SS and perform key exchangeAuthorize SS and perform key exchange
bullbull Perform registrationPerform registration
bullbull Establish IP connectivityEstablish IP connectivity
bullbull Establish time of dayEstablish time of day
bullbull Transfer operational parametersTransfer operational parameters
bullbull Set up connectionsSet up connections
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
Relationship to DOCSISRelationship to DOCSIS
bullbull ManagementManagementndashndash Dynamic service ldquoeditingrdquo protocol (AddChangeDelete)Dynamic service ldquoeditingrdquo protocol (AddChangeDelete)ndashndash Management message payload formatManagement message payload format
bullbull SecuritySecurityndashndash Authentication and PrivacyAuthentication and Privacy
bullbull Polling categoriesPolling categoriesbullbull Initial AccessInitial Access
ndashndash Slightly modified allowing terminal capability negotiationSlightly modified allowing terminal capability negotiation
bullbull Core MAC protocol engine is new design forCore MAC protocol engine is new design forWireless Metropolitan Area NetworksWireless Metropolitan Area Networks
DefinitionsDefinitionsbullbull Service Data Unit (SDU)Service Data Unit (SDU)
ndashndash Data units exchanged between adjacent layersData units exchanged between adjacent layers
bullbull Protocol Data Unit (PDU)Protocol Data Unit (PDU)ndashndash Data units exchanged between peer entitiesData units exchanged between peer entities
bullbull Connection and Connection IDConnection and Connection IDndashndash a unidirectional mapping between MAC peersa unidirectional mapping between MAC peers
over the over the airlinkairlink (uniquely identified by a CID) (uniquely identified by a CID)
bullbull Service Flow and Service Flow IDService Flow and Service Flow IDndashndash a unidirectional flow of MAC a unidirectional flow of MAC PDUsPDUs on a on a
connection that provides a particular QoSconnection that provides a particular QoS(uniquely identified by a SFID)(uniquely identified by a SFID)
ATM Convergence SublayerATM Convergence Sublayer
bullbull Support forSupport forndashndash VP (Virtual Path) switched connectionsVP (Virtual Path) switched connections
ndashndash VC (Virtual Channel) switched connectionsVC (Virtual Channel) switched connections
bullbull Support for end-to-end signaling ofSupport for end-to-end signaling ofdynamically created connectionsdynamically created connectionsndashndash SVCsSVCs
ndashndash soft soft PVCsPVCs
bullbull ATM header suppressionATM header suppression
bullbull Full QoS supportFull QoS support
Packet Convergence SublayerPacket Convergence Sublayer
bullbull Initial support for Ethernet IPv4 and IPv6Initial support for Ethernet IPv4 and IPv6
bullbull Payload header suppressionPayload header suppressionndashndash generic plus IP-specificgeneric plus IP-specific
bullbull Full QoS supportFull QoS support
bullbull Possible future support forPossible future support forndashndash PPPPPP
ndashndash MPLSMPLS
ndashndash etcetc
MAC AddressingMAC Addressing
bullbull SS has 48-bit IEEE MAC AddressSS has 48-bit IEEE MAC Address
bullbull BS has 48-bit Base Station IDBS has 48-bit Base Station IDndashndash Not a MAC addressNot a MAC address
ndashndash 24-bit operator indicator24-bit operator indicator
bullbull 16-bit Connection ID (CID)16-bit Connection ID (CID)ndashndash Used in MAC Used in MAC PDUsPDUs
MAC PDU TransmissionMAC PDU Transmission
bullbull MACMAC PDUs PDUs are transmitted in PHY bursts are transmitted in PHY bursts
bullbull A single PHY burst can contain multipleA single PHY burst can contain multipleConcatenated Concatenated MACMAC PDUs PDUs
bullbull The PHY burst can contain multiple FECThe PHY burst can contain multiple FECblocksblocks
bullbull MAC MAC PDUsPDUs may span FEC block boundaries may span FEC block boundaries
bullbull The TC layer between the MAC and theThe TC layer between the MAC and thePHY allows for capturing the start of the nextPHY allows for capturing the start of the nextMAC PDU in case of erroneous FEC blocksMAC PDU in case of erroneous FEC blocks
MAC PDU TransmissionMAC PDU Transmission
Preamble FEC block
Burst
MAC PDUs PDU 1 PDU 2 PDU 3 PDU 4 PDU 5
FEC 1 FEC 2 FEC 3
MAC PDUs
P
P
MAC Message SDU 1 SDU 2
MAC PDU formatMAC PDU format
bullbull The Generic MAC header has fixed formatThe Generic MAC header has fixed formatbullbull One or more MAC sub-headers may be part of theOne or more MAC sub-headers may be part of the
payloadpayloadbullbull The presence of sub-headers is indicated by a TypeThe presence of sub-headers is indicated by a Type
field in the Generic MAC headerfield in the Generic MAC header
Generic MAC HeaderGeneric MAC Header
FragmentationFragmentationbullbull Partitioning a MAC SDU into fragments transportedPartitioning a MAC SDU into fragments transported
in multiple MACin multiple MAC PDUs PDUs
bullbull Each connection can be in only a singleEach connection can be in only a singlefragmentation state at any timefragmentation state at any time
bullbull Contents of the fragmentation sub-headerContents of the fragmentation sub-header
ndashndash 2-bit Fragmentation Control (FC)2-bit Fragmentation Control (FC)bullbull UnfragmentedUnfragmented Last fragment First fragment Last fragment First fragment
Continuing fragmentContinuing fragment
ndashndash 3-bit Fragmentation Sequence Number (FSN)3-bit Fragmentation Sequence Number (FSN)bullbull required to detect missing continuing fragmentsrequired to detect missing continuing fragments
bullbull continuous counter across continuous counter across SDUsSDUs
PackingPacking
bullbull The process of combining multiple MACThe process of combining multiple MAC SDUs SDUs(or fragments thereof) into a single MAC PDU(or fragments thereof) into a single MAC PDU
bullbull On connections with variable length MAC On connections with variable length MAC SDUsSDUsndashndash Packed PDU contains a sub-header for each packedPacked PDU contains a sub-header for each packed
SDU (or fragment thereof)SDU (or fragment thereof)
bullbull On connections with fixed length MAC On connections with fixed length MAC SDUsSDUsndashndash No packing sub-header neededNo packing sub-header needed
bullbull Packing and fragmentation can be combinedPacking and fragmentation can be combined
bullbull Can in certain situations save up to 10 ofCan in certain situations save up to 10 ofsystem bandwidthsystem bandwidth
Packing Fixed-Length Packing Fixed-Length SDUsSDUs
Packing Variable-Length Packing Variable-Length SDUsSDUs
bullbull2 Byte Packing Sub-Header before each SDU2 Byte Packing Sub-Header before each SDUbullbullLength of the SDU 11 bitsLength of the SDU 11 bitsbullbullfragmentation control (FC) 2 bitsfragmentation control (FC) 2 bitsbullbullfragmentation sequence number (FS) 3 bitsfragmentation sequence number (FS) 3 bits
Packing with FragmentationPacking with Fragmentation
Downlink transmissionsDownlink transmissionsbullbull Two kinds of bursts TDM and TDMATwo kinds of bursts TDM and TDMA
bullbull All bursts are identified by a DIUCAll bursts are identified by a DIUC
ndashndash DownlinkDownlink Interval Usage Code Interval Usage Code
bullbull TDMA bursts haveTDMA bursts have resync resync preamble preamblendashndash allows for more flexible schedulingallows for more flexible scheduling
bullbull Each terminal listens to all bursts at its operationalEach terminal listens to all bursts at its operationalIUC or at a more robust one except when told toIUC or at a more robust one except when told totransmittransmit
bullbull Each burst may contain data for several terminalsEach burst may contain data for several terminals
bullbull SS must recognize the SS must recognize the PDUsPDUs with known CIDs with known CIDs
bullbull DL-MAP message signals downlink usageDL-MAP message signals downlink usage
Downlink Channel DescriptorDownlink Channel Descriptor
bullbull Used for advertising downlink burst profilesUsed for advertising downlink burst profiles
bullbull Burst profile of DL broadcast channel is well-Burst profile of DL broadcast channel is well-knownknown
bullbull All others are acquiredAll others are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the flywithout interrupting the servicewithout interrupting the servicendashndash Not intended as super-adaptive modulationNot intended as super-adaptive modulation
bullbull Establishes association between DIUC andEstablishes association between DIUC andactual PHY parametersactual PHY parameters
Burst profilesBurst profilesbullbull Each burst profile hasEach burst profile has
mandatory exit thresholdmandatory exit thresholdand minimum entryand minimum entrythresholdthreshold
bullbull SS allowed to request a lessSS allowed to request a lessrobust DIUC once above therobust DIUC once above theminimum entry levelminimum entry level
bullbull SS must request fall back toSS must request fall back tomore robust DIUC once atmore robust DIUC once atmandatory exit thresholdmandatory exit threshold
bullbull Requests to change DIUCRequests to change DIUCdone with DBPC-REQ ordone with DBPC-REQ orRNG-REQ messagesRNG-REQ messages
Downlink Map MessageDownlink Map Message
bullbull DL-MAP message defines usage ofDL-MAP message defines usage ofdownlink and contains carrier-specific datadownlink and contains carrier-specific data
bullbull DL-MAP is first message in each frameDL-MAP is first message in each frame
bullbull Decoding very time-criticalDecoding very time-criticalndashndash typically done in hardwaretypically done in hardware
bullbull Entries denote instants when the burstEntries denote instants when the burstprofile changesprofile changes
Uplink TransmissionsUplink Transmissionsbullbull Invited transmissionsInvited transmissions
bullbull Transmissions in contention slotsTransmissions in contention slotsndashndash Bandwidth requestsBandwidth requests
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Transmissions in initial ranging slotsTransmissions in initial ranging slotsndashndash Ranging Requests (RNG-REQ)Ranging Requests (RNG-REQ)
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Bursts defined by Bursts defined by UIUCsUIUCs
bullbull Transmissions allocated by the UL-MAP messageTransmissions allocated by the UL-MAP message
bullbull All transmissions have synchronization preambleAll transmissions have synchronization preamble
bullbull Ideally all data from a single SS is concatenated intoIdeally all data from a single SS is concatenated intoa single PHY bursta single PHY burst
Uplink Channel DescriptorUplink Channel Descriptor
bullbull Defines uplink burst profilesDefines uplink burst profiles
bullbull Sent regularlySent regularly
bullbull All Uplink Burst profiles are acquiredAll Uplink Burst profiles are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the fly
bullbull Establishes association between UIUCEstablishes association between UIUCand actual PHY parametersand actual PHY parameters
Uplink MAP MessageUplink MAP Message
bullbull UL-MAP message defines usage of the uplinkUL-MAP message defines usage of the uplink
bullbull Contains the grantsContains the grants
bullbull Grants addressed to the SSGrants addressed to the SS
bullbull Time given in mini-slotsTime given in mini-slotsndashndash unit ofunit of uplink uplink bandwidth allocation bandwidth allocation
ndashndash 22mm physical slots physical slotsbullbull in 10-66in 10-66 GHz GHz PHY physical slot is 4 symbols PHY physical slot is 4 symbols
bullbull TTime expressed as arrival time at BSime expressed as arrival time at BS
Classes of Uplink ServiceClasses of Uplink ServiceCharacteristic of the Service FlowCharacteristic of the Service Flow
bullbull Unsolicited Grant Services (UGS)Unsolicited Grant Services (UGS)ndashndash for constant bit-rate (CBR) or CBR-like servicefor constant bit-rate (CBR) or CBR-like service
flows (flows (SFsSFs) such as T1E1) such as T1E1
bullbull Real-time Polling Services (Real-time Polling Services (rtPSrtPS))ndashndash for for rtrt-VBR-like -VBR-like SFsSFs such as MPEG video such as MPEG video
bullbull Non-real-time Polling Services (Non-real-time Polling Services (nrtPSnrtPS))ndashndash for for nrtnrt SFsSFs with better than best effort service with better than best effort service
such as bandwidth-intensive file transfersuch as bandwidth-intensive file transfer
bullbull Best Effort (BE)Best Effort (BE)ndashndash for best-effort trafficfor best-effort traffic
Uplink Services - UGSUplink Services - UGS
bullbull No explicit bandwidth requests issued by SSNo explicit bandwidth requests issued by SS
bullbull Prohibited from using any contention requestsProhibited from using any contention requests
bullbull No No unicast unicast request opportunity providedrequest opportunity provided
bullbull May include a Grant Management (GM) sub-May include a Grant Management (GM) sub-header containingheader containingndashndash Slip indicator indicates that there is an backlog inSlip indicator indicates that there is an backlog in
the buffer due to clock skew or loss of mapsthe buffer due to clock skew or loss of maps
ndashndash Poll-me bit indicates that the terminal needs to bePoll-me bit indicates that the terminal needs to bepolled (allows for not polling terminals with UGS-polled (allows for not polling terminals with UGS-only services)only services)
Uplink Services - Uplink Services - rtPSrtPS
bullbull Intended for Intended for rtrt-VBR-like service flows such as-VBR-like service flows such asMPEG videoMPEG video
bullbull Prohibited from using any contention requestsProhibited from using any contention requestsbullbull Terminals polled frequently enough to meetTerminals polled frequently enough to meet
the delay requirements of the the delay requirements of the SFsSFsbullbull Bandwidth requested with BW requestBandwidth requested with BW request
messages (a special MAC PDU header)messages (a special MAC PDU header)bullbull May use Grant Management sub-headerMay use Grant Management sub-header
ndashndash new request can be piggybacked with eachnew request can be piggybacked with eachtransmitted PDUtransmitted PDU
Uplink Service - Uplink Service - nrtPSnrtPS
bullbull Intended for non-real-time service flows withIntended for non-real-time service flows withbetter than best effort servicebetter than best effort servicendashndash eg bandwidth-intensive file transfer eg bandwidth-intensive file transfer
bullbull Works like Works like rtrt-polling except that polls are-polling except that polls areissued less frequentlyissued less frequently
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
Uplink Service - BEUplink Service - BE
bullbull Generic dataGeneric datandashndash eg HTTP SMTP etceg HTTP SMTP etc
bullbull No QoS guaranteesNo QoS guarantees
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
RequestGrant SchemeRequestGrant Scheme
bullbull Self CorrectingSelf Correctingndashndash No acknowledgementNo acknowledgement
ndashndash All errors are handled in the same way ieAll errors are handled in the same way ieperiodical aggregate requestsperiodical aggregate requests
bullbull Bandwidth Requests are always per ConnectionBandwidth Requests are always per Connection
bullbull Grants are either per Connection (GPC) or perGrants are either per Connection (GPC) or perSubscriber Station (GPSS)Subscriber Station (GPSS)
ndashndash Grants (given as Grants (given as durationsdurations) are carried in the) are carried in theUL-MAP messagesUL-MAP messages
ndashndash SS needs to convert the time to amount of dataSS needs to convert the time to amount of datausing information about the UIUCusing information about the UIUC
GPSS vs GPCGPSS vs GPCbullbull Bandwidth Grant per Subscriber Station (GPSS)Bandwidth Grant per Subscriber Station (GPSS)
ndashndash Base station grants bandwidth to the subscriber stationBase station grants bandwidth to the subscriber stationndashndash Subscriber station may re-distribute bandwidth among itsSubscriber station may re-distribute bandwidth among its
connections maintaining QoS and service-levelconnections maintaining QoS and service-levelagreementsagreements
ndashndash Suitable for many connections per terminal off-loadingSuitable for many connections per terminal off-loadingbase stationrsquos workbase stationrsquos work
ndashndash Allows more sophisticated reaction to QoS needsAllows more sophisticated reaction to QoS needsndashndash Low overhead but requires intelligent subscriber stationLow overhead but requires intelligent subscriber stationndashndash Mandatory for P80216 10-66 GHz PHYMandatory for P80216 10-66 GHz PHY
bullbull Bandwidth Grant per Connection (GPC)Bandwidth Grant per Connection (GPC)ndashndash Base station grants bandwidth to a connectionBase station grants bandwidth to a connectionndashndash Mostly suitable for few users per subscriber stationMostly suitable for few users per subscriber stationndashndash Higher overhead but allows simpler subscriber stationHigher overhead but allows simpler subscriber station
Bandwidth RequestsBandwidth Requestsbullbull Come from the Come from the ConnectionConnection
bullbull Several kinds of requestsSeveral kinds of requestsndashndash Implicit requests (UGS)Implicit requests (UGS)
bullbull No actual messages negotiated at connection setupNo actual messages negotiated at connection setup
ndashndash BW request messagesBW request messagesbullbull Uses the special BW request headerUses the special BW request header
bullbull Requests up to 32 KB with a single messageRequests up to 32 KB with a single message
bullbull Incremental or aggregate as indicated by MAC headerIncremental or aggregate as indicated by MAC header
ndashndash Piggybacked request (for non-UGS services only)Piggybacked request (for non-UGS services only)bullbull Presented in GM sub-header and always incrementalPresented in GM sub-header and always incremental
bullbull Up to 32 KB per request for the CIDUp to 32 KB per request for the CID
ndashndash Poll-Me bit (for UGS services only)Poll-Me bit (for UGS services only)bullbull Used by the SS to request a bandwidth poll for non-UGS servicesUsed by the SS to request a bandwidth poll for non-UGS services
BW Request MessageBW Request Message
Maintaining QoS in GPSSMaintaining QoS in GPSSbullbull Semi-distributed approachSemi-distributed approachbullbull BS sees the requests for each connectionBS sees the requests for each connection
based on this grants bandwidth (BW) to thebased on this grants bandwidth (BW) to theSSsSSs (maintaining QoS and fairness) (maintaining QoS and fairness)
bullbull SS scheduler maintains QoS among itsSS scheduler maintains QoS among itsconnections and is responsible to share theconnections and is responsible to share theBW among the connections (maintaining QoSBW among the connections (maintaining QoSand fairness)and fairness)
bullbull Algorithm in BS and SS can be very differentAlgorithm in BS and SS can be very differentSS may use BW in a way unforeseen by theSS may use BW in a way unforeseen by theBSBS
SS initializationSS initializationbullbull Scan forScan for downlink downlink channel and establish channel and establish
synchronization with the BSsynchronization with the BS
bullbull Obtain transmit parameters (from UCD message)Obtain transmit parameters (from UCD message)
bullbull Perform rangingPerform ranging
bullbull Negotiate basic capabilitiesNegotiate basic capabilities
bullbull Authorize SS and perform key exchangeAuthorize SS and perform key exchange
bullbull Perform registrationPerform registration
bullbull Establish IP connectivityEstablish IP connectivity
bullbull Establish time of dayEstablish time of day
bullbull Transfer operational parametersTransfer operational parameters
bullbull Set up connectionsSet up connections
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
DefinitionsDefinitionsbullbull Service Data Unit (SDU)Service Data Unit (SDU)
ndashndash Data units exchanged between adjacent layersData units exchanged between adjacent layers
bullbull Protocol Data Unit (PDU)Protocol Data Unit (PDU)ndashndash Data units exchanged between peer entitiesData units exchanged between peer entities
bullbull Connection and Connection IDConnection and Connection IDndashndash a unidirectional mapping between MAC peersa unidirectional mapping between MAC peers
over the over the airlinkairlink (uniquely identified by a CID) (uniquely identified by a CID)
bullbull Service Flow and Service Flow IDService Flow and Service Flow IDndashndash a unidirectional flow of MAC a unidirectional flow of MAC PDUsPDUs on a on a
connection that provides a particular QoSconnection that provides a particular QoS(uniquely identified by a SFID)(uniquely identified by a SFID)
ATM Convergence SublayerATM Convergence Sublayer
bullbull Support forSupport forndashndash VP (Virtual Path) switched connectionsVP (Virtual Path) switched connections
ndashndash VC (Virtual Channel) switched connectionsVC (Virtual Channel) switched connections
bullbull Support for end-to-end signaling ofSupport for end-to-end signaling ofdynamically created connectionsdynamically created connectionsndashndash SVCsSVCs
ndashndash soft soft PVCsPVCs
bullbull ATM header suppressionATM header suppression
bullbull Full QoS supportFull QoS support
Packet Convergence SublayerPacket Convergence Sublayer
bullbull Initial support for Ethernet IPv4 and IPv6Initial support for Ethernet IPv4 and IPv6
bullbull Payload header suppressionPayload header suppressionndashndash generic plus IP-specificgeneric plus IP-specific
bullbull Full QoS supportFull QoS support
bullbull Possible future support forPossible future support forndashndash PPPPPP
ndashndash MPLSMPLS
ndashndash etcetc
MAC AddressingMAC Addressing
bullbull SS has 48-bit IEEE MAC AddressSS has 48-bit IEEE MAC Address
bullbull BS has 48-bit Base Station IDBS has 48-bit Base Station IDndashndash Not a MAC addressNot a MAC address
ndashndash 24-bit operator indicator24-bit operator indicator
bullbull 16-bit Connection ID (CID)16-bit Connection ID (CID)ndashndash Used in MAC Used in MAC PDUsPDUs
MAC PDU TransmissionMAC PDU Transmission
bullbull MACMAC PDUs PDUs are transmitted in PHY bursts are transmitted in PHY bursts
bullbull A single PHY burst can contain multipleA single PHY burst can contain multipleConcatenated Concatenated MACMAC PDUs PDUs
bullbull The PHY burst can contain multiple FECThe PHY burst can contain multiple FECblocksblocks
bullbull MAC MAC PDUsPDUs may span FEC block boundaries may span FEC block boundaries
bullbull The TC layer between the MAC and theThe TC layer between the MAC and thePHY allows for capturing the start of the nextPHY allows for capturing the start of the nextMAC PDU in case of erroneous FEC blocksMAC PDU in case of erroneous FEC blocks
MAC PDU TransmissionMAC PDU Transmission
Preamble FEC block
Burst
MAC PDUs PDU 1 PDU 2 PDU 3 PDU 4 PDU 5
FEC 1 FEC 2 FEC 3
MAC PDUs
P
P
MAC Message SDU 1 SDU 2
MAC PDU formatMAC PDU format
bullbull The Generic MAC header has fixed formatThe Generic MAC header has fixed formatbullbull One or more MAC sub-headers may be part of theOne or more MAC sub-headers may be part of the
payloadpayloadbullbull The presence of sub-headers is indicated by a TypeThe presence of sub-headers is indicated by a Type
field in the Generic MAC headerfield in the Generic MAC header
Generic MAC HeaderGeneric MAC Header
FragmentationFragmentationbullbull Partitioning a MAC SDU into fragments transportedPartitioning a MAC SDU into fragments transported
in multiple MACin multiple MAC PDUs PDUs
bullbull Each connection can be in only a singleEach connection can be in only a singlefragmentation state at any timefragmentation state at any time
bullbull Contents of the fragmentation sub-headerContents of the fragmentation sub-header
ndashndash 2-bit Fragmentation Control (FC)2-bit Fragmentation Control (FC)bullbull UnfragmentedUnfragmented Last fragment First fragment Last fragment First fragment
Continuing fragmentContinuing fragment
ndashndash 3-bit Fragmentation Sequence Number (FSN)3-bit Fragmentation Sequence Number (FSN)bullbull required to detect missing continuing fragmentsrequired to detect missing continuing fragments
bullbull continuous counter across continuous counter across SDUsSDUs
PackingPacking
bullbull The process of combining multiple MACThe process of combining multiple MAC SDUs SDUs(or fragments thereof) into a single MAC PDU(or fragments thereof) into a single MAC PDU
bullbull On connections with variable length MAC On connections with variable length MAC SDUsSDUsndashndash Packed PDU contains a sub-header for each packedPacked PDU contains a sub-header for each packed
SDU (or fragment thereof)SDU (or fragment thereof)
bullbull On connections with fixed length MAC On connections with fixed length MAC SDUsSDUsndashndash No packing sub-header neededNo packing sub-header needed
bullbull Packing and fragmentation can be combinedPacking and fragmentation can be combined
bullbull Can in certain situations save up to 10 ofCan in certain situations save up to 10 ofsystem bandwidthsystem bandwidth
Packing Fixed-Length Packing Fixed-Length SDUsSDUs
Packing Variable-Length Packing Variable-Length SDUsSDUs
bullbull2 Byte Packing Sub-Header before each SDU2 Byte Packing Sub-Header before each SDUbullbullLength of the SDU 11 bitsLength of the SDU 11 bitsbullbullfragmentation control (FC) 2 bitsfragmentation control (FC) 2 bitsbullbullfragmentation sequence number (FS) 3 bitsfragmentation sequence number (FS) 3 bits
Packing with FragmentationPacking with Fragmentation
Downlink transmissionsDownlink transmissionsbullbull Two kinds of bursts TDM and TDMATwo kinds of bursts TDM and TDMA
bullbull All bursts are identified by a DIUCAll bursts are identified by a DIUC
ndashndash DownlinkDownlink Interval Usage Code Interval Usage Code
bullbull TDMA bursts haveTDMA bursts have resync resync preamble preamblendashndash allows for more flexible schedulingallows for more flexible scheduling
bullbull Each terminal listens to all bursts at its operationalEach terminal listens to all bursts at its operationalIUC or at a more robust one except when told toIUC or at a more robust one except when told totransmittransmit
bullbull Each burst may contain data for several terminalsEach burst may contain data for several terminals
bullbull SS must recognize the SS must recognize the PDUsPDUs with known CIDs with known CIDs
bullbull DL-MAP message signals downlink usageDL-MAP message signals downlink usage
Downlink Channel DescriptorDownlink Channel Descriptor
bullbull Used for advertising downlink burst profilesUsed for advertising downlink burst profiles
bullbull Burst profile of DL broadcast channel is well-Burst profile of DL broadcast channel is well-knownknown
bullbull All others are acquiredAll others are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the flywithout interrupting the servicewithout interrupting the servicendashndash Not intended as super-adaptive modulationNot intended as super-adaptive modulation
bullbull Establishes association between DIUC andEstablishes association between DIUC andactual PHY parametersactual PHY parameters
Burst profilesBurst profilesbullbull Each burst profile hasEach burst profile has
mandatory exit thresholdmandatory exit thresholdand minimum entryand minimum entrythresholdthreshold
bullbull SS allowed to request a lessSS allowed to request a lessrobust DIUC once above therobust DIUC once above theminimum entry levelminimum entry level
bullbull SS must request fall back toSS must request fall back tomore robust DIUC once atmore robust DIUC once atmandatory exit thresholdmandatory exit threshold
bullbull Requests to change DIUCRequests to change DIUCdone with DBPC-REQ ordone with DBPC-REQ orRNG-REQ messagesRNG-REQ messages
Downlink Map MessageDownlink Map Message
bullbull DL-MAP message defines usage ofDL-MAP message defines usage ofdownlink and contains carrier-specific datadownlink and contains carrier-specific data
bullbull DL-MAP is first message in each frameDL-MAP is first message in each frame
bullbull Decoding very time-criticalDecoding very time-criticalndashndash typically done in hardwaretypically done in hardware
bullbull Entries denote instants when the burstEntries denote instants when the burstprofile changesprofile changes
Uplink TransmissionsUplink Transmissionsbullbull Invited transmissionsInvited transmissions
bullbull Transmissions in contention slotsTransmissions in contention slotsndashndash Bandwidth requestsBandwidth requests
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Transmissions in initial ranging slotsTransmissions in initial ranging slotsndashndash Ranging Requests (RNG-REQ)Ranging Requests (RNG-REQ)
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Bursts defined by Bursts defined by UIUCsUIUCs
bullbull Transmissions allocated by the UL-MAP messageTransmissions allocated by the UL-MAP message
bullbull All transmissions have synchronization preambleAll transmissions have synchronization preamble
bullbull Ideally all data from a single SS is concatenated intoIdeally all data from a single SS is concatenated intoa single PHY bursta single PHY burst
Uplink Channel DescriptorUplink Channel Descriptor
bullbull Defines uplink burst profilesDefines uplink burst profiles
bullbull Sent regularlySent regularly
bullbull All Uplink Burst profiles are acquiredAll Uplink Burst profiles are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the fly
bullbull Establishes association between UIUCEstablishes association between UIUCand actual PHY parametersand actual PHY parameters
Uplink MAP MessageUplink MAP Message
bullbull UL-MAP message defines usage of the uplinkUL-MAP message defines usage of the uplink
bullbull Contains the grantsContains the grants
bullbull Grants addressed to the SSGrants addressed to the SS
bullbull Time given in mini-slotsTime given in mini-slotsndashndash unit ofunit of uplink uplink bandwidth allocation bandwidth allocation
ndashndash 22mm physical slots physical slotsbullbull in 10-66in 10-66 GHz GHz PHY physical slot is 4 symbols PHY physical slot is 4 symbols
bullbull TTime expressed as arrival time at BSime expressed as arrival time at BS
Classes of Uplink ServiceClasses of Uplink ServiceCharacteristic of the Service FlowCharacteristic of the Service Flow
bullbull Unsolicited Grant Services (UGS)Unsolicited Grant Services (UGS)ndashndash for constant bit-rate (CBR) or CBR-like servicefor constant bit-rate (CBR) or CBR-like service
flows (flows (SFsSFs) such as T1E1) such as T1E1
bullbull Real-time Polling Services (Real-time Polling Services (rtPSrtPS))ndashndash for for rtrt-VBR-like -VBR-like SFsSFs such as MPEG video such as MPEG video
bullbull Non-real-time Polling Services (Non-real-time Polling Services (nrtPSnrtPS))ndashndash for for nrtnrt SFsSFs with better than best effort service with better than best effort service
such as bandwidth-intensive file transfersuch as bandwidth-intensive file transfer
bullbull Best Effort (BE)Best Effort (BE)ndashndash for best-effort trafficfor best-effort traffic
Uplink Services - UGSUplink Services - UGS
bullbull No explicit bandwidth requests issued by SSNo explicit bandwidth requests issued by SS
bullbull Prohibited from using any contention requestsProhibited from using any contention requests
bullbull No No unicast unicast request opportunity providedrequest opportunity provided
bullbull May include a Grant Management (GM) sub-May include a Grant Management (GM) sub-header containingheader containingndashndash Slip indicator indicates that there is an backlog inSlip indicator indicates that there is an backlog in
the buffer due to clock skew or loss of mapsthe buffer due to clock skew or loss of maps
ndashndash Poll-me bit indicates that the terminal needs to bePoll-me bit indicates that the terminal needs to bepolled (allows for not polling terminals with UGS-polled (allows for not polling terminals with UGS-only services)only services)
Uplink Services - Uplink Services - rtPSrtPS
bullbull Intended for Intended for rtrt-VBR-like service flows such as-VBR-like service flows such asMPEG videoMPEG video
bullbull Prohibited from using any contention requestsProhibited from using any contention requestsbullbull Terminals polled frequently enough to meetTerminals polled frequently enough to meet
the delay requirements of the the delay requirements of the SFsSFsbullbull Bandwidth requested with BW requestBandwidth requested with BW request
messages (a special MAC PDU header)messages (a special MAC PDU header)bullbull May use Grant Management sub-headerMay use Grant Management sub-header
ndashndash new request can be piggybacked with eachnew request can be piggybacked with eachtransmitted PDUtransmitted PDU
Uplink Service - Uplink Service - nrtPSnrtPS
bullbull Intended for non-real-time service flows withIntended for non-real-time service flows withbetter than best effort servicebetter than best effort servicendashndash eg bandwidth-intensive file transfer eg bandwidth-intensive file transfer
bullbull Works like Works like rtrt-polling except that polls are-polling except that polls areissued less frequentlyissued less frequently
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
Uplink Service - BEUplink Service - BE
bullbull Generic dataGeneric datandashndash eg HTTP SMTP etceg HTTP SMTP etc
bullbull No QoS guaranteesNo QoS guarantees
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
RequestGrant SchemeRequestGrant Scheme
bullbull Self CorrectingSelf Correctingndashndash No acknowledgementNo acknowledgement
ndashndash All errors are handled in the same way ieAll errors are handled in the same way ieperiodical aggregate requestsperiodical aggregate requests
bullbull Bandwidth Requests are always per ConnectionBandwidth Requests are always per Connection
bullbull Grants are either per Connection (GPC) or perGrants are either per Connection (GPC) or perSubscriber Station (GPSS)Subscriber Station (GPSS)
ndashndash Grants (given as Grants (given as durationsdurations) are carried in the) are carried in theUL-MAP messagesUL-MAP messages
ndashndash SS needs to convert the time to amount of dataSS needs to convert the time to amount of datausing information about the UIUCusing information about the UIUC
GPSS vs GPCGPSS vs GPCbullbull Bandwidth Grant per Subscriber Station (GPSS)Bandwidth Grant per Subscriber Station (GPSS)
ndashndash Base station grants bandwidth to the subscriber stationBase station grants bandwidth to the subscriber stationndashndash Subscriber station may re-distribute bandwidth among itsSubscriber station may re-distribute bandwidth among its
connections maintaining QoS and service-levelconnections maintaining QoS and service-levelagreementsagreements
ndashndash Suitable for many connections per terminal off-loadingSuitable for many connections per terminal off-loadingbase stationrsquos workbase stationrsquos work
ndashndash Allows more sophisticated reaction to QoS needsAllows more sophisticated reaction to QoS needsndashndash Low overhead but requires intelligent subscriber stationLow overhead but requires intelligent subscriber stationndashndash Mandatory for P80216 10-66 GHz PHYMandatory for P80216 10-66 GHz PHY
bullbull Bandwidth Grant per Connection (GPC)Bandwidth Grant per Connection (GPC)ndashndash Base station grants bandwidth to a connectionBase station grants bandwidth to a connectionndashndash Mostly suitable for few users per subscriber stationMostly suitable for few users per subscriber stationndashndash Higher overhead but allows simpler subscriber stationHigher overhead but allows simpler subscriber station
Bandwidth RequestsBandwidth Requestsbullbull Come from the Come from the ConnectionConnection
bullbull Several kinds of requestsSeveral kinds of requestsndashndash Implicit requests (UGS)Implicit requests (UGS)
bullbull No actual messages negotiated at connection setupNo actual messages negotiated at connection setup
ndashndash BW request messagesBW request messagesbullbull Uses the special BW request headerUses the special BW request header
bullbull Requests up to 32 KB with a single messageRequests up to 32 KB with a single message
bullbull Incremental or aggregate as indicated by MAC headerIncremental or aggregate as indicated by MAC header
ndashndash Piggybacked request (for non-UGS services only)Piggybacked request (for non-UGS services only)bullbull Presented in GM sub-header and always incrementalPresented in GM sub-header and always incremental
bullbull Up to 32 KB per request for the CIDUp to 32 KB per request for the CID
ndashndash Poll-Me bit (for UGS services only)Poll-Me bit (for UGS services only)bullbull Used by the SS to request a bandwidth poll for non-UGS servicesUsed by the SS to request a bandwidth poll for non-UGS services
BW Request MessageBW Request Message
Maintaining QoS in GPSSMaintaining QoS in GPSSbullbull Semi-distributed approachSemi-distributed approachbullbull BS sees the requests for each connectionBS sees the requests for each connection
based on this grants bandwidth (BW) to thebased on this grants bandwidth (BW) to theSSsSSs (maintaining QoS and fairness) (maintaining QoS and fairness)
bullbull SS scheduler maintains QoS among itsSS scheduler maintains QoS among itsconnections and is responsible to share theconnections and is responsible to share theBW among the connections (maintaining QoSBW among the connections (maintaining QoSand fairness)and fairness)
bullbull Algorithm in BS and SS can be very differentAlgorithm in BS and SS can be very differentSS may use BW in a way unforeseen by theSS may use BW in a way unforeseen by theBSBS
SS initializationSS initializationbullbull Scan forScan for downlink downlink channel and establish channel and establish
synchronization with the BSsynchronization with the BS
bullbull Obtain transmit parameters (from UCD message)Obtain transmit parameters (from UCD message)
bullbull Perform rangingPerform ranging
bullbull Negotiate basic capabilitiesNegotiate basic capabilities
bullbull Authorize SS and perform key exchangeAuthorize SS and perform key exchange
bullbull Perform registrationPerform registration
bullbull Establish IP connectivityEstablish IP connectivity
bullbull Establish time of dayEstablish time of day
bullbull Transfer operational parametersTransfer operational parameters
bullbull Set up connectionsSet up connections
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
ATM Convergence SublayerATM Convergence Sublayer
bullbull Support forSupport forndashndash VP (Virtual Path) switched connectionsVP (Virtual Path) switched connections
ndashndash VC (Virtual Channel) switched connectionsVC (Virtual Channel) switched connections
bullbull Support for end-to-end signaling ofSupport for end-to-end signaling ofdynamically created connectionsdynamically created connectionsndashndash SVCsSVCs
ndashndash soft soft PVCsPVCs
bullbull ATM header suppressionATM header suppression
bullbull Full QoS supportFull QoS support
Packet Convergence SublayerPacket Convergence Sublayer
bullbull Initial support for Ethernet IPv4 and IPv6Initial support for Ethernet IPv4 and IPv6
bullbull Payload header suppressionPayload header suppressionndashndash generic plus IP-specificgeneric plus IP-specific
bullbull Full QoS supportFull QoS support
bullbull Possible future support forPossible future support forndashndash PPPPPP
ndashndash MPLSMPLS
ndashndash etcetc
MAC AddressingMAC Addressing
bullbull SS has 48-bit IEEE MAC AddressSS has 48-bit IEEE MAC Address
bullbull BS has 48-bit Base Station IDBS has 48-bit Base Station IDndashndash Not a MAC addressNot a MAC address
ndashndash 24-bit operator indicator24-bit operator indicator
bullbull 16-bit Connection ID (CID)16-bit Connection ID (CID)ndashndash Used in MAC Used in MAC PDUsPDUs
MAC PDU TransmissionMAC PDU Transmission
bullbull MACMAC PDUs PDUs are transmitted in PHY bursts are transmitted in PHY bursts
bullbull A single PHY burst can contain multipleA single PHY burst can contain multipleConcatenated Concatenated MACMAC PDUs PDUs
bullbull The PHY burst can contain multiple FECThe PHY burst can contain multiple FECblocksblocks
bullbull MAC MAC PDUsPDUs may span FEC block boundaries may span FEC block boundaries
bullbull The TC layer between the MAC and theThe TC layer between the MAC and thePHY allows for capturing the start of the nextPHY allows for capturing the start of the nextMAC PDU in case of erroneous FEC blocksMAC PDU in case of erroneous FEC blocks
MAC PDU TransmissionMAC PDU Transmission
Preamble FEC block
Burst
MAC PDUs PDU 1 PDU 2 PDU 3 PDU 4 PDU 5
FEC 1 FEC 2 FEC 3
MAC PDUs
P
P
MAC Message SDU 1 SDU 2
MAC PDU formatMAC PDU format
bullbull The Generic MAC header has fixed formatThe Generic MAC header has fixed formatbullbull One or more MAC sub-headers may be part of theOne or more MAC sub-headers may be part of the
payloadpayloadbullbull The presence of sub-headers is indicated by a TypeThe presence of sub-headers is indicated by a Type
field in the Generic MAC headerfield in the Generic MAC header
Generic MAC HeaderGeneric MAC Header
FragmentationFragmentationbullbull Partitioning a MAC SDU into fragments transportedPartitioning a MAC SDU into fragments transported
in multiple MACin multiple MAC PDUs PDUs
bullbull Each connection can be in only a singleEach connection can be in only a singlefragmentation state at any timefragmentation state at any time
bullbull Contents of the fragmentation sub-headerContents of the fragmentation sub-header
ndashndash 2-bit Fragmentation Control (FC)2-bit Fragmentation Control (FC)bullbull UnfragmentedUnfragmented Last fragment First fragment Last fragment First fragment
Continuing fragmentContinuing fragment
ndashndash 3-bit Fragmentation Sequence Number (FSN)3-bit Fragmentation Sequence Number (FSN)bullbull required to detect missing continuing fragmentsrequired to detect missing continuing fragments
bullbull continuous counter across continuous counter across SDUsSDUs
PackingPacking
bullbull The process of combining multiple MACThe process of combining multiple MAC SDUs SDUs(or fragments thereof) into a single MAC PDU(or fragments thereof) into a single MAC PDU
bullbull On connections with variable length MAC On connections with variable length MAC SDUsSDUsndashndash Packed PDU contains a sub-header for each packedPacked PDU contains a sub-header for each packed
SDU (or fragment thereof)SDU (or fragment thereof)
bullbull On connections with fixed length MAC On connections with fixed length MAC SDUsSDUsndashndash No packing sub-header neededNo packing sub-header needed
bullbull Packing and fragmentation can be combinedPacking and fragmentation can be combined
bullbull Can in certain situations save up to 10 ofCan in certain situations save up to 10 ofsystem bandwidthsystem bandwidth
Packing Fixed-Length Packing Fixed-Length SDUsSDUs
Packing Variable-Length Packing Variable-Length SDUsSDUs
bullbull2 Byte Packing Sub-Header before each SDU2 Byte Packing Sub-Header before each SDUbullbullLength of the SDU 11 bitsLength of the SDU 11 bitsbullbullfragmentation control (FC) 2 bitsfragmentation control (FC) 2 bitsbullbullfragmentation sequence number (FS) 3 bitsfragmentation sequence number (FS) 3 bits
Packing with FragmentationPacking with Fragmentation
Downlink transmissionsDownlink transmissionsbullbull Two kinds of bursts TDM and TDMATwo kinds of bursts TDM and TDMA
bullbull All bursts are identified by a DIUCAll bursts are identified by a DIUC
ndashndash DownlinkDownlink Interval Usage Code Interval Usage Code
bullbull TDMA bursts haveTDMA bursts have resync resync preamble preamblendashndash allows for more flexible schedulingallows for more flexible scheduling
bullbull Each terminal listens to all bursts at its operationalEach terminal listens to all bursts at its operationalIUC or at a more robust one except when told toIUC or at a more robust one except when told totransmittransmit
bullbull Each burst may contain data for several terminalsEach burst may contain data for several terminals
bullbull SS must recognize the SS must recognize the PDUsPDUs with known CIDs with known CIDs
bullbull DL-MAP message signals downlink usageDL-MAP message signals downlink usage
Downlink Channel DescriptorDownlink Channel Descriptor
bullbull Used for advertising downlink burst profilesUsed for advertising downlink burst profiles
bullbull Burst profile of DL broadcast channel is well-Burst profile of DL broadcast channel is well-knownknown
bullbull All others are acquiredAll others are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the flywithout interrupting the servicewithout interrupting the servicendashndash Not intended as super-adaptive modulationNot intended as super-adaptive modulation
bullbull Establishes association between DIUC andEstablishes association between DIUC andactual PHY parametersactual PHY parameters
Burst profilesBurst profilesbullbull Each burst profile hasEach burst profile has
mandatory exit thresholdmandatory exit thresholdand minimum entryand minimum entrythresholdthreshold
bullbull SS allowed to request a lessSS allowed to request a lessrobust DIUC once above therobust DIUC once above theminimum entry levelminimum entry level
bullbull SS must request fall back toSS must request fall back tomore robust DIUC once atmore robust DIUC once atmandatory exit thresholdmandatory exit threshold
bullbull Requests to change DIUCRequests to change DIUCdone with DBPC-REQ ordone with DBPC-REQ orRNG-REQ messagesRNG-REQ messages
Downlink Map MessageDownlink Map Message
bullbull DL-MAP message defines usage ofDL-MAP message defines usage ofdownlink and contains carrier-specific datadownlink and contains carrier-specific data
bullbull DL-MAP is first message in each frameDL-MAP is first message in each frame
bullbull Decoding very time-criticalDecoding very time-criticalndashndash typically done in hardwaretypically done in hardware
bullbull Entries denote instants when the burstEntries denote instants when the burstprofile changesprofile changes
Uplink TransmissionsUplink Transmissionsbullbull Invited transmissionsInvited transmissions
bullbull Transmissions in contention slotsTransmissions in contention slotsndashndash Bandwidth requestsBandwidth requests
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Transmissions in initial ranging slotsTransmissions in initial ranging slotsndashndash Ranging Requests (RNG-REQ)Ranging Requests (RNG-REQ)
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Bursts defined by Bursts defined by UIUCsUIUCs
bullbull Transmissions allocated by the UL-MAP messageTransmissions allocated by the UL-MAP message
bullbull All transmissions have synchronization preambleAll transmissions have synchronization preamble
bullbull Ideally all data from a single SS is concatenated intoIdeally all data from a single SS is concatenated intoa single PHY bursta single PHY burst
Uplink Channel DescriptorUplink Channel Descriptor
bullbull Defines uplink burst profilesDefines uplink burst profiles
bullbull Sent regularlySent regularly
bullbull All Uplink Burst profiles are acquiredAll Uplink Burst profiles are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the fly
bullbull Establishes association between UIUCEstablishes association between UIUCand actual PHY parametersand actual PHY parameters
Uplink MAP MessageUplink MAP Message
bullbull UL-MAP message defines usage of the uplinkUL-MAP message defines usage of the uplink
bullbull Contains the grantsContains the grants
bullbull Grants addressed to the SSGrants addressed to the SS
bullbull Time given in mini-slotsTime given in mini-slotsndashndash unit ofunit of uplink uplink bandwidth allocation bandwidth allocation
ndashndash 22mm physical slots physical slotsbullbull in 10-66in 10-66 GHz GHz PHY physical slot is 4 symbols PHY physical slot is 4 symbols
bullbull TTime expressed as arrival time at BSime expressed as arrival time at BS
Classes of Uplink ServiceClasses of Uplink ServiceCharacteristic of the Service FlowCharacteristic of the Service Flow
bullbull Unsolicited Grant Services (UGS)Unsolicited Grant Services (UGS)ndashndash for constant bit-rate (CBR) or CBR-like servicefor constant bit-rate (CBR) or CBR-like service
flows (flows (SFsSFs) such as T1E1) such as T1E1
bullbull Real-time Polling Services (Real-time Polling Services (rtPSrtPS))ndashndash for for rtrt-VBR-like -VBR-like SFsSFs such as MPEG video such as MPEG video
bullbull Non-real-time Polling Services (Non-real-time Polling Services (nrtPSnrtPS))ndashndash for for nrtnrt SFsSFs with better than best effort service with better than best effort service
such as bandwidth-intensive file transfersuch as bandwidth-intensive file transfer
bullbull Best Effort (BE)Best Effort (BE)ndashndash for best-effort trafficfor best-effort traffic
Uplink Services - UGSUplink Services - UGS
bullbull No explicit bandwidth requests issued by SSNo explicit bandwidth requests issued by SS
bullbull Prohibited from using any contention requestsProhibited from using any contention requests
bullbull No No unicast unicast request opportunity providedrequest opportunity provided
bullbull May include a Grant Management (GM) sub-May include a Grant Management (GM) sub-header containingheader containingndashndash Slip indicator indicates that there is an backlog inSlip indicator indicates that there is an backlog in
the buffer due to clock skew or loss of mapsthe buffer due to clock skew or loss of maps
ndashndash Poll-me bit indicates that the terminal needs to bePoll-me bit indicates that the terminal needs to bepolled (allows for not polling terminals with UGS-polled (allows for not polling terminals with UGS-only services)only services)
Uplink Services - Uplink Services - rtPSrtPS
bullbull Intended for Intended for rtrt-VBR-like service flows such as-VBR-like service flows such asMPEG videoMPEG video
bullbull Prohibited from using any contention requestsProhibited from using any contention requestsbullbull Terminals polled frequently enough to meetTerminals polled frequently enough to meet
the delay requirements of the the delay requirements of the SFsSFsbullbull Bandwidth requested with BW requestBandwidth requested with BW request
messages (a special MAC PDU header)messages (a special MAC PDU header)bullbull May use Grant Management sub-headerMay use Grant Management sub-header
ndashndash new request can be piggybacked with eachnew request can be piggybacked with eachtransmitted PDUtransmitted PDU
Uplink Service - Uplink Service - nrtPSnrtPS
bullbull Intended for non-real-time service flows withIntended for non-real-time service flows withbetter than best effort servicebetter than best effort servicendashndash eg bandwidth-intensive file transfer eg bandwidth-intensive file transfer
bullbull Works like Works like rtrt-polling except that polls are-polling except that polls areissued less frequentlyissued less frequently
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
Uplink Service - BEUplink Service - BE
bullbull Generic dataGeneric datandashndash eg HTTP SMTP etceg HTTP SMTP etc
bullbull No QoS guaranteesNo QoS guarantees
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
RequestGrant SchemeRequestGrant Scheme
bullbull Self CorrectingSelf Correctingndashndash No acknowledgementNo acknowledgement
ndashndash All errors are handled in the same way ieAll errors are handled in the same way ieperiodical aggregate requestsperiodical aggregate requests
bullbull Bandwidth Requests are always per ConnectionBandwidth Requests are always per Connection
bullbull Grants are either per Connection (GPC) or perGrants are either per Connection (GPC) or perSubscriber Station (GPSS)Subscriber Station (GPSS)
ndashndash Grants (given as Grants (given as durationsdurations) are carried in the) are carried in theUL-MAP messagesUL-MAP messages
ndashndash SS needs to convert the time to amount of dataSS needs to convert the time to amount of datausing information about the UIUCusing information about the UIUC
GPSS vs GPCGPSS vs GPCbullbull Bandwidth Grant per Subscriber Station (GPSS)Bandwidth Grant per Subscriber Station (GPSS)
ndashndash Base station grants bandwidth to the subscriber stationBase station grants bandwidth to the subscriber stationndashndash Subscriber station may re-distribute bandwidth among itsSubscriber station may re-distribute bandwidth among its
connections maintaining QoS and service-levelconnections maintaining QoS and service-levelagreementsagreements
ndashndash Suitable for many connections per terminal off-loadingSuitable for many connections per terminal off-loadingbase stationrsquos workbase stationrsquos work
ndashndash Allows more sophisticated reaction to QoS needsAllows more sophisticated reaction to QoS needsndashndash Low overhead but requires intelligent subscriber stationLow overhead but requires intelligent subscriber stationndashndash Mandatory for P80216 10-66 GHz PHYMandatory for P80216 10-66 GHz PHY
bullbull Bandwidth Grant per Connection (GPC)Bandwidth Grant per Connection (GPC)ndashndash Base station grants bandwidth to a connectionBase station grants bandwidth to a connectionndashndash Mostly suitable for few users per subscriber stationMostly suitable for few users per subscriber stationndashndash Higher overhead but allows simpler subscriber stationHigher overhead but allows simpler subscriber station
Bandwidth RequestsBandwidth Requestsbullbull Come from the Come from the ConnectionConnection
bullbull Several kinds of requestsSeveral kinds of requestsndashndash Implicit requests (UGS)Implicit requests (UGS)
bullbull No actual messages negotiated at connection setupNo actual messages negotiated at connection setup
ndashndash BW request messagesBW request messagesbullbull Uses the special BW request headerUses the special BW request header
bullbull Requests up to 32 KB with a single messageRequests up to 32 KB with a single message
bullbull Incremental or aggregate as indicated by MAC headerIncremental or aggregate as indicated by MAC header
ndashndash Piggybacked request (for non-UGS services only)Piggybacked request (for non-UGS services only)bullbull Presented in GM sub-header and always incrementalPresented in GM sub-header and always incremental
bullbull Up to 32 KB per request for the CIDUp to 32 KB per request for the CID
ndashndash Poll-Me bit (for UGS services only)Poll-Me bit (for UGS services only)bullbull Used by the SS to request a bandwidth poll for non-UGS servicesUsed by the SS to request a bandwidth poll for non-UGS services
BW Request MessageBW Request Message
Maintaining QoS in GPSSMaintaining QoS in GPSSbullbull Semi-distributed approachSemi-distributed approachbullbull BS sees the requests for each connectionBS sees the requests for each connection
based on this grants bandwidth (BW) to thebased on this grants bandwidth (BW) to theSSsSSs (maintaining QoS and fairness) (maintaining QoS and fairness)
bullbull SS scheduler maintains QoS among itsSS scheduler maintains QoS among itsconnections and is responsible to share theconnections and is responsible to share theBW among the connections (maintaining QoSBW among the connections (maintaining QoSand fairness)and fairness)
bullbull Algorithm in BS and SS can be very differentAlgorithm in BS and SS can be very differentSS may use BW in a way unforeseen by theSS may use BW in a way unforeseen by theBSBS
SS initializationSS initializationbullbull Scan forScan for downlink downlink channel and establish channel and establish
synchronization with the BSsynchronization with the BS
bullbull Obtain transmit parameters (from UCD message)Obtain transmit parameters (from UCD message)
bullbull Perform rangingPerform ranging
bullbull Negotiate basic capabilitiesNegotiate basic capabilities
bullbull Authorize SS and perform key exchangeAuthorize SS and perform key exchange
bullbull Perform registrationPerform registration
bullbull Establish IP connectivityEstablish IP connectivity
bullbull Establish time of dayEstablish time of day
bullbull Transfer operational parametersTransfer operational parameters
bullbull Set up connectionsSet up connections
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
Packet Convergence SublayerPacket Convergence Sublayer
bullbull Initial support for Ethernet IPv4 and IPv6Initial support for Ethernet IPv4 and IPv6
bullbull Payload header suppressionPayload header suppressionndashndash generic plus IP-specificgeneric plus IP-specific
bullbull Full QoS supportFull QoS support
bullbull Possible future support forPossible future support forndashndash PPPPPP
ndashndash MPLSMPLS
ndashndash etcetc
MAC AddressingMAC Addressing
bullbull SS has 48-bit IEEE MAC AddressSS has 48-bit IEEE MAC Address
bullbull BS has 48-bit Base Station IDBS has 48-bit Base Station IDndashndash Not a MAC addressNot a MAC address
ndashndash 24-bit operator indicator24-bit operator indicator
bullbull 16-bit Connection ID (CID)16-bit Connection ID (CID)ndashndash Used in MAC Used in MAC PDUsPDUs
MAC PDU TransmissionMAC PDU Transmission
bullbull MACMAC PDUs PDUs are transmitted in PHY bursts are transmitted in PHY bursts
bullbull A single PHY burst can contain multipleA single PHY burst can contain multipleConcatenated Concatenated MACMAC PDUs PDUs
bullbull The PHY burst can contain multiple FECThe PHY burst can contain multiple FECblocksblocks
bullbull MAC MAC PDUsPDUs may span FEC block boundaries may span FEC block boundaries
bullbull The TC layer between the MAC and theThe TC layer between the MAC and thePHY allows for capturing the start of the nextPHY allows for capturing the start of the nextMAC PDU in case of erroneous FEC blocksMAC PDU in case of erroneous FEC blocks
MAC PDU TransmissionMAC PDU Transmission
Preamble FEC block
Burst
MAC PDUs PDU 1 PDU 2 PDU 3 PDU 4 PDU 5
FEC 1 FEC 2 FEC 3
MAC PDUs
P
P
MAC Message SDU 1 SDU 2
MAC PDU formatMAC PDU format
bullbull The Generic MAC header has fixed formatThe Generic MAC header has fixed formatbullbull One or more MAC sub-headers may be part of theOne or more MAC sub-headers may be part of the
payloadpayloadbullbull The presence of sub-headers is indicated by a TypeThe presence of sub-headers is indicated by a Type
field in the Generic MAC headerfield in the Generic MAC header
Generic MAC HeaderGeneric MAC Header
FragmentationFragmentationbullbull Partitioning a MAC SDU into fragments transportedPartitioning a MAC SDU into fragments transported
in multiple MACin multiple MAC PDUs PDUs
bullbull Each connection can be in only a singleEach connection can be in only a singlefragmentation state at any timefragmentation state at any time
bullbull Contents of the fragmentation sub-headerContents of the fragmentation sub-header
ndashndash 2-bit Fragmentation Control (FC)2-bit Fragmentation Control (FC)bullbull UnfragmentedUnfragmented Last fragment First fragment Last fragment First fragment
Continuing fragmentContinuing fragment
ndashndash 3-bit Fragmentation Sequence Number (FSN)3-bit Fragmentation Sequence Number (FSN)bullbull required to detect missing continuing fragmentsrequired to detect missing continuing fragments
bullbull continuous counter across continuous counter across SDUsSDUs
PackingPacking
bullbull The process of combining multiple MACThe process of combining multiple MAC SDUs SDUs(or fragments thereof) into a single MAC PDU(or fragments thereof) into a single MAC PDU
bullbull On connections with variable length MAC On connections with variable length MAC SDUsSDUsndashndash Packed PDU contains a sub-header for each packedPacked PDU contains a sub-header for each packed
SDU (or fragment thereof)SDU (or fragment thereof)
bullbull On connections with fixed length MAC On connections with fixed length MAC SDUsSDUsndashndash No packing sub-header neededNo packing sub-header needed
bullbull Packing and fragmentation can be combinedPacking and fragmentation can be combined
bullbull Can in certain situations save up to 10 ofCan in certain situations save up to 10 ofsystem bandwidthsystem bandwidth
Packing Fixed-Length Packing Fixed-Length SDUsSDUs
Packing Variable-Length Packing Variable-Length SDUsSDUs
bullbull2 Byte Packing Sub-Header before each SDU2 Byte Packing Sub-Header before each SDUbullbullLength of the SDU 11 bitsLength of the SDU 11 bitsbullbullfragmentation control (FC) 2 bitsfragmentation control (FC) 2 bitsbullbullfragmentation sequence number (FS) 3 bitsfragmentation sequence number (FS) 3 bits
Packing with FragmentationPacking with Fragmentation
Downlink transmissionsDownlink transmissionsbullbull Two kinds of bursts TDM and TDMATwo kinds of bursts TDM and TDMA
bullbull All bursts are identified by a DIUCAll bursts are identified by a DIUC
ndashndash DownlinkDownlink Interval Usage Code Interval Usage Code
bullbull TDMA bursts haveTDMA bursts have resync resync preamble preamblendashndash allows for more flexible schedulingallows for more flexible scheduling
bullbull Each terminal listens to all bursts at its operationalEach terminal listens to all bursts at its operationalIUC or at a more robust one except when told toIUC or at a more robust one except when told totransmittransmit
bullbull Each burst may contain data for several terminalsEach burst may contain data for several terminals
bullbull SS must recognize the SS must recognize the PDUsPDUs with known CIDs with known CIDs
bullbull DL-MAP message signals downlink usageDL-MAP message signals downlink usage
Downlink Channel DescriptorDownlink Channel Descriptor
bullbull Used for advertising downlink burst profilesUsed for advertising downlink burst profiles
bullbull Burst profile of DL broadcast channel is well-Burst profile of DL broadcast channel is well-knownknown
bullbull All others are acquiredAll others are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the flywithout interrupting the servicewithout interrupting the servicendashndash Not intended as super-adaptive modulationNot intended as super-adaptive modulation
bullbull Establishes association between DIUC andEstablishes association between DIUC andactual PHY parametersactual PHY parameters
Burst profilesBurst profilesbullbull Each burst profile hasEach burst profile has
mandatory exit thresholdmandatory exit thresholdand minimum entryand minimum entrythresholdthreshold
bullbull SS allowed to request a lessSS allowed to request a lessrobust DIUC once above therobust DIUC once above theminimum entry levelminimum entry level
bullbull SS must request fall back toSS must request fall back tomore robust DIUC once atmore robust DIUC once atmandatory exit thresholdmandatory exit threshold
bullbull Requests to change DIUCRequests to change DIUCdone with DBPC-REQ ordone with DBPC-REQ orRNG-REQ messagesRNG-REQ messages
Downlink Map MessageDownlink Map Message
bullbull DL-MAP message defines usage ofDL-MAP message defines usage ofdownlink and contains carrier-specific datadownlink and contains carrier-specific data
bullbull DL-MAP is first message in each frameDL-MAP is first message in each frame
bullbull Decoding very time-criticalDecoding very time-criticalndashndash typically done in hardwaretypically done in hardware
bullbull Entries denote instants when the burstEntries denote instants when the burstprofile changesprofile changes
Uplink TransmissionsUplink Transmissionsbullbull Invited transmissionsInvited transmissions
bullbull Transmissions in contention slotsTransmissions in contention slotsndashndash Bandwidth requestsBandwidth requests
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Transmissions in initial ranging slotsTransmissions in initial ranging slotsndashndash Ranging Requests (RNG-REQ)Ranging Requests (RNG-REQ)
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Bursts defined by Bursts defined by UIUCsUIUCs
bullbull Transmissions allocated by the UL-MAP messageTransmissions allocated by the UL-MAP message
bullbull All transmissions have synchronization preambleAll transmissions have synchronization preamble
bullbull Ideally all data from a single SS is concatenated intoIdeally all data from a single SS is concatenated intoa single PHY bursta single PHY burst
Uplink Channel DescriptorUplink Channel Descriptor
bullbull Defines uplink burst profilesDefines uplink burst profiles
bullbull Sent regularlySent regularly
bullbull All Uplink Burst profiles are acquiredAll Uplink Burst profiles are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the fly
bullbull Establishes association between UIUCEstablishes association between UIUCand actual PHY parametersand actual PHY parameters
Uplink MAP MessageUplink MAP Message
bullbull UL-MAP message defines usage of the uplinkUL-MAP message defines usage of the uplink
bullbull Contains the grantsContains the grants
bullbull Grants addressed to the SSGrants addressed to the SS
bullbull Time given in mini-slotsTime given in mini-slotsndashndash unit ofunit of uplink uplink bandwidth allocation bandwidth allocation
ndashndash 22mm physical slots physical slotsbullbull in 10-66in 10-66 GHz GHz PHY physical slot is 4 symbols PHY physical slot is 4 symbols
bullbull TTime expressed as arrival time at BSime expressed as arrival time at BS
Classes of Uplink ServiceClasses of Uplink ServiceCharacteristic of the Service FlowCharacteristic of the Service Flow
bullbull Unsolicited Grant Services (UGS)Unsolicited Grant Services (UGS)ndashndash for constant bit-rate (CBR) or CBR-like servicefor constant bit-rate (CBR) or CBR-like service
flows (flows (SFsSFs) such as T1E1) such as T1E1
bullbull Real-time Polling Services (Real-time Polling Services (rtPSrtPS))ndashndash for for rtrt-VBR-like -VBR-like SFsSFs such as MPEG video such as MPEG video
bullbull Non-real-time Polling Services (Non-real-time Polling Services (nrtPSnrtPS))ndashndash for for nrtnrt SFsSFs with better than best effort service with better than best effort service
such as bandwidth-intensive file transfersuch as bandwidth-intensive file transfer
bullbull Best Effort (BE)Best Effort (BE)ndashndash for best-effort trafficfor best-effort traffic
Uplink Services - UGSUplink Services - UGS
bullbull No explicit bandwidth requests issued by SSNo explicit bandwidth requests issued by SS
bullbull Prohibited from using any contention requestsProhibited from using any contention requests
bullbull No No unicast unicast request opportunity providedrequest opportunity provided
bullbull May include a Grant Management (GM) sub-May include a Grant Management (GM) sub-header containingheader containingndashndash Slip indicator indicates that there is an backlog inSlip indicator indicates that there is an backlog in
the buffer due to clock skew or loss of mapsthe buffer due to clock skew or loss of maps
ndashndash Poll-me bit indicates that the terminal needs to bePoll-me bit indicates that the terminal needs to bepolled (allows for not polling terminals with UGS-polled (allows for not polling terminals with UGS-only services)only services)
Uplink Services - Uplink Services - rtPSrtPS
bullbull Intended for Intended for rtrt-VBR-like service flows such as-VBR-like service flows such asMPEG videoMPEG video
bullbull Prohibited from using any contention requestsProhibited from using any contention requestsbullbull Terminals polled frequently enough to meetTerminals polled frequently enough to meet
the delay requirements of the the delay requirements of the SFsSFsbullbull Bandwidth requested with BW requestBandwidth requested with BW request
messages (a special MAC PDU header)messages (a special MAC PDU header)bullbull May use Grant Management sub-headerMay use Grant Management sub-header
ndashndash new request can be piggybacked with eachnew request can be piggybacked with eachtransmitted PDUtransmitted PDU
Uplink Service - Uplink Service - nrtPSnrtPS
bullbull Intended for non-real-time service flows withIntended for non-real-time service flows withbetter than best effort servicebetter than best effort servicendashndash eg bandwidth-intensive file transfer eg bandwidth-intensive file transfer
bullbull Works like Works like rtrt-polling except that polls are-polling except that polls areissued less frequentlyissued less frequently
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
Uplink Service - BEUplink Service - BE
bullbull Generic dataGeneric datandashndash eg HTTP SMTP etceg HTTP SMTP etc
bullbull No QoS guaranteesNo QoS guarantees
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
RequestGrant SchemeRequestGrant Scheme
bullbull Self CorrectingSelf Correctingndashndash No acknowledgementNo acknowledgement
ndashndash All errors are handled in the same way ieAll errors are handled in the same way ieperiodical aggregate requestsperiodical aggregate requests
bullbull Bandwidth Requests are always per ConnectionBandwidth Requests are always per Connection
bullbull Grants are either per Connection (GPC) or perGrants are either per Connection (GPC) or perSubscriber Station (GPSS)Subscriber Station (GPSS)
ndashndash Grants (given as Grants (given as durationsdurations) are carried in the) are carried in theUL-MAP messagesUL-MAP messages
ndashndash SS needs to convert the time to amount of dataSS needs to convert the time to amount of datausing information about the UIUCusing information about the UIUC
GPSS vs GPCGPSS vs GPCbullbull Bandwidth Grant per Subscriber Station (GPSS)Bandwidth Grant per Subscriber Station (GPSS)
ndashndash Base station grants bandwidth to the subscriber stationBase station grants bandwidth to the subscriber stationndashndash Subscriber station may re-distribute bandwidth among itsSubscriber station may re-distribute bandwidth among its
connections maintaining QoS and service-levelconnections maintaining QoS and service-levelagreementsagreements
ndashndash Suitable for many connections per terminal off-loadingSuitable for many connections per terminal off-loadingbase stationrsquos workbase stationrsquos work
ndashndash Allows more sophisticated reaction to QoS needsAllows more sophisticated reaction to QoS needsndashndash Low overhead but requires intelligent subscriber stationLow overhead but requires intelligent subscriber stationndashndash Mandatory for P80216 10-66 GHz PHYMandatory for P80216 10-66 GHz PHY
bullbull Bandwidth Grant per Connection (GPC)Bandwidth Grant per Connection (GPC)ndashndash Base station grants bandwidth to a connectionBase station grants bandwidth to a connectionndashndash Mostly suitable for few users per subscriber stationMostly suitable for few users per subscriber stationndashndash Higher overhead but allows simpler subscriber stationHigher overhead but allows simpler subscriber station
Bandwidth RequestsBandwidth Requestsbullbull Come from the Come from the ConnectionConnection
bullbull Several kinds of requestsSeveral kinds of requestsndashndash Implicit requests (UGS)Implicit requests (UGS)
bullbull No actual messages negotiated at connection setupNo actual messages negotiated at connection setup
ndashndash BW request messagesBW request messagesbullbull Uses the special BW request headerUses the special BW request header
bullbull Requests up to 32 KB with a single messageRequests up to 32 KB with a single message
bullbull Incremental or aggregate as indicated by MAC headerIncremental or aggregate as indicated by MAC header
ndashndash Piggybacked request (for non-UGS services only)Piggybacked request (for non-UGS services only)bullbull Presented in GM sub-header and always incrementalPresented in GM sub-header and always incremental
bullbull Up to 32 KB per request for the CIDUp to 32 KB per request for the CID
ndashndash Poll-Me bit (for UGS services only)Poll-Me bit (for UGS services only)bullbull Used by the SS to request a bandwidth poll for non-UGS servicesUsed by the SS to request a bandwidth poll for non-UGS services
BW Request MessageBW Request Message
Maintaining QoS in GPSSMaintaining QoS in GPSSbullbull Semi-distributed approachSemi-distributed approachbullbull BS sees the requests for each connectionBS sees the requests for each connection
based on this grants bandwidth (BW) to thebased on this grants bandwidth (BW) to theSSsSSs (maintaining QoS and fairness) (maintaining QoS and fairness)
bullbull SS scheduler maintains QoS among itsSS scheduler maintains QoS among itsconnections and is responsible to share theconnections and is responsible to share theBW among the connections (maintaining QoSBW among the connections (maintaining QoSand fairness)and fairness)
bullbull Algorithm in BS and SS can be very differentAlgorithm in BS and SS can be very differentSS may use BW in a way unforeseen by theSS may use BW in a way unforeseen by theBSBS
SS initializationSS initializationbullbull Scan forScan for downlink downlink channel and establish channel and establish
synchronization with the BSsynchronization with the BS
bullbull Obtain transmit parameters (from UCD message)Obtain transmit parameters (from UCD message)
bullbull Perform rangingPerform ranging
bullbull Negotiate basic capabilitiesNegotiate basic capabilities
bullbull Authorize SS and perform key exchangeAuthorize SS and perform key exchange
bullbull Perform registrationPerform registration
bullbull Establish IP connectivityEstablish IP connectivity
bullbull Establish time of dayEstablish time of day
bullbull Transfer operational parametersTransfer operational parameters
bullbull Set up connectionsSet up connections
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
MAC AddressingMAC Addressing
bullbull SS has 48-bit IEEE MAC AddressSS has 48-bit IEEE MAC Address
bullbull BS has 48-bit Base Station IDBS has 48-bit Base Station IDndashndash Not a MAC addressNot a MAC address
ndashndash 24-bit operator indicator24-bit operator indicator
bullbull 16-bit Connection ID (CID)16-bit Connection ID (CID)ndashndash Used in MAC Used in MAC PDUsPDUs
MAC PDU TransmissionMAC PDU Transmission
bullbull MACMAC PDUs PDUs are transmitted in PHY bursts are transmitted in PHY bursts
bullbull A single PHY burst can contain multipleA single PHY burst can contain multipleConcatenated Concatenated MACMAC PDUs PDUs
bullbull The PHY burst can contain multiple FECThe PHY burst can contain multiple FECblocksblocks
bullbull MAC MAC PDUsPDUs may span FEC block boundaries may span FEC block boundaries
bullbull The TC layer between the MAC and theThe TC layer between the MAC and thePHY allows for capturing the start of the nextPHY allows for capturing the start of the nextMAC PDU in case of erroneous FEC blocksMAC PDU in case of erroneous FEC blocks
MAC PDU TransmissionMAC PDU Transmission
Preamble FEC block
Burst
MAC PDUs PDU 1 PDU 2 PDU 3 PDU 4 PDU 5
FEC 1 FEC 2 FEC 3
MAC PDUs
P
P
MAC Message SDU 1 SDU 2
MAC PDU formatMAC PDU format
bullbull The Generic MAC header has fixed formatThe Generic MAC header has fixed formatbullbull One or more MAC sub-headers may be part of theOne or more MAC sub-headers may be part of the
payloadpayloadbullbull The presence of sub-headers is indicated by a TypeThe presence of sub-headers is indicated by a Type
field in the Generic MAC headerfield in the Generic MAC header
Generic MAC HeaderGeneric MAC Header
FragmentationFragmentationbullbull Partitioning a MAC SDU into fragments transportedPartitioning a MAC SDU into fragments transported
in multiple MACin multiple MAC PDUs PDUs
bullbull Each connection can be in only a singleEach connection can be in only a singlefragmentation state at any timefragmentation state at any time
bullbull Contents of the fragmentation sub-headerContents of the fragmentation sub-header
ndashndash 2-bit Fragmentation Control (FC)2-bit Fragmentation Control (FC)bullbull UnfragmentedUnfragmented Last fragment First fragment Last fragment First fragment
Continuing fragmentContinuing fragment
ndashndash 3-bit Fragmentation Sequence Number (FSN)3-bit Fragmentation Sequence Number (FSN)bullbull required to detect missing continuing fragmentsrequired to detect missing continuing fragments
bullbull continuous counter across continuous counter across SDUsSDUs
PackingPacking
bullbull The process of combining multiple MACThe process of combining multiple MAC SDUs SDUs(or fragments thereof) into a single MAC PDU(or fragments thereof) into a single MAC PDU
bullbull On connections with variable length MAC On connections with variable length MAC SDUsSDUsndashndash Packed PDU contains a sub-header for each packedPacked PDU contains a sub-header for each packed
SDU (or fragment thereof)SDU (or fragment thereof)
bullbull On connections with fixed length MAC On connections with fixed length MAC SDUsSDUsndashndash No packing sub-header neededNo packing sub-header needed
bullbull Packing and fragmentation can be combinedPacking and fragmentation can be combined
bullbull Can in certain situations save up to 10 ofCan in certain situations save up to 10 ofsystem bandwidthsystem bandwidth
Packing Fixed-Length Packing Fixed-Length SDUsSDUs
Packing Variable-Length Packing Variable-Length SDUsSDUs
bullbull2 Byte Packing Sub-Header before each SDU2 Byte Packing Sub-Header before each SDUbullbullLength of the SDU 11 bitsLength of the SDU 11 bitsbullbullfragmentation control (FC) 2 bitsfragmentation control (FC) 2 bitsbullbullfragmentation sequence number (FS) 3 bitsfragmentation sequence number (FS) 3 bits
Packing with FragmentationPacking with Fragmentation
Downlink transmissionsDownlink transmissionsbullbull Two kinds of bursts TDM and TDMATwo kinds of bursts TDM and TDMA
bullbull All bursts are identified by a DIUCAll bursts are identified by a DIUC
ndashndash DownlinkDownlink Interval Usage Code Interval Usage Code
bullbull TDMA bursts haveTDMA bursts have resync resync preamble preamblendashndash allows for more flexible schedulingallows for more flexible scheduling
bullbull Each terminal listens to all bursts at its operationalEach terminal listens to all bursts at its operationalIUC or at a more robust one except when told toIUC or at a more robust one except when told totransmittransmit
bullbull Each burst may contain data for several terminalsEach burst may contain data for several terminals
bullbull SS must recognize the SS must recognize the PDUsPDUs with known CIDs with known CIDs
bullbull DL-MAP message signals downlink usageDL-MAP message signals downlink usage
Downlink Channel DescriptorDownlink Channel Descriptor
bullbull Used for advertising downlink burst profilesUsed for advertising downlink burst profiles
bullbull Burst profile of DL broadcast channel is well-Burst profile of DL broadcast channel is well-knownknown
bullbull All others are acquiredAll others are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the flywithout interrupting the servicewithout interrupting the servicendashndash Not intended as super-adaptive modulationNot intended as super-adaptive modulation
bullbull Establishes association between DIUC andEstablishes association between DIUC andactual PHY parametersactual PHY parameters
Burst profilesBurst profilesbullbull Each burst profile hasEach burst profile has
mandatory exit thresholdmandatory exit thresholdand minimum entryand minimum entrythresholdthreshold
bullbull SS allowed to request a lessSS allowed to request a lessrobust DIUC once above therobust DIUC once above theminimum entry levelminimum entry level
bullbull SS must request fall back toSS must request fall back tomore robust DIUC once atmore robust DIUC once atmandatory exit thresholdmandatory exit threshold
bullbull Requests to change DIUCRequests to change DIUCdone with DBPC-REQ ordone with DBPC-REQ orRNG-REQ messagesRNG-REQ messages
Downlink Map MessageDownlink Map Message
bullbull DL-MAP message defines usage ofDL-MAP message defines usage ofdownlink and contains carrier-specific datadownlink and contains carrier-specific data
bullbull DL-MAP is first message in each frameDL-MAP is first message in each frame
bullbull Decoding very time-criticalDecoding very time-criticalndashndash typically done in hardwaretypically done in hardware
bullbull Entries denote instants when the burstEntries denote instants when the burstprofile changesprofile changes
Uplink TransmissionsUplink Transmissionsbullbull Invited transmissionsInvited transmissions
bullbull Transmissions in contention slotsTransmissions in contention slotsndashndash Bandwidth requestsBandwidth requests
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Transmissions in initial ranging slotsTransmissions in initial ranging slotsndashndash Ranging Requests (RNG-REQ)Ranging Requests (RNG-REQ)
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Bursts defined by Bursts defined by UIUCsUIUCs
bullbull Transmissions allocated by the UL-MAP messageTransmissions allocated by the UL-MAP message
bullbull All transmissions have synchronization preambleAll transmissions have synchronization preamble
bullbull Ideally all data from a single SS is concatenated intoIdeally all data from a single SS is concatenated intoa single PHY bursta single PHY burst
Uplink Channel DescriptorUplink Channel Descriptor
bullbull Defines uplink burst profilesDefines uplink burst profiles
bullbull Sent regularlySent regularly
bullbull All Uplink Burst profiles are acquiredAll Uplink Burst profiles are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the fly
bullbull Establishes association between UIUCEstablishes association between UIUCand actual PHY parametersand actual PHY parameters
Uplink MAP MessageUplink MAP Message
bullbull UL-MAP message defines usage of the uplinkUL-MAP message defines usage of the uplink
bullbull Contains the grantsContains the grants
bullbull Grants addressed to the SSGrants addressed to the SS
bullbull Time given in mini-slotsTime given in mini-slotsndashndash unit ofunit of uplink uplink bandwidth allocation bandwidth allocation
ndashndash 22mm physical slots physical slotsbullbull in 10-66in 10-66 GHz GHz PHY physical slot is 4 symbols PHY physical slot is 4 symbols
bullbull TTime expressed as arrival time at BSime expressed as arrival time at BS
Classes of Uplink ServiceClasses of Uplink ServiceCharacteristic of the Service FlowCharacteristic of the Service Flow
bullbull Unsolicited Grant Services (UGS)Unsolicited Grant Services (UGS)ndashndash for constant bit-rate (CBR) or CBR-like servicefor constant bit-rate (CBR) or CBR-like service
flows (flows (SFsSFs) such as T1E1) such as T1E1
bullbull Real-time Polling Services (Real-time Polling Services (rtPSrtPS))ndashndash for for rtrt-VBR-like -VBR-like SFsSFs such as MPEG video such as MPEG video
bullbull Non-real-time Polling Services (Non-real-time Polling Services (nrtPSnrtPS))ndashndash for for nrtnrt SFsSFs with better than best effort service with better than best effort service
such as bandwidth-intensive file transfersuch as bandwidth-intensive file transfer
bullbull Best Effort (BE)Best Effort (BE)ndashndash for best-effort trafficfor best-effort traffic
Uplink Services - UGSUplink Services - UGS
bullbull No explicit bandwidth requests issued by SSNo explicit bandwidth requests issued by SS
bullbull Prohibited from using any contention requestsProhibited from using any contention requests
bullbull No No unicast unicast request opportunity providedrequest opportunity provided
bullbull May include a Grant Management (GM) sub-May include a Grant Management (GM) sub-header containingheader containingndashndash Slip indicator indicates that there is an backlog inSlip indicator indicates that there is an backlog in
the buffer due to clock skew or loss of mapsthe buffer due to clock skew or loss of maps
ndashndash Poll-me bit indicates that the terminal needs to bePoll-me bit indicates that the terminal needs to bepolled (allows for not polling terminals with UGS-polled (allows for not polling terminals with UGS-only services)only services)
Uplink Services - Uplink Services - rtPSrtPS
bullbull Intended for Intended for rtrt-VBR-like service flows such as-VBR-like service flows such asMPEG videoMPEG video
bullbull Prohibited from using any contention requestsProhibited from using any contention requestsbullbull Terminals polled frequently enough to meetTerminals polled frequently enough to meet
the delay requirements of the the delay requirements of the SFsSFsbullbull Bandwidth requested with BW requestBandwidth requested with BW request
messages (a special MAC PDU header)messages (a special MAC PDU header)bullbull May use Grant Management sub-headerMay use Grant Management sub-header
ndashndash new request can be piggybacked with eachnew request can be piggybacked with eachtransmitted PDUtransmitted PDU
Uplink Service - Uplink Service - nrtPSnrtPS
bullbull Intended for non-real-time service flows withIntended for non-real-time service flows withbetter than best effort servicebetter than best effort servicendashndash eg bandwidth-intensive file transfer eg bandwidth-intensive file transfer
bullbull Works like Works like rtrt-polling except that polls are-polling except that polls areissued less frequentlyissued less frequently
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
Uplink Service - BEUplink Service - BE
bullbull Generic dataGeneric datandashndash eg HTTP SMTP etceg HTTP SMTP etc
bullbull No QoS guaranteesNo QoS guarantees
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
RequestGrant SchemeRequestGrant Scheme
bullbull Self CorrectingSelf Correctingndashndash No acknowledgementNo acknowledgement
ndashndash All errors are handled in the same way ieAll errors are handled in the same way ieperiodical aggregate requestsperiodical aggregate requests
bullbull Bandwidth Requests are always per ConnectionBandwidth Requests are always per Connection
bullbull Grants are either per Connection (GPC) or perGrants are either per Connection (GPC) or perSubscriber Station (GPSS)Subscriber Station (GPSS)
ndashndash Grants (given as Grants (given as durationsdurations) are carried in the) are carried in theUL-MAP messagesUL-MAP messages
ndashndash SS needs to convert the time to amount of dataSS needs to convert the time to amount of datausing information about the UIUCusing information about the UIUC
GPSS vs GPCGPSS vs GPCbullbull Bandwidth Grant per Subscriber Station (GPSS)Bandwidth Grant per Subscriber Station (GPSS)
ndashndash Base station grants bandwidth to the subscriber stationBase station grants bandwidth to the subscriber stationndashndash Subscriber station may re-distribute bandwidth among itsSubscriber station may re-distribute bandwidth among its
connections maintaining QoS and service-levelconnections maintaining QoS and service-levelagreementsagreements
ndashndash Suitable for many connections per terminal off-loadingSuitable for many connections per terminal off-loadingbase stationrsquos workbase stationrsquos work
ndashndash Allows more sophisticated reaction to QoS needsAllows more sophisticated reaction to QoS needsndashndash Low overhead but requires intelligent subscriber stationLow overhead but requires intelligent subscriber stationndashndash Mandatory for P80216 10-66 GHz PHYMandatory for P80216 10-66 GHz PHY
bullbull Bandwidth Grant per Connection (GPC)Bandwidth Grant per Connection (GPC)ndashndash Base station grants bandwidth to a connectionBase station grants bandwidth to a connectionndashndash Mostly suitable for few users per subscriber stationMostly suitable for few users per subscriber stationndashndash Higher overhead but allows simpler subscriber stationHigher overhead but allows simpler subscriber station
Bandwidth RequestsBandwidth Requestsbullbull Come from the Come from the ConnectionConnection
bullbull Several kinds of requestsSeveral kinds of requestsndashndash Implicit requests (UGS)Implicit requests (UGS)
bullbull No actual messages negotiated at connection setupNo actual messages negotiated at connection setup
ndashndash BW request messagesBW request messagesbullbull Uses the special BW request headerUses the special BW request header
bullbull Requests up to 32 KB with a single messageRequests up to 32 KB with a single message
bullbull Incremental or aggregate as indicated by MAC headerIncremental or aggregate as indicated by MAC header
ndashndash Piggybacked request (for non-UGS services only)Piggybacked request (for non-UGS services only)bullbull Presented in GM sub-header and always incrementalPresented in GM sub-header and always incremental
bullbull Up to 32 KB per request for the CIDUp to 32 KB per request for the CID
ndashndash Poll-Me bit (for UGS services only)Poll-Me bit (for UGS services only)bullbull Used by the SS to request a bandwidth poll for non-UGS servicesUsed by the SS to request a bandwidth poll for non-UGS services
BW Request MessageBW Request Message
Maintaining QoS in GPSSMaintaining QoS in GPSSbullbull Semi-distributed approachSemi-distributed approachbullbull BS sees the requests for each connectionBS sees the requests for each connection
based on this grants bandwidth (BW) to thebased on this grants bandwidth (BW) to theSSsSSs (maintaining QoS and fairness) (maintaining QoS and fairness)
bullbull SS scheduler maintains QoS among itsSS scheduler maintains QoS among itsconnections and is responsible to share theconnections and is responsible to share theBW among the connections (maintaining QoSBW among the connections (maintaining QoSand fairness)and fairness)
bullbull Algorithm in BS and SS can be very differentAlgorithm in BS and SS can be very differentSS may use BW in a way unforeseen by theSS may use BW in a way unforeseen by theBSBS
SS initializationSS initializationbullbull Scan forScan for downlink downlink channel and establish channel and establish
synchronization with the BSsynchronization with the BS
bullbull Obtain transmit parameters (from UCD message)Obtain transmit parameters (from UCD message)
bullbull Perform rangingPerform ranging
bullbull Negotiate basic capabilitiesNegotiate basic capabilities
bullbull Authorize SS and perform key exchangeAuthorize SS and perform key exchange
bullbull Perform registrationPerform registration
bullbull Establish IP connectivityEstablish IP connectivity
bullbull Establish time of dayEstablish time of day
bullbull Transfer operational parametersTransfer operational parameters
bullbull Set up connectionsSet up connections
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
MAC PDU TransmissionMAC PDU Transmission
bullbull MACMAC PDUs PDUs are transmitted in PHY bursts are transmitted in PHY bursts
bullbull A single PHY burst can contain multipleA single PHY burst can contain multipleConcatenated Concatenated MACMAC PDUs PDUs
bullbull The PHY burst can contain multiple FECThe PHY burst can contain multiple FECblocksblocks
bullbull MAC MAC PDUsPDUs may span FEC block boundaries may span FEC block boundaries
bullbull The TC layer between the MAC and theThe TC layer between the MAC and thePHY allows for capturing the start of the nextPHY allows for capturing the start of the nextMAC PDU in case of erroneous FEC blocksMAC PDU in case of erroneous FEC blocks
MAC PDU TransmissionMAC PDU Transmission
Preamble FEC block
Burst
MAC PDUs PDU 1 PDU 2 PDU 3 PDU 4 PDU 5
FEC 1 FEC 2 FEC 3
MAC PDUs
P
P
MAC Message SDU 1 SDU 2
MAC PDU formatMAC PDU format
bullbull The Generic MAC header has fixed formatThe Generic MAC header has fixed formatbullbull One or more MAC sub-headers may be part of theOne or more MAC sub-headers may be part of the
payloadpayloadbullbull The presence of sub-headers is indicated by a TypeThe presence of sub-headers is indicated by a Type
field in the Generic MAC headerfield in the Generic MAC header
Generic MAC HeaderGeneric MAC Header
FragmentationFragmentationbullbull Partitioning a MAC SDU into fragments transportedPartitioning a MAC SDU into fragments transported
in multiple MACin multiple MAC PDUs PDUs
bullbull Each connection can be in only a singleEach connection can be in only a singlefragmentation state at any timefragmentation state at any time
bullbull Contents of the fragmentation sub-headerContents of the fragmentation sub-header
ndashndash 2-bit Fragmentation Control (FC)2-bit Fragmentation Control (FC)bullbull UnfragmentedUnfragmented Last fragment First fragment Last fragment First fragment
Continuing fragmentContinuing fragment
ndashndash 3-bit Fragmentation Sequence Number (FSN)3-bit Fragmentation Sequence Number (FSN)bullbull required to detect missing continuing fragmentsrequired to detect missing continuing fragments
bullbull continuous counter across continuous counter across SDUsSDUs
PackingPacking
bullbull The process of combining multiple MACThe process of combining multiple MAC SDUs SDUs(or fragments thereof) into a single MAC PDU(or fragments thereof) into a single MAC PDU
bullbull On connections with variable length MAC On connections with variable length MAC SDUsSDUsndashndash Packed PDU contains a sub-header for each packedPacked PDU contains a sub-header for each packed
SDU (or fragment thereof)SDU (or fragment thereof)
bullbull On connections with fixed length MAC On connections with fixed length MAC SDUsSDUsndashndash No packing sub-header neededNo packing sub-header needed
bullbull Packing and fragmentation can be combinedPacking and fragmentation can be combined
bullbull Can in certain situations save up to 10 ofCan in certain situations save up to 10 ofsystem bandwidthsystem bandwidth
Packing Fixed-Length Packing Fixed-Length SDUsSDUs
Packing Variable-Length Packing Variable-Length SDUsSDUs
bullbull2 Byte Packing Sub-Header before each SDU2 Byte Packing Sub-Header before each SDUbullbullLength of the SDU 11 bitsLength of the SDU 11 bitsbullbullfragmentation control (FC) 2 bitsfragmentation control (FC) 2 bitsbullbullfragmentation sequence number (FS) 3 bitsfragmentation sequence number (FS) 3 bits
Packing with FragmentationPacking with Fragmentation
Downlink transmissionsDownlink transmissionsbullbull Two kinds of bursts TDM and TDMATwo kinds of bursts TDM and TDMA
bullbull All bursts are identified by a DIUCAll bursts are identified by a DIUC
ndashndash DownlinkDownlink Interval Usage Code Interval Usage Code
bullbull TDMA bursts haveTDMA bursts have resync resync preamble preamblendashndash allows for more flexible schedulingallows for more flexible scheduling
bullbull Each terminal listens to all bursts at its operationalEach terminal listens to all bursts at its operationalIUC or at a more robust one except when told toIUC or at a more robust one except when told totransmittransmit
bullbull Each burst may contain data for several terminalsEach burst may contain data for several terminals
bullbull SS must recognize the SS must recognize the PDUsPDUs with known CIDs with known CIDs
bullbull DL-MAP message signals downlink usageDL-MAP message signals downlink usage
Downlink Channel DescriptorDownlink Channel Descriptor
bullbull Used for advertising downlink burst profilesUsed for advertising downlink burst profiles
bullbull Burst profile of DL broadcast channel is well-Burst profile of DL broadcast channel is well-knownknown
bullbull All others are acquiredAll others are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the flywithout interrupting the servicewithout interrupting the servicendashndash Not intended as super-adaptive modulationNot intended as super-adaptive modulation
bullbull Establishes association between DIUC andEstablishes association between DIUC andactual PHY parametersactual PHY parameters
Burst profilesBurst profilesbullbull Each burst profile hasEach burst profile has
mandatory exit thresholdmandatory exit thresholdand minimum entryand minimum entrythresholdthreshold
bullbull SS allowed to request a lessSS allowed to request a lessrobust DIUC once above therobust DIUC once above theminimum entry levelminimum entry level
bullbull SS must request fall back toSS must request fall back tomore robust DIUC once atmore robust DIUC once atmandatory exit thresholdmandatory exit threshold
bullbull Requests to change DIUCRequests to change DIUCdone with DBPC-REQ ordone with DBPC-REQ orRNG-REQ messagesRNG-REQ messages
Downlink Map MessageDownlink Map Message
bullbull DL-MAP message defines usage ofDL-MAP message defines usage ofdownlink and contains carrier-specific datadownlink and contains carrier-specific data
bullbull DL-MAP is first message in each frameDL-MAP is first message in each frame
bullbull Decoding very time-criticalDecoding very time-criticalndashndash typically done in hardwaretypically done in hardware
bullbull Entries denote instants when the burstEntries denote instants when the burstprofile changesprofile changes
Uplink TransmissionsUplink Transmissionsbullbull Invited transmissionsInvited transmissions
bullbull Transmissions in contention slotsTransmissions in contention slotsndashndash Bandwidth requestsBandwidth requests
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Transmissions in initial ranging slotsTransmissions in initial ranging slotsndashndash Ranging Requests (RNG-REQ)Ranging Requests (RNG-REQ)
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Bursts defined by Bursts defined by UIUCsUIUCs
bullbull Transmissions allocated by the UL-MAP messageTransmissions allocated by the UL-MAP message
bullbull All transmissions have synchronization preambleAll transmissions have synchronization preamble
bullbull Ideally all data from a single SS is concatenated intoIdeally all data from a single SS is concatenated intoa single PHY bursta single PHY burst
Uplink Channel DescriptorUplink Channel Descriptor
bullbull Defines uplink burst profilesDefines uplink burst profiles
bullbull Sent regularlySent regularly
bullbull All Uplink Burst profiles are acquiredAll Uplink Burst profiles are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the fly
bullbull Establishes association between UIUCEstablishes association between UIUCand actual PHY parametersand actual PHY parameters
Uplink MAP MessageUplink MAP Message
bullbull UL-MAP message defines usage of the uplinkUL-MAP message defines usage of the uplink
bullbull Contains the grantsContains the grants
bullbull Grants addressed to the SSGrants addressed to the SS
bullbull Time given in mini-slotsTime given in mini-slotsndashndash unit ofunit of uplink uplink bandwidth allocation bandwidth allocation
ndashndash 22mm physical slots physical slotsbullbull in 10-66in 10-66 GHz GHz PHY physical slot is 4 symbols PHY physical slot is 4 symbols
bullbull TTime expressed as arrival time at BSime expressed as arrival time at BS
Classes of Uplink ServiceClasses of Uplink ServiceCharacteristic of the Service FlowCharacteristic of the Service Flow
bullbull Unsolicited Grant Services (UGS)Unsolicited Grant Services (UGS)ndashndash for constant bit-rate (CBR) or CBR-like servicefor constant bit-rate (CBR) or CBR-like service
flows (flows (SFsSFs) such as T1E1) such as T1E1
bullbull Real-time Polling Services (Real-time Polling Services (rtPSrtPS))ndashndash for for rtrt-VBR-like -VBR-like SFsSFs such as MPEG video such as MPEG video
bullbull Non-real-time Polling Services (Non-real-time Polling Services (nrtPSnrtPS))ndashndash for for nrtnrt SFsSFs with better than best effort service with better than best effort service
such as bandwidth-intensive file transfersuch as bandwidth-intensive file transfer
bullbull Best Effort (BE)Best Effort (BE)ndashndash for best-effort trafficfor best-effort traffic
Uplink Services - UGSUplink Services - UGS
bullbull No explicit bandwidth requests issued by SSNo explicit bandwidth requests issued by SS
bullbull Prohibited from using any contention requestsProhibited from using any contention requests
bullbull No No unicast unicast request opportunity providedrequest opportunity provided
bullbull May include a Grant Management (GM) sub-May include a Grant Management (GM) sub-header containingheader containingndashndash Slip indicator indicates that there is an backlog inSlip indicator indicates that there is an backlog in
the buffer due to clock skew or loss of mapsthe buffer due to clock skew or loss of maps
ndashndash Poll-me bit indicates that the terminal needs to bePoll-me bit indicates that the terminal needs to bepolled (allows for not polling terminals with UGS-polled (allows for not polling terminals with UGS-only services)only services)
Uplink Services - Uplink Services - rtPSrtPS
bullbull Intended for Intended for rtrt-VBR-like service flows such as-VBR-like service flows such asMPEG videoMPEG video
bullbull Prohibited from using any contention requestsProhibited from using any contention requestsbullbull Terminals polled frequently enough to meetTerminals polled frequently enough to meet
the delay requirements of the the delay requirements of the SFsSFsbullbull Bandwidth requested with BW requestBandwidth requested with BW request
messages (a special MAC PDU header)messages (a special MAC PDU header)bullbull May use Grant Management sub-headerMay use Grant Management sub-header
ndashndash new request can be piggybacked with eachnew request can be piggybacked with eachtransmitted PDUtransmitted PDU
Uplink Service - Uplink Service - nrtPSnrtPS
bullbull Intended for non-real-time service flows withIntended for non-real-time service flows withbetter than best effort servicebetter than best effort servicendashndash eg bandwidth-intensive file transfer eg bandwidth-intensive file transfer
bullbull Works like Works like rtrt-polling except that polls are-polling except that polls areissued less frequentlyissued less frequently
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
Uplink Service - BEUplink Service - BE
bullbull Generic dataGeneric datandashndash eg HTTP SMTP etceg HTTP SMTP etc
bullbull No QoS guaranteesNo QoS guarantees
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
RequestGrant SchemeRequestGrant Scheme
bullbull Self CorrectingSelf Correctingndashndash No acknowledgementNo acknowledgement
ndashndash All errors are handled in the same way ieAll errors are handled in the same way ieperiodical aggregate requestsperiodical aggregate requests
bullbull Bandwidth Requests are always per ConnectionBandwidth Requests are always per Connection
bullbull Grants are either per Connection (GPC) or perGrants are either per Connection (GPC) or perSubscriber Station (GPSS)Subscriber Station (GPSS)
ndashndash Grants (given as Grants (given as durationsdurations) are carried in the) are carried in theUL-MAP messagesUL-MAP messages
ndashndash SS needs to convert the time to amount of dataSS needs to convert the time to amount of datausing information about the UIUCusing information about the UIUC
GPSS vs GPCGPSS vs GPCbullbull Bandwidth Grant per Subscriber Station (GPSS)Bandwidth Grant per Subscriber Station (GPSS)
ndashndash Base station grants bandwidth to the subscriber stationBase station grants bandwidth to the subscriber stationndashndash Subscriber station may re-distribute bandwidth among itsSubscriber station may re-distribute bandwidth among its
connections maintaining QoS and service-levelconnections maintaining QoS and service-levelagreementsagreements
ndashndash Suitable for many connections per terminal off-loadingSuitable for many connections per terminal off-loadingbase stationrsquos workbase stationrsquos work
ndashndash Allows more sophisticated reaction to QoS needsAllows more sophisticated reaction to QoS needsndashndash Low overhead but requires intelligent subscriber stationLow overhead but requires intelligent subscriber stationndashndash Mandatory for P80216 10-66 GHz PHYMandatory for P80216 10-66 GHz PHY
bullbull Bandwidth Grant per Connection (GPC)Bandwidth Grant per Connection (GPC)ndashndash Base station grants bandwidth to a connectionBase station grants bandwidth to a connectionndashndash Mostly suitable for few users per subscriber stationMostly suitable for few users per subscriber stationndashndash Higher overhead but allows simpler subscriber stationHigher overhead but allows simpler subscriber station
Bandwidth RequestsBandwidth Requestsbullbull Come from the Come from the ConnectionConnection
bullbull Several kinds of requestsSeveral kinds of requestsndashndash Implicit requests (UGS)Implicit requests (UGS)
bullbull No actual messages negotiated at connection setupNo actual messages negotiated at connection setup
ndashndash BW request messagesBW request messagesbullbull Uses the special BW request headerUses the special BW request header
bullbull Requests up to 32 KB with a single messageRequests up to 32 KB with a single message
bullbull Incremental or aggregate as indicated by MAC headerIncremental or aggregate as indicated by MAC header
ndashndash Piggybacked request (for non-UGS services only)Piggybacked request (for non-UGS services only)bullbull Presented in GM sub-header and always incrementalPresented in GM sub-header and always incremental
bullbull Up to 32 KB per request for the CIDUp to 32 KB per request for the CID
ndashndash Poll-Me bit (for UGS services only)Poll-Me bit (for UGS services only)bullbull Used by the SS to request a bandwidth poll for non-UGS servicesUsed by the SS to request a bandwidth poll for non-UGS services
BW Request MessageBW Request Message
Maintaining QoS in GPSSMaintaining QoS in GPSSbullbull Semi-distributed approachSemi-distributed approachbullbull BS sees the requests for each connectionBS sees the requests for each connection
based on this grants bandwidth (BW) to thebased on this grants bandwidth (BW) to theSSsSSs (maintaining QoS and fairness) (maintaining QoS and fairness)
bullbull SS scheduler maintains QoS among itsSS scheduler maintains QoS among itsconnections and is responsible to share theconnections and is responsible to share theBW among the connections (maintaining QoSBW among the connections (maintaining QoSand fairness)and fairness)
bullbull Algorithm in BS and SS can be very differentAlgorithm in BS and SS can be very differentSS may use BW in a way unforeseen by theSS may use BW in a way unforeseen by theBSBS
SS initializationSS initializationbullbull Scan forScan for downlink downlink channel and establish channel and establish
synchronization with the BSsynchronization with the BS
bullbull Obtain transmit parameters (from UCD message)Obtain transmit parameters (from UCD message)
bullbull Perform rangingPerform ranging
bullbull Negotiate basic capabilitiesNegotiate basic capabilities
bullbull Authorize SS and perform key exchangeAuthorize SS and perform key exchange
bullbull Perform registrationPerform registration
bullbull Establish IP connectivityEstablish IP connectivity
bullbull Establish time of dayEstablish time of day
bullbull Transfer operational parametersTransfer operational parameters
bullbull Set up connectionsSet up connections
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
MAC PDU TransmissionMAC PDU Transmission
Preamble FEC block
Burst
MAC PDUs PDU 1 PDU 2 PDU 3 PDU 4 PDU 5
FEC 1 FEC 2 FEC 3
MAC PDUs
P
P
MAC Message SDU 1 SDU 2
MAC PDU formatMAC PDU format
bullbull The Generic MAC header has fixed formatThe Generic MAC header has fixed formatbullbull One or more MAC sub-headers may be part of theOne or more MAC sub-headers may be part of the
payloadpayloadbullbull The presence of sub-headers is indicated by a TypeThe presence of sub-headers is indicated by a Type
field in the Generic MAC headerfield in the Generic MAC header
Generic MAC HeaderGeneric MAC Header
FragmentationFragmentationbullbull Partitioning a MAC SDU into fragments transportedPartitioning a MAC SDU into fragments transported
in multiple MACin multiple MAC PDUs PDUs
bullbull Each connection can be in only a singleEach connection can be in only a singlefragmentation state at any timefragmentation state at any time
bullbull Contents of the fragmentation sub-headerContents of the fragmentation sub-header
ndashndash 2-bit Fragmentation Control (FC)2-bit Fragmentation Control (FC)bullbull UnfragmentedUnfragmented Last fragment First fragment Last fragment First fragment
Continuing fragmentContinuing fragment
ndashndash 3-bit Fragmentation Sequence Number (FSN)3-bit Fragmentation Sequence Number (FSN)bullbull required to detect missing continuing fragmentsrequired to detect missing continuing fragments
bullbull continuous counter across continuous counter across SDUsSDUs
PackingPacking
bullbull The process of combining multiple MACThe process of combining multiple MAC SDUs SDUs(or fragments thereof) into a single MAC PDU(or fragments thereof) into a single MAC PDU
bullbull On connections with variable length MAC On connections with variable length MAC SDUsSDUsndashndash Packed PDU contains a sub-header for each packedPacked PDU contains a sub-header for each packed
SDU (or fragment thereof)SDU (or fragment thereof)
bullbull On connections with fixed length MAC On connections with fixed length MAC SDUsSDUsndashndash No packing sub-header neededNo packing sub-header needed
bullbull Packing and fragmentation can be combinedPacking and fragmentation can be combined
bullbull Can in certain situations save up to 10 ofCan in certain situations save up to 10 ofsystem bandwidthsystem bandwidth
Packing Fixed-Length Packing Fixed-Length SDUsSDUs
Packing Variable-Length Packing Variable-Length SDUsSDUs
bullbull2 Byte Packing Sub-Header before each SDU2 Byte Packing Sub-Header before each SDUbullbullLength of the SDU 11 bitsLength of the SDU 11 bitsbullbullfragmentation control (FC) 2 bitsfragmentation control (FC) 2 bitsbullbullfragmentation sequence number (FS) 3 bitsfragmentation sequence number (FS) 3 bits
Packing with FragmentationPacking with Fragmentation
Downlink transmissionsDownlink transmissionsbullbull Two kinds of bursts TDM and TDMATwo kinds of bursts TDM and TDMA
bullbull All bursts are identified by a DIUCAll bursts are identified by a DIUC
ndashndash DownlinkDownlink Interval Usage Code Interval Usage Code
bullbull TDMA bursts haveTDMA bursts have resync resync preamble preamblendashndash allows for more flexible schedulingallows for more flexible scheduling
bullbull Each terminal listens to all bursts at its operationalEach terminal listens to all bursts at its operationalIUC or at a more robust one except when told toIUC or at a more robust one except when told totransmittransmit
bullbull Each burst may contain data for several terminalsEach burst may contain data for several terminals
bullbull SS must recognize the SS must recognize the PDUsPDUs with known CIDs with known CIDs
bullbull DL-MAP message signals downlink usageDL-MAP message signals downlink usage
Downlink Channel DescriptorDownlink Channel Descriptor
bullbull Used for advertising downlink burst profilesUsed for advertising downlink burst profiles
bullbull Burst profile of DL broadcast channel is well-Burst profile of DL broadcast channel is well-knownknown
bullbull All others are acquiredAll others are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the flywithout interrupting the servicewithout interrupting the servicendashndash Not intended as super-adaptive modulationNot intended as super-adaptive modulation
bullbull Establishes association between DIUC andEstablishes association between DIUC andactual PHY parametersactual PHY parameters
Burst profilesBurst profilesbullbull Each burst profile hasEach burst profile has
mandatory exit thresholdmandatory exit thresholdand minimum entryand minimum entrythresholdthreshold
bullbull SS allowed to request a lessSS allowed to request a lessrobust DIUC once above therobust DIUC once above theminimum entry levelminimum entry level
bullbull SS must request fall back toSS must request fall back tomore robust DIUC once atmore robust DIUC once atmandatory exit thresholdmandatory exit threshold
bullbull Requests to change DIUCRequests to change DIUCdone with DBPC-REQ ordone with DBPC-REQ orRNG-REQ messagesRNG-REQ messages
Downlink Map MessageDownlink Map Message
bullbull DL-MAP message defines usage ofDL-MAP message defines usage ofdownlink and contains carrier-specific datadownlink and contains carrier-specific data
bullbull DL-MAP is first message in each frameDL-MAP is first message in each frame
bullbull Decoding very time-criticalDecoding very time-criticalndashndash typically done in hardwaretypically done in hardware
bullbull Entries denote instants when the burstEntries denote instants when the burstprofile changesprofile changes
Uplink TransmissionsUplink Transmissionsbullbull Invited transmissionsInvited transmissions
bullbull Transmissions in contention slotsTransmissions in contention slotsndashndash Bandwidth requestsBandwidth requests
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Transmissions in initial ranging slotsTransmissions in initial ranging slotsndashndash Ranging Requests (RNG-REQ)Ranging Requests (RNG-REQ)
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Bursts defined by Bursts defined by UIUCsUIUCs
bullbull Transmissions allocated by the UL-MAP messageTransmissions allocated by the UL-MAP message
bullbull All transmissions have synchronization preambleAll transmissions have synchronization preamble
bullbull Ideally all data from a single SS is concatenated intoIdeally all data from a single SS is concatenated intoa single PHY bursta single PHY burst
Uplink Channel DescriptorUplink Channel Descriptor
bullbull Defines uplink burst profilesDefines uplink burst profiles
bullbull Sent regularlySent regularly
bullbull All Uplink Burst profiles are acquiredAll Uplink Burst profiles are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the fly
bullbull Establishes association between UIUCEstablishes association between UIUCand actual PHY parametersand actual PHY parameters
Uplink MAP MessageUplink MAP Message
bullbull UL-MAP message defines usage of the uplinkUL-MAP message defines usage of the uplink
bullbull Contains the grantsContains the grants
bullbull Grants addressed to the SSGrants addressed to the SS
bullbull Time given in mini-slotsTime given in mini-slotsndashndash unit ofunit of uplink uplink bandwidth allocation bandwidth allocation
ndashndash 22mm physical slots physical slotsbullbull in 10-66in 10-66 GHz GHz PHY physical slot is 4 symbols PHY physical slot is 4 symbols
bullbull TTime expressed as arrival time at BSime expressed as arrival time at BS
Classes of Uplink ServiceClasses of Uplink ServiceCharacteristic of the Service FlowCharacteristic of the Service Flow
bullbull Unsolicited Grant Services (UGS)Unsolicited Grant Services (UGS)ndashndash for constant bit-rate (CBR) or CBR-like servicefor constant bit-rate (CBR) or CBR-like service
flows (flows (SFsSFs) such as T1E1) such as T1E1
bullbull Real-time Polling Services (Real-time Polling Services (rtPSrtPS))ndashndash for for rtrt-VBR-like -VBR-like SFsSFs such as MPEG video such as MPEG video
bullbull Non-real-time Polling Services (Non-real-time Polling Services (nrtPSnrtPS))ndashndash for for nrtnrt SFsSFs with better than best effort service with better than best effort service
such as bandwidth-intensive file transfersuch as bandwidth-intensive file transfer
bullbull Best Effort (BE)Best Effort (BE)ndashndash for best-effort trafficfor best-effort traffic
Uplink Services - UGSUplink Services - UGS
bullbull No explicit bandwidth requests issued by SSNo explicit bandwidth requests issued by SS
bullbull Prohibited from using any contention requestsProhibited from using any contention requests
bullbull No No unicast unicast request opportunity providedrequest opportunity provided
bullbull May include a Grant Management (GM) sub-May include a Grant Management (GM) sub-header containingheader containingndashndash Slip indicator indicates that there is an backlog inSlip indicator indicates that there is an backlog in
the buffer due to clock skew or loss of mapsthe buffer due to clock skew or loss of maps
ndashndash Poll-me bit indicates that the terminal needs to bePoll-me bit indicates that the terminal needs to bepolled (allows for not polling terminals with UGS-polled (allows for not polling terminals with UGS-only services)only services)
Uplink Services - Uplink Services - rtPSrtPS
bullbull Intended for Intended for rtrt-VBR-like service flows such as-VBR-like service flows such asMPEG videoMPEG video
bullbull Prohibited from using any contention requestsProhibited from using any contention requestsbullbull Terminals polled frequently enough to meetTerminals polled frequently enough to meet
the delay requirements of the the delay requirements of the SFsSFsbullbull Bandwidth requested with BW requestBandwidth requested with BW request
messages (a special MAC PDU header)messages (a special MAC PDU header)bullbull May use Grant Management sub-headerMay use Grant Management sub-header
ndashndash new request can be piggybacked with eachnew request can be piggybacked with eachtransmitted PDUtransmitted PDU
Uplink Service - Uplink Service - nrtPSnrtPS
bullbull Intended for non-real-time service flows withIntended for non-real-time service flows withbetter than best effort servicebetter than best effort servicendashndash eg bandwidth-intensive file transfer eg bandwidth-intensive file transfer
bullbull Works like Works like rtrt-polling except that polls are-polling except that polls areissued less frequentlyissued less frequently
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
Uplink Service - BEUplink Service - BE
bullbull Generic dataGeneric datandashndash eg HTTP SMTP etceg HTTP SMTP etc
bullbull No QoS guaranteesNo QoS guarantees
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
RequestGrant SchemeRequestGrant Scheme
bullbull Self CorrectingSelf Correctingndashndash No acknowledgementNo acknowledgement
ndashndash All errors are handled in the same way ieAll errors are handled in the same way ieperiodical aggregate requestsperiodical aggregate requests
bullbull Bandwidth Requests are always per ConnectionBandwidth Requests are always per Connection
bullbull Grants are either per Connection (GPC) or perGrants are either per Connection (GPC) or perSubscriber Station (GPSS)Subscriber Station (GPSS)
ndashndash Grants (given as Grants (given as durationsdurations) are carried in the) are carried in theUL-MAP messagesUL-MAP messages
ndashndash SS needs to convert the time to amount of dataSS needs to convert the time to amount of datausing information about the UIUCusing information about the UIUC
GPSS vs GPCGPSS vs GPCbullbull Bandwidth Grant per Subscriber Station (GPSS)Bandwidth Grant per Subscriber Station (GPSS)
ndashndash Base station grants bandwidth to the subscriber stationBase station grants bandwidth to the subscriber stationndashndash Subscriber station may re-distribute bandwidth among itsSubscriber station may re-distribute bandwidth among its
connections maintaining QoS and service-levelconnections maintaining QoS and service-levelagreementsagreements
ndashndash Suitable for many connections per terminal off-loadingSuitable for many connections per terminal off-loadingbase stationrsquos workbase stationrsquos work
ndashndash Allows more sophisticated reaction to QoS needsAllows more sophisticated reaction to QoS needsndashndash Low overhead but requires intelligent subscriber stationLow overhead but requires intelligent subscriber stationndashndash Mandatory for P80216 10-66 GHz PHYMandatory for P80216 10-66 GHz PHY
bullbull Bandwidth Grant per Connection (GPC)Bandwidth Grant per Connection (GPC)ndashndash Base station grants bandwidth to a connectionBase station grants bandwidth to a connectionndashndash Mostly suitable for few users per subscriber stationMostly suitable for few users per subscriber stationndashndash Higher overhead but allows simpler subscriber stationHigher overhead but allows simpler subscriber station
Bandwidth RequestsBandwidth Requestsbullbull Come from the Come from the ConnectionConnection
bullbull Several kinds of requestsSeveral kinds of requestsndashndash Implicit requests (UGS)Implicit requests (UGS)
bullbull No actual messages negotiated at connection setupNo actual messages negotiated at connection setup
ndashndash BW request messagesBW request messagesbullbull Uses the special BW request headerUses the special BW request header
bullbull Requests up to 32 KB with a single messageRequests up to 32 KB with a single message
bullbull Incremental or aggregate as indicated by MAC headerIncremental or aggregate as indicated by MAC header
ndashndash Piggybacked request (for non-UGS services only)Piggybacked request (for non-UGS services only)bullbull Presented in GM sub-header and always incrementalPresented in GM sub-header and always incremental
bullbull Up to 32 KB per request for the CIDUp to 32 KB per request for the CID
ndashndash Poll-Me bit (for UGS services only)Poll-Me bit (for UGS services only)bullbull Used by the SS to request a bandwidth poll for non-UGS servicesUsed by the SS to request a bandwidth poll for non-UGS services
BW Request MessageBW Request Message
Maintaining QoS in GPSSMaintaining QoS in GPSSbullbull Semi-distributed approachSemi-distributed approachbullbull BS sees the requests for each connectionBS sees the requests for each connection
based on this grants bandwidth (BW) to thebased on this grants bandwidth (BW) to theSSsSSs (maintaining QoS and fairness) (maintaining QoS and fairness)
bullbull SS scheduler maintains QoS among itsSS scheduler maintains QoS among itsconnections and is responsible to share theconnections and is responsible to share theBW among the connections (maintaining QoSBW among the connections (maintaining QoSand fairness)and fairness)
bullbull Algorithm in BS and SS can be very differentAlgorithm in BS and SS can be very differentSS may use BW in a way unforeseen by theSS may use BW in a way unforeseen by theBSBS
SS initializationSS initializationbullbull Scan forScan for downlink downlink channel and establish channel and establish
synchronization with the BSsynchronization with the BS
bullbull Obtain transmit parameters (from UCD message)Obtain transmit parameters (from UCD message)
bullbull Perform rangingPerform ranging
bullbull Negotiate basic capabilitiesNegotiate basic capabilities
bullbull Authorize SS and perform key exchangeAuthorize SS and perform key exchange
bullbull Perform registrationPerform registration
bullbull Establish IP connectivityEstablish IP connectivity
bullbull Establish time of dayEstablish time of day
bullbull Transfer operational parametersTransfer operational parameters
bullbull Set up connectionsSet up connections
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
MAC PDU formatMAC PDU format
bullbull The Generic MAC header has fixed formatThe Generic MAC header has fixed formatbullbull One or more MAC sub-headers may be part of theOne or more MAC sub-headers may be part of the
payloadpayloadbullbull The presence of sub-headers is indicated by a TypeThe presence of sub-headers is indicated by a Type
field in the Generic MAC headerfield in the Generic MAC header
Generic MAC HeaderGeneric MAC Header
FragmentationFragmentationbullbull Partitioning a MAC SDU into fragments transportedPartitioning a MAC SDU into fragments transported
in multiple MACin multiple MAC PDUs PDUs
bullbull Each connection can be in only a singleEach connection can be in only a singlefragmentation state at any timefragmentation state at any time
bullbull Contents of the fragmentation sub-headerContents of the fragmentation sub-header
ndashndash 2-bit Fragmentation Control (FC)2-bit Fragmentation Control (FC)bullbull UnfragmentedUnfragmented Last fragment First fragment Last fragment First fragment
Continuing fragmentContinuing fragment
ndashndash 3-bit Fragmentation Sequence Number (FSN)3-bit Fragmentation Sequence Number (FSN)bullbull required to detect missing continuing fragmentsrequired to detect missing continuing fragments
bullbull continuous counter across continuous counter across SDUsSDUs
PackingPacking
bullbull The process of combining multiple MACThe process of combining multiple MAC SDUs SDUs(or fragments thereof) into a single MAC PDU(or fragments thereof) into a single MAC PDU
bullbull On connections with variable length MAC On connections with variable length MAC SDUsSDUsndashndash Packed PDU contains a sub-header for each packedPacked PDU contains a sub-header for each packed
SDU (or fragment thereof)SDU (or fragment thereof)
bullbull On connections with fixed length MAC On connections with fixed length MAC SDUsSDUsndashndash No packing sub-header neededNo packing sub-header needed
bullbull Packing and fragmentation can be combinedPacking and fragmentation can be combined
bullbull Can in certain situations save up to 10 ofCan in certain situations save up to 10 ofsystem bandwidthsystem bandwidth
Packing Fixed-Length Packing Fixed-Length SDUsSDUs
Packing Variable-Length Packing Variable-Length SDUsSDUs
bullbull2 Byte Packing Sub-Header before each SDU2 Byte Packing Sub-Header before each SDUbullbullLength of the SDU 11 bitsLength of the SDU 11 bitsbullbullfragmentation control (FC) 2 bitsfragmentation control (FC) 2 bitsbullbullfragmentation sequence number (FS) 3 bitsfragmentation sequence number (FS) 3 bits
Packing with FragmentationPacking with Fragmentation
Downlink transmissionsDownlink transmissionsbullbull Two kinds of bursts TDM and TDMATwo kinds of bursts TDM and TDMA
bullbull All bursts are identified by a DIUCAll bursts are identified by a DIUC
ndashndash DownlinkDownlink Interval Usage Code Interval Usage Code
bullbull TDMA bursts haveTDMA bursts have resync resync preamble preamblendashndash allows for more flexible schedulingallows for more flexible scheduling
bullbull Each terminal listens to all bursts at its operationalEach terminal listens to all bursts at its operationalIUC or at a more robust one except when told toIUC or at a more robust one except when told totransmittransmit
bullbull Each burst may contain data for several terminalsEach burst may contain data for several terminals
bullbull SS must recognize the SS must recognize the PDUsPDUs with known CIDs with known CIDs
bullbull DL-MAP message signals downlink usageDL-MAP message signals downlink usage
Downlink Channel DescriptorDownlink Channel Descriptor
bullbull Used for advertising downlink burst profilesUsed for advertising downlink burst profiles
bullbull Burst profile of DL broadcast channel is well-Burst profile of DL broadcast channel is well-knownknown
bullbull All others are acquiredAll others are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the flywithout interrupting the servicewithout interrupting the servicendashndash Not intended as super-adaptive modulationNot intended as super-adaptive modulation
bullbull Establishes association between DIUC andEstablishes association between DIUC andactual PHY parametersactual PHY parameters
Burst profilesBurst profilesbullbull Each burst profile hasEach burst profile has
mandatory exit thresholdmandatory exit thresholdand minimum entryand minimum entrythresholdthreshold
bullbull SS allowed to request a lessSS allowed to request a lessrobust DIUC once above therobust DIUC once above theminimum entry levelminimum entry level
bullbull SS must request fall back toSS must request fall back tomore robust DIUC once atmore robust DIUC once atmandatory exit thresholdmandatory exit threshold
bullbull Requests to change DIUCRequests to change DIUCdone with DBPC-REQ ordone with DBPC-REQ orRNG-REQ messagesRNG-REQ messages
Downlink Map MessageDownlink Map Message
bullbull DL-MAP message defines usage ofDL-MAP message defines usage ofdownlink and contains carrier-specific datadownlink and contains carrier-specific data
bullbull DL-MAP is first message in each frameDL-MAP is first message in each frame
bullbull Decoding very time-criticalDecoding very time-criticalndashndash typically done in hardwaretypically done in hardware
bullbull Entries denote instants when the burstEntries denote instants when the burstprofile changesprofile changes
Uplink TransmissionsUplink Transmissionsbullbull Invited transmissionsInvited transmissions
bullbull Transmissions in contention slotsTransmissions in contention slotsndashndash Bandwidth requestsBandwidth requests
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Transmissions in initial ranging slotsTransmissions in initial ranging slotsndashndash Ranging Requests (RNG-REQ)Ranging Requests (RNG-REQ)
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Bursts defined by Bursts defined by UIUCsUIUCs
bullbull Transmissions allocated by the UL-MAP messageTransmissions allocated by the UL-MAP message
bullbull All transmissions have synchronization preambleAll transmissions have synchronization preamble
bullbull Ideally all data from a single SS is concatenated intoIdeally all data from a single SS is concatenated intoa single PHY bursta single PHY burst
Uplink Channel DescriptorUplink Channel Descriptor
bullbull Defines uplink burst profilesDefines uplink burst profiles
bullbull Sent regularlySent regularly
bullbull All Uplink Burst profiles are acquiredAll Uplink Burst profiles are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the fly
bullbull Establishes association between UIUCEstablishes association between UIUCand actual PHY parametersand actual PHY parameters
Uplink MAP MessageUplink MAP Message
bullbull UL-MAP message defines usage of the uplinkUL-MAP message defines usage of the uplink
bullbull Contains the grantsContains the grants
bullbull Grants addressed to the SSGrants addressed to the SS
bullbull Time given in mini-slotsTime given in mini-slotsndashndash unit ofunit of uplink uplink bandwidth allocation bandwidth allocation
ndashndash 22mm physical slots physical slotsbullbull in 10-66in 10-66 GHz GHz PHY physical slot is 4 symbols PHY physical slot is 4 symbols
bullbull TTime expressed as arrival time at BSime expressed as arrival time at BS
Classes of Uplink ServiceClasses of Uplink ServiceCharacteristic of the Service FlowCharacteristic of the Service Flow
bullbull Unsolicited Grant Services (UGS)Unsolicited Grant Services (UGS)ndashndash for constant bit-rate (CBR) or CBR-like servicefor constant bit-rate (CBR) or CBR-like service
flows (flows (SFsSFs) such as T1E1) such as T1E1
bullbull Real-time Polling Services (Real-time Polling Services (rtPSrtPS))ndashndash for for rtrt-VBR-like -VBR-like SFsSFs such as MPEG video such as MPEG video
bullbull Non-real-time Polling Services (Non-real-time Polling Services (nrtPSnrtPS))ndashndash for for nrtnrt SFsSFs with better than best effort service with better than best effort service
such as bandwidth-intensive file transfersuch as bandwidth-intensive file transfer
bullbull Best Effort (BE)Best Effort (BE)ndashndash for best-effort trafficfor best-effort traffic
Uplink Services - UGSUplink Services - UGS
bullbull No explicit bandwidth requests issued by SSNo explicit bandwidth requests issued by SS
bullbull Prohibited from using any contention requestsProhibited from using any contention requests
bullbull No No unicast unicast request opportunity providedrequest opportunity provided
bullbull May include a Grant Management (GM) sub-May include a Grant Management (GM) sub-header containingheader containingndashndash Slip indicator indicates that there is an backlog inSlip indicator indicates that there is an backlog in
the buffer due to clock skew or loss of mapsthe buffer due to clock skew or loss of maps
ndashndash Poll-me bit indicates that the terminal needs to bePoll-me bit indicates that the terminal needs to bepolled (allows for not polling terminals with UGS-polled (allows for not polling terminals with UGS-only services)only services)
Uplink Services - Uplink Services - rtPSrtPS
bullbull Intended for Intended for rtrt-VBR-like service flows such as-VBR-like service flows such asMPEG videoMPEG video
bullbull Prohibited from using any contention requestsProhibited from using any contention requestsbullbull Terminals polled frequently enough to meetTerminals polled frequently enough to meet
the delay requirements of the the delay requirements of the SFsSFsbullbull Bandwidth requested with BW requestBandwidth requested with BW request
messages (a special MAC PDU header)messages (a special MAC PDU header)bullbull May use Grant Management sub-headerMay use Grant Management sub-header
ndashndash new request can be piggybacked with eachnew request can be piggybacked with eachtransmitted PDUtransmitted PDU
Uplink Service - Uplink Service - nrtPSnrtPS
bullbull Intended for non-real-time service flows withIntended for non-real-time service flows withbetter than best effort servicebetter than best effort servicendashndash eg bandwidth-intensive file transfer eg bandwidth-intensive file transfer
bullbull Works like Works like rtrt-polling except that polls are-polling except that polls areissued less frequentlyissued less frequently
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
Uplink Service - BEUplink Service - BE
bullbull Generic dataGeneric datandashndash eg HTTP SMTP etceg HTTP SMTP etc
bullbull No QoS guaranteesNo QoS guarantees
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
RequestGrant SchemeRequestGrant Scheme
bullbull Self CorrectingSelf Correctingndashndash No acknowledgementNo acknowledgement
ndashndash All errors are handled in the same way ieAll errors are handled in the same way ieperiodical aggregate requestsperiodical aggregate requests
bullbull Bandwidth Requests are always per ConnectionBandwidth Requests are always per Connection
bullbull Grants are either per Connection (GPC) or perGrants are either per Connection (GPC) or perSubscriber Station (GPSS)Subscriber Station (GPSS)
ndashndash Grants (given as Grants (given as durationsdurations) are carried in the) are carried in theUL-MAP messagesUL-MAP messages
ndashndash SS needs to convert the time to amount of dataSS needs to convert the time to amount of datausing information about the UIUCusing information about the UIUC
GPSS vs GPCGPSS vs GPCbullbull Bandwidth Grant per Subscriber Station (GPSS)Bandwidth Grant per Subscriber Station (GPSS)
ndashndash Base station grants bandwidth to the subscriber stationBase station grants bandwidth to the subscriber stationndashndash Subscriber station may re-distribute bandwidth among itsSubscriber station may re-distribute bandwidth among its
connections maintaining QoS and service-levelconnections maintaining QoS and service-levelagreementsagreements
ndashndash Suitable for many connections per terminal off-loadingSuitable for many connections per terminal off-loadingbase stationrsquos workbase stationrsquos work
ndashndash Allows more sophisticated reaction to QoS needsAllows more sophisticated reaction to QoS needsndashndash Low overhead but requires intelligent subscriber stationLow overhead but requires intelligent subscriber stationndashndash Mandatory for P80216 10-66 GHz PHYMandatory for P80216 10-66 GHz PHY
bullbull Bandwidth Grant per Connection (GPC)Bandwidth Grant per Connection (GPC)ndashndash Base station grants bandwidth to a connectionBase station grants bandwidth to a connectionndashndash Mostly suitable for few users per subscriber stationMostly suitable for few users per subscriber stationndashndash Higher overhead but allows simpler subscriber stationHigher overhead but allows simpler subscriber station
Bandwidth RequestsBandwidth Requestsbullbull Come from the Come from the ConnectionConnection
bullbull Several kinds of requestsSeveral kinds of requestsndashndash Implicit requests (UGS)Implicit requests (UGS)
bullbull No actual messages negotiated at connection setupNo actual messages negotiated at connection setup
ndashndash BW request messagesBW request messagesbullbull Uses the special BW request headerUses the special BW request header
bullbull Requests up to 32 KB with a single messageRequests up to 32 KB with a single message
bullbull Incremental or aggregate as indicated by MAC headerIncremental or aggregate as indicated by MAC header
ndashndash Piggybacked request (for non-UGS services only)Piggybacked request (for non-UGS services only)bullbull Presented in GM sub-header and always incrementalPresented in GM sub-header and always incremental
bullbull Up to 32 KB per request for the CIDUp to 32 KB per request for the CID
ndashndash Poll-Me bit (for UGS services only)Poll-Me bit (for UGS services only)bullbull Used by the SS to request a bandwidth poll for non-UGS servicesUsed by the SS to request a bandwidth poll for non-UGS services
BW Request MessageBW Request Message
Maintaining QoS in GPSSMaintaining QoS in GPSSbullbull Semi-distributed approachSemi-distributed approachbullbull BS sees the requests for each connectionBS sees the requests for each connection
based on this grants bandwidth (BW) to thebased on this grants bandwidth (BW) to theSSsSSs (maintaining QoS and fairness) (maintaining QoS and fairness)
bullbull SS scheduler maintains QoS among itsSS scheduler maintains QoS among itsconnections and is responsible to share theconnections and is responsible to share theBW among the connections (maintaining QoSBW among the connections (maintaining QoSand fairness)and fairness)
bullbull Algorithm in BS and SS can be very differentAlgorithm in BS and SS can be very differentSS may use BW in a way unforeseen by theSS may use BW in a way unforeseen by theBSBS
SS initializationSS initializationbullbull Scan forScan for downlink downlink channel and establish channel and establish
synchronization with the BSsynchronization with the BS
bullbull Obtain transmit parameters (from UCD message)Obtain transmit parameters (from UCD message)
bullbull Perform rangingPerform ranging
bullbull Negotiate basic capabilitiesNegotiate basic capabilities
bullbull Authorize SS and perform key exchangeAuthorize SS and perform key exchange
bullbull Perform registrationPerform registration
bullbull Establish IP connectivityEstablish IP connectivity
bullbull Establish time of dayEstablish time of day
bullbull Transfer operational parametersTransfer operational parameters
bullbull Set up connectionsSet up connections
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
Generic MAC HeaderGeneric MAC Header
FragmentationFragmentationbullbull Partitioning a MAC SDU into fragments transportedPartitioning a MAC SDU into fragments transported
in multiple MACin multiple MAC PDUs PDUs
bullbull Each connection can be in only a singleEach connection can be in only a singlefragmentation state at any timefragmentation state at any time
bullbull Contents of the fragmentation sub-headerContents of the fragmentation sub-header
ndashndash 2-bit Fragmentation Control (FC)2-bit Fragmentation Control (FC)bullbull UnfragmentedUnfragmented Last fragment First fragment Last fragment First fragment
Continuing fragmentContinuing fragment
ndashndash 3-bit Fragmentation Sequence Number (FSN)3-bit Fragmentation Sequence Number (FSN)bullbull required to detect missing continuing fragmentsrequired to detect missing continuing fragments
bullbull continuous counter across continuous counter across SDUsSDUs
PackingPacking
bullbull The process of combining multiple MACThe process of combining multiple MAC SDUs SDUs(or fragments thereof) into a single MAC PDU(or fragments thereof) into a single MAC PDU
bullbull On connections with variable length MAC On connections with variable length MAC SDUsSDUsndashndash Packed PDU contains a sub-header for each packedPacked PDU contains a sub-header for each packed
SDU (or fragment thereof)SDU (or fragment thereof)
bullbull On connections with fixed length MAC On connections with fixed length MAC SDUsSDUsndashndash No packing sub-header neededNo packing sub-header needed
bullbull Packing and fragmentation can be combinedPacking and fragmentation can be combined
bullbull Can in certain situations save up to 10 ofCan in certain situations save up to 10 ofsystem bandwidthsystem bandwidth
Packing Fixed-Length Packing Fixed-Length SDUsSDUs
Packing Variable-Length Packing Variable-Length SDUsSDUs
bullbull2 Byte Packing Sub-Header before each SDU2 Byte Packing Sub-Header before each SDUbullbullLength of the SDU 11 bitsLength of the SDU 11 bitsbullbullfragmentation control (FC) 2 bitsfragmentation control (FC) 2 bitsbullbullfragmentation sequence number (FS) 3 bitsfragmentation sequence number (FS) 3 bits
Packing with FragmentationPacking with Fragmentation
Downlink transmissionsDownlink transmissionsbullbull Two kinds of bursts TDM and TDMATwo kinds of bursts TDM and TDMA
bullbull All bursts are identified by a DIUCAll bursts are identified by a DIUC
ndashndash DownlinkDownlink Interval Usage Code Interval Usage Code
bullbull TDMA bursts haveTDMA bursts have resync resync preamble preamblendashndash allows for more flexible schedulingallows for more flexible scheduling
bullbull Each terminal listens to all bursts at its operationalEach terminal listens to all bursts at its operationalIUC or at a more robust one except when told toIUC or at a more robust one except when told totransmittransmit
bullbull Each burst may contain data for several terminalsEach burst may contain data for several terminals
bullbull SS must recognize the SS must recognize the PDUsPDUs with known CIDs with known CIDs
bullbull DL-MAP message signals downlink usageDL-MAP message signals downlink usage
Downlink Channel DescriptorDownlink Channel Descriptor
bullbull Used for advertising downlink burst profilesUsed for advertising downlink burst profiles
bullbull Burst profile of DL broadcast channel is well-Burst profile of DL broadcast channel is well-knownknown
bullbull All others are acquiredAll others are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the flywithout interrupting the servicewithout interrupting the servicendashndash Not intended as super-adaptive modulationNot intended as super-adaptive modulation
bullbull Establishes association between DIUC andEstablishes association between DIUC andactual PHY parametersactual PHY parameters
Burst profilesBurst profilesbullbull Each burst profile hasEach burst profile has
mandatory exit thresholdmandatory exit thresholdand minimum entryand minimum entrythresholdthreshold
bullbull SS allowed to request a lessSS allowed to request a lessrobust DIUC once above therobust DIUC once above theminimum entry levelminimum entry level
bullbull SS must request fall back toSS must request fall back tomore robust DIUC once atmore robust DIUC once atmandatory exit thresholdmandatory exit threshold
bullbull Requests to change DIUCRequests to change DIUCdone with DBPC-REQ ordone with DBPC-REQ orRNG-REQ messagesRNG-REQ messages
Downlink Map MessageDownlink Map Message
bullbull DL-MAP message defines usage ofDL-MAP message defines usage ofdownlink and contains carrier-specific datadownlink and contains carrier-specific data
bullbull DL-MAP is first message in each frameDL-MAP is first message in each frame
bullbull Decoding very time-criticalDecoding very time-criticalndashndash typically done in hardwaretypically done in hardware
bullbull Entries denote instants when the burstEntries denote instants when the burstprofile changesprofile changes
Uplink TransmissionsUplink Transmissionsbullbull Invited transmissionsInvited transmissions
bullbull Transmissions in contention slotsTransmissions in contention slotsndashndash Bandwidth requestsBandwidth requests
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Transmissions in initial ranging slotsTransmissions in initial ranging slotsndashndash Ranging Requests (RNG-REQ)Ranging Requests (RNG-REQ)
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Bursts defined by Bursts defined by UIUCsUIUCs
bullbull Transmissions allocated by the UL-MAP messageTransmissions allocated by the UL-MAP message
bullbull All transmissions have synchronization preambleAll transmissions have synchronization preamble
bullbull Ideally all data from a single SS is concatenated intoIdeally all data from a single SS is concatenated intoa single PHY bursta single PHY burst
Uplink Channel DescriptorUplink Channel Descriptor
bullbull Defines uplink burst profilesDefines uplink burst profiles
bullbull Sent regularlySent regularly
bullbull All Uplink Burst profiles are acquiredAll Uplink Burst profiles are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the fly
bullbull Establishes association between UIUCEstablishes association between UIUCand actual PHY parametersand actual PHY parameters
Uplink MAP MessageUplink MAP Message
bullbull UL-MAP message defines usage of the uplinkUL-MAP message defines usage of the uplink
bullbull Contains the grantsContains the grants
bullbull Grants addressed to the SSGrants addressed to the SS
bullbull Time given in mini-slotsTime given in mini-slotsndashndash unit ofunit of uplink uplink bandwidth allocation bandwidth allocation
ndashndash 22mm physical slots physical slotsbullbull in 10-66in 10-66 GHz GHz PHY physical slot is 4 symbols PHY physical slot is 4 symbols
bullbull TTime expressed as arrival time at BSime expressed as arrival time at BS
Classes of Uplink ServiceClasses of Uplink ServiceCharacteristic of the Service FlowCharacteristic of the Service Flow
bullbull Unsolicited Grant Services (UGS)Unsolicited Grant Services (UGS)ndashndash for constant bit-rate (CBR) or CBR-like servicefor constant bit-rate (CBR) or CBR-like service
flows (flows (SFsSFs) such as T1E1) such as T1E1
bullbull Real-time Polling Services (Real-time Polling Services (rtPSrtPS))ndashndash for for rtrt-VBR-like -VBR-like SFsSFs such as MPEG video such as MPEG video
bullbull Non-real-time Polling Services (Non-real-time Polling Services (nrtPSnrtPS))ndashndash for for nrtnrt SFsSFs with better than best effort service with better than best effort service
such as bandwidth-intensive file transfersuch as bandwidth-intensive file transfer
bullbull Best Effort (BE)Best Effort (BE)ndashndash for best-effort trafficfor best-effort traffic
Uplink Services - UGSUplink Services - UGS
bullbull No explicit bandwidth requests issued by SSNo explicit bandwidth requests issued by SS
bullbull Prohibited from using any contention requestsProhibited from using any contention requests
bullbull No No unicast unicast request opportunity providedrequest opportunity provided
bullbull May include a Grant Management (GM) sub-May include a Grant Management (GM) sub-header containingheader containingndashndash Slip indicator indicates that there is an backlog inSlip indicator indicates that there is an backlog in
the buffer due to clock skew or loss of mapsthe buffer due to clock skew or loss of maps
ndashndash Poll-me bit indicates that the terminal needs to bePoll-me bit indicates that the terminal needs to bepolled (allows for not polling terminals with UGS-polled (allows for not polling terminals with UGS-only services)only services)
Uplink Services - Uplink Services - rtPSrtPS
bullbull Intended for Intended for rtrt-VBR-like service flows such as-VBR-like service flows such asMPEG videoMPEG video
bullbull Prohibited from using any contention requestsProhibited from using any contention requestsbullbull Terminals polled frequently enough to meetTerminals polled frequently enough to meet
the delay requirements of the the delay requirements of the SFsSFsbullbull Bandwidth requested with BW requestBandwidth requested with BW request
messages (a special MAC PDU header)messages (a special MAC PDU header)bullbull May use Grant Management sub-headerMay use Grant Management sub-header
ndashndash new request can be piggybacked with eachnew request can be piggybacked with eachtransmitted PDUtransmitted PDU
Uplink Service - Uplink Service - nrtPSnrtPS
bullbull Intended for non-real-time service flows withIntended for non-real-time service flows withbetter than best effort servicebetter than best effort servicendashndash eg bandwidth-intensive file transfer eg bandwidth-intensive file transfer
bullbull Works like Works like rtrt-polling except that polls are-polling except that polls areissued less frequentlyissued less frequently
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
Uplink Service - BEUplink Service - BE
bullbull Generic dataGeneric datandashndash eg HTTP SMTP etceg HTTP SMTP etc
bullbull No QoS guaranteesNo QoS guarantees
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
RequestGrant SchemeRequestGrant Scheme
bullbull Self CorrectingSelf Correctingndashndash No acknowledgementNo acknowledgement
ndashndash All errors are handled in the same way ieAll errors are handled in the same way ieperiodical aggregate requestsperiodical aggregate requests
bullbull Bandwidth Requests are always per ConnectionBandwidth Requests are always per Connection
bullbull Grants are either per Connection (GPC) or perGrants are either per Connection (GPC) or perSubscriber Station (GPSS)Subscriber Station (GPSS)
ndashndash Grants (given as Grants (given as durationsdurations) are carried in the) are carried in theUL-MAP messagesUL-MAP messages
ndashndash SS needs to convert the time to amount of dataSS needs to convert the time to amount of datausing information about the UIUCusing information about the UIUC
GPSS vs GPCGPSS vs GPCbullbull Bandwidth Grant per Subscriber Station (GPSS)Bandwidth Grant per Subscriber Station (GPSS)
ndashndash Base station grants bandwidth to the subscriber stationBase station grants bandwidth to the subscriber stationndashndash Subscriber station may re-distribute bandwidth among itsSubscriber station may re-distribute bandwidth among its
connections maintaining QoS and service-levelconnections maintaining QoS and service-levelagreementsagreements
ndashndash Suitable for many connections per terminal off-loadingSuitable for many connections per terminal off-loadingbase stationrsquos workbase stationrsquos work
ndashndash Allows more sophisticated reaction to QoS needsAllows more sophisticated reaction to QoS needsndashndash Low overhead but requires intelligent subscriber stationLow overhead but requires intelligent subscriber stationndashndash Mandatory for P80216 10-66 GHz PHYMandatory for P80216 10-66 GHz PHY
bullbull Bandwidth Grant per Connection (GPC)Bandwidth Grant per Connection (GPC)ndashndash Base station grants bandwidth to a connectionBase station grants bandwidth to a connectionndashndash Mostly suitable for few users per subscriber stationMostly suitable for few users per subscriber stationndashndash Higher overhead but allows simpler subscriber stationHigher overhead but allows simpler subscriber station
Bandwidth RequestsBandwidth Requestsbullbull Come from the Come from the ConnectionConnection
bullbull Several kinds of requestsSeveral kinds of requestsndashndash Implicit requests (UGS)Implicit requests (UGS)
bullbull No actual messages negotiated at connection setupNo actual messages negotiated at connection setup
ndashndash BW request messagesBW request messagesbullbull Uses the special BW request headerUses the special BW request header
bullbull Requests up to 32 KB with a single messageRequests up to 32 KB with a single message
bullbull Incremental or aggregate as indicated by MAC headerIncremental or aggregate as indicated by MAC header
ndashndash Piggybacked request (for non-UGS services only)Piggybacked request (for non-UGS services only)bullbull Presented in GM sub-header and always incrementalPresented in GM sub-header and always incremental
bullbull Up to 32 KB per request for the CIDUp to 32 KB per request for the CID
ndashndash Poll-Me bit (for UGS services only)Poll-Me bit (for UGS services only)bullbull Used by the SS to request a bandwidth poll for non-UGS servicesUsed by the SS to request a bandwidth poll for non-UGS services
BW Request MessageBW Request Message
Maintaining QoS in GPSSMaintaining QoS in GPSSbullbull Semi-distributed approachSemi-distributed approachbullbull BS sees the requests for each connectionBS sees the requests for each connection
based on this grants bandwidth (BW) to thebased on this grants bandwidth (BW) to theSSsSSs (maintaining QoS and fairness) (maintaining QoS and fairness)
bullbull SS scheduler maintains QoS among itsSS scheduler maintains QoS among itsconnections and is responsible to share theconnections and is responsible to share theBW among the connections (maintaining QoSBW among the connections (maintaining QoSand fairness)and fairness)
bullbull Algorithm in BS and SS can be very differentAlgorithm in BS and SS can be very differentSS may use BW in a way unforeseen by theSS may use BW in a way unforeseen by theBSBS
SS initializationSS initializationbullbull Scan forScan for downlink downlink channel and establish channel and establish
synchronization with the BSsynchronization with the BS
bullbull Obtain transmit parameters (from UCD message)Obtain transmit parameters (from UCD message)
bullbull Perform rangingPerform ranging
bullbull Negotiate basic capabilitiesNegotiate basic capabilities
bullbull Authorize SS and perform key exchangeAuthorize SS and perform key exchange
bullbull Perform registrationPerform registration
bullbull Establish IP connectivityEstablish IP connectivity
bullbull Establish time of dayEstablish time of day
bullbull Transfer operational parametersTransfer operational parameters
bullbull Set up connectionsSet up connections
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
FragmentationFragmentationbullbull Partitioning a MAC SDU into fragments transportedPartitioning a MAC SDU into fragments transported
in multiple MACin multiple MAC PDUs PDUs
bullbull Each connection can be in only a singleEach connection can be in only a singlefragmentation state at any timefragmentation state at any time
bullbull Contents of the fragmentation sub-headerContents of the fragmentation sub-header
ndashndash 2-bit Fragmentation Control (FC)2-bit Fragmentation Control (FC)bullbull UnfragmentedUnfragmented Last fragment First fragment Last fragment First fragment
Continuing fragmentContinuing fragment
ndashndash 3-bit Fragmentation Sequence Number (FSN)3-bit Fragmentation Sequence Number (FSN)bullbull required to detect missing continuing fragmentsrequired to detect missing continuing fragments
bullbull continuous counter across continuous counter across SDUsSDUs
PackingPacking
bullbull The process of combining multiple MACThe process of combining multiple MAC SDUs SDUs(or fragments thereof) into a single MAC PDU(or fragments thereof) into a single MAC PDU
bullbull On connections with variable length MAC On connections with variable length MAC SDUsSDUsndashndash Packed PDU contains a sub-header for each packedPacked PDU contains a sub-header for each packed
SDU (or fragment thereof)SDU (or fragment thereof)
bullbull On connections with fixed length MAC On connections with fixed length MAC SDUsSDUsndashndash No packing sub-header neededNo packing sub-header needed
bullbull Packing and fragmentation can be combinedPacking and fragmentation can be combined
bullbull Can in certain situations save up to 10 ofCan in certain situations save up to 10 ofsystem bandwidthsystem bandwidth
Packing Fixed-Length Packing Fixed-Length SDUsSDUs
Packing Variable-Length Packing Variable-Length SDUsSDUs
bullbull2 Byte Packing Sub-Header before each SDU2 Byte Packing Sub-Header before each SDUbullbullLength of the SDU 11 bitsLength of the SDU 11 bitsbullbullfragmentation control (FC) 2 bitsfragmentation control (FC) 2 bitsbullbullfragmentation sequence number (FS) 3 bitsfragmentation sequence number (FS) 3 bits
Packing with FragmentationPacking with Fragmentation
Downlink transmissionsDownlink transmissionsbullbull Two kinds of bursts TDM and TDMATwo kinds of bursts TDM and TDMA
bullbull All bursts are identified by a DIUCAll bursts are identified by a DIUC
ndashndash DownlinkDownlink Interval Usage Code Interval Usage Code
bullbull TDMA bursts haveTDMA bursts have resync resync preamble preamblendashndash allows for more flexible schedulingallows for more flexible scheduling
bullbull Each terminal listens to all bursts at its operationalEach terminal listens to all bursts at its operationalIUC or at a more robust one except when told toIUC or at a more robust one except when told totransmittransmit
bullbull Each burst may contain data for several terminalsEach burst may contain data for several terminals
bullbull SS must recognize the SS must recognize the PDUsPDUs with known CIDs with known CIDs
bullbull DL-MAP message signals downlink usageDL-MAP message signals downlink usage
Downlink Channel DescriptorDownlink Channel Descriptor
bullbull Used for advertising downlink burst profilesUsed for advertising downlink burst profiles
bullbull Burst profile of DL broadcast channel is well-Burst profile of DL broadcast channel is well-knownknown
bullbull All others are acquiredAll others are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the flywithout interrupting the servicewithout interrupting the servicendashndash Not intended as super-adaptive modulationNot intended as super-adaptive modulation
bullbull Establishes association between DIUC andEstablishes association between DIUC andactual PHY parametersactual PHY parameters
Burst profilesBurst profilesbullbull Each burst profile hasEach burst profile has
mandatory exit thresholdmandatory exit thresholdand minimum entryand minimum entrythresholdthreshold
bullbull SS allowed to request a lessSS allowed to request a lessrobust DIUC once above therobust DIUC once above theminimum entry levelminimum entry level
bullbull SS must request fall back toSS must request fall back tomore robust DIUC once atmore robust DIUC once atmandatory exit thresholdmandatory exit threshold
bullbull Requests to change DIUCRequests to change DIUCdone with DBPC-REQ ordone with DBPC-REQ orRNG-REQ messagesRNG-REQ messages
Downlink Map MessageDownlink Map Message
bullbull DL-MAP message defines usage ofDL-MAP message defines usage ofdownlink and contains carrier-specific datadownlink and contains carrier-specific data
bullbull DL-MAP is first message in each frameDL-MAP is first message in each frame
bullbull Decoding very time-criticalDecoding very time-criticalndashndash typically done in hardwaretypically done in hardware
bullbull Entries denote instants when the burstEntries denote instants when the burstprofile changesprofile changes
Uplink TransmissionsUplink Transmissionsbullbull Invited transmissionsInvited transmissions
bullbull Transmissions in contention slotsTransmissions in contention slotsndashndash Bandwidth requestsBandwidth requests
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Transmissions in initial ranging slotsTransmissions in initial ranging slotsndashndash Ranging Requests (RNG-REQ)Ranging Requests (RNG-REQ)
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Bursts defined by Bursts defined by UIUCsUIUCs
bullbull Transmissions allocated by the UL-MAP messageTransmissions allocated by the UL-MAP message
bullbull All transmissions have synchronization preambleAll transmissions have synchronization preamble
bullbull Ideally all data from a single SS is concatenated intoIdeally all data from a single SS is concatenated intoa single PHY bursta single PHY burst
Uplink Channel DescriptorUplink Channel Descriptor
bullbull Defines uplink burst profilesDefines uplink burst profiles
bullbull Sent regularlySent regularly
bullbull All Uplink Burst profiles are acquiredAll Uplink Burst profiles are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the fly
bullbull Establishes association between UIUCEstablishes association between UIUCand actual PHY parametersand actual PHY parameters
Uplink MAP MessageUplink MAP Message
bullbull UL-MAP message defines usage of the uplinkUL-MAP message defines usage of the uplink
bullbull Contains the grantsContains the grants
bullbull Grants addressed to the SSGrants addressed to the SS
bullbull Time given in mini-slotsTime given in mini-slotsndashndash unit ofunit of uplink uplink bandwidth allocation bandwidth allocation
ndashndash 22mm physical slots physical slotsbullbull in 10-66in 10-66 GHz GHz PHY physical slot is 4 symbols PHY physical slot is 4 symbols
bullbull TTime expressed as arrival time at BSime expressed as arrival time at BS
Classes of Uplink ServiceClasses of Uplink ServiceCharacteristic of the Service FlowCharacteristic of the Service Flow
bullbull Unsolicited Grant Services (UGS)Unsolicited Grant Services (UGS)ndashndash for constant bit-rate (CBR) or CBR-like servicefor constant bit-rate (CBR) or CBR-like service
flows (flows (SFsSFs) such as T1E1) such as T1E1
bullbull Real-time Polling Services (Real-time Polling Services (rtPSrtPS))ndashndash for for rtrt-VBR-like -VBR-like SFsSFs such as MPEG video such as MPEG video
bullbull Non-real-time Polling Services (Non-real-time Polling Services (nrtPSnrtPS))ndashndash for for nrtnrt SFsSFs with better than best effort service with better than best effort service
such as bandwidth-intensive file transfersuch as bandwidth-intensive file transfer
bullbull Best Effort (BE)Best Effort (BE)ndashndash for best-effort trafficfor best-effort traffic
Uplink Services - UGSUplink Services - UGS
bullbull No explicit bandwidth requests issued by SSNo explicit bandwidth requests issued by SS
bullbull Prohibited from using any contention requestsProhibited from using any contention requests
bullbull No No unicast unicast request opportunity providedrequest opportunity provided
bullbull May include a Grant Management (GM) sub-May include a Grant Management (GM) sub-header containingheader containingndashndash Slip indicator indicates that there is an backlog inSlip indicator indicates that there is an backlog in
the buffer due to clock skew or loss of mapsthe buffer due to clock skew or loss of maps
ndashndash Poll-me bit indicates that the terminal needs to bePoll-me bit indicates that the terminal needs to bepolled (allows for not polling terminals with UGS-polled (allows for not polling terminals with UGS-only services)only services)
Uplink Services - Uplink Services - rtPSrtPS
bullbull Intended for Intended for rtrt-VBR-like service flows such as-VBR-like service flows such asMPEG videoMPEG video
bullbull Prohibited from using any contention requestsProhibited from using any contention requestsbullbull Terminals polled frequently enough to meetTerminals polled frequently enough to meet
the delay requirements of the the delay requirements of the SFsSFsbullbull Bandwidth requested with BW requestBandwidth requested with BW request
messages (a special MAC PDU header)messages (a special MAC PDU header)bullbull May use Grant Management sub-headerMay use Grant Management sub-header
ndashndash new request can be piggybacked with eachnew request can be piggybacked with eachtransmitted PDUtransmitted PDU
Uplink Service - Uplink Service - nrtPSnrtPS
bullbull Intended for non-real-time service flows withIntended for non-real-time service flows withbetter than best effort servicebetter than best effort servicendashndash eg bandwidth-intensive file transfer eg bandwidth-intensive file transfer
bullbull Works like Works like rtrt-polling except that polls are-polling except that polls areissued less frequentlyissued less frequently
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
Uplink Service - BEUplink Service - BE
bullbull Generic dataGeneric datandashndash eg HTTP SMTP etceg HTTP SMTP etc
bullbull No QoS guaranteesNo QoS guarantees
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
RequestGrant SchemeRequestGrant Scheme
bullbull Self CorrectingSelf Correctingndashndash No acknowledgementNo acknowledgement
ndashndash All errors are handled in the same way ieAll errors are handled in the same way ieperiodical aggregate requestsperiodical aggregate requests
bullbull Bandwidth Requests are always per ConnectionBandwidth Requests are always per Connection
bullbull Grants are either per Connection (GPC) or perGrants are either per Connection (GPC) or perSubscriber Station (GPSS)Subscriber Station (GPSS)
ndashndash Grants (given as Grants (given as durationsdurations) are carried in the) are carried in theUL-MAP messagesUL-MAP messages
ndashndash SS needs to convert the time to amount of dataSS needs to convert the time to amount of datausing information about the UIUCusing information about the UIUC
GPSS vs GPCGPSS vs GPCbullbull Bandwidth Grant per Subscriber Station (GPSS)Bandwidth Grant per Subscriber Station (GPSS)
ndashndash Base station grants bandwidth to the subscriber stationBase station grants bandwidth to the subscriber stationndashndash Subscriber station may re-distribute bandwidth among itsSubscriber station may re-distribute bandwidth among its
connections maintaining QoS and service-levelconnections maintaining QoS and service-levelagreementsagreements
ndashndash Suitable for many connections per terminal off-loadingSuitable for many connections per terminal off-loadingbase stationrsquos workbase stationrsquos work
ndashndash Allows more sophisticated reaction to QoS needsAllows more sophisticated reaction to QoS needsndashndash Low overhead but requires intelligent subscriber stationLow overhead but requires intelligent subscriber stationndashndash Mandatory for P80216 10-66 GHz PHYMandatory for P80216 10-66 GHz PHY
bullbull Bandwidth Grant per Connection (GPC)Bandwidth Grant per Connection (GPC)ndashndash Base station grants bandwidth to a connectionBase station grants bandwidth to a connectionndashndash Mostly suitable for few users per subscriber stationMostly suitable for few users per subscriber stationndashndash Higher overhead but allows simpler subscriber stationHigher overhead but allows simpler subscriber station
Bandwidth RequestsBandwidth Requestsbullbull Come from the Come from the ConnectionConnection
bullbull Several kinds of requestsSeveral kinds of requestsndashndash Implicit requests (UGS)Implicit requests (UGS)
bullbull No actual messages negotiated at connection setupNo actual messages negotiated at connection setup
ndashndash BW request messagesBW request messagesbullbull Uses the special BW request headerUses the special BW request header
bullbull Requests up to 32 KB with a single messageRequests up to 32 KB with a single message
bullbull Incremental or aggregate as indicated by MAC headerIncremental or aggregate as indicated by MAC header
ndashndash Piggybacked request (for non-UGS services only)Piggybacked request (for non-UGS services only)bullbull Presented in GM sub-header and always incrementalPresented in GM sub-header and always incremental
bullbull Up to 32 KB per request for the CIDUp to 32 KB per request for the CID
ndashndash Poll-Me bit (for UGS services only)Poll-Me bit (for UGS services only)bullbull Used by the SS to request a bandwidth poll for non-UGS servicesUsed by the SS to request a bandwidth poll for non-UGS services
BW Request MessageBW Request Message
Maintaining QoS in GPSSMaintaining QoS in GPSSbullbull Semi-distributed approachSemi-distributed approachbullbull BS sees the requests for each connectionBS sees the requests for each connection
based on this grants bandwidth (BW) to thebased on this grants bandwidth (BW) to theSSsSSs (maintaining QoS and fairness) (maintaining QoS and fairness)
bullbull SS scheduler maintains QoS among itsSS scheduler maintains QoS among itsconnections and is responsible to share theconnections and is responsible to share theBW among the connections (maintaining QoSBW among the connections (maintaining QoSand fairness)and fairness)
bullbull Algorithm in BS and SS can be very differentAlgorithm in BS and SS can be very differentSS may use BW in a way unforeseen by theSS may use BW in a way unforeseen by theBSBS
SS initializationSS initializationbullbull Scan forScan for downlink downlink channel and establish channel and establish
synchronization with the BSsynchronization with the BS
bullbull Obtain transmit parameters (from UCD message)Obtain transmit parameters (from UCD message)
bullbull Perform rangingPerform ranging
bullbull Negotiate basic capabilitiesNegotiate basic capabilities
bullbull Authorize SS and perform key exchangeAuthorize SS and perform key exchange
bullbull Perform registrationPerform registration
bullbull Establish IP connectivityEstablish IP connectivity
bullbull Establish time of dayEstablish time of day
bullbull Transfer operational parametersTransfer operational parameters
bullbull Set up connectionsSet up connections
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
PackingPacking
bullbull The process of combining multiple MACThe process of combining multiple MAC SDUs SDUs(or fragments thereof) into a single MAC PDU(or fragments thereof) into a single MAC PDU
bullbull On connections with variable length MAC On connections with variable length MAC SDUsSDUsndashndash Packed PDU contains a sub-header for each packedPacked PDU contains a sub-header for each packed
SDU (or fragment thereof)SDU (or fragment thereof)
bullbull On connections with fixed length MAC On connections with fixed length MAC SDUsSDUsndashndash No packing sub-header neededNo packing sub-header needed
bullbull Packing and fragmentation can be combinedPacking and fragmentation can be combined
bullbull Can in certain situations save up to 10 ofCan in certain situations save up to 10 ofsystem bandwidthsystem bandwidth
Packing Fixed-Length Packing Fixed-Length SDUsSDUs
Packing Variable-Length Packing Variable-Length SDUsSDUs
bullbull2 Byte Packing Sub-Header before each SDU2 Byte Packing Sub-Header before each SDUbullbullLength of the SDU 11 bitsLength of the SDU 11 bitsbullbullfragmentation control (FC) 2 bitsfragmentation control (FC) 2 bitsbullbullfragmentation sequence number (FS) 3 bitsfragmentation sequence number (FS) 3 bits
Packing with FragmentationPacking with Fragmentation
Downlink transmissionsDownlink transmissionsbullbull Two kinds of bursts TDM and TDMATwo kinds of bursts TDM and TDMA
bullbull All bursts are identified by a DIUCAll bursts are identified by a DIUC
ndashndash DownlinkDownlink Interval Usage Code Interval Usage Code
bullbull TDMA bursts haveTDMA bursts have resync resync preamble preamblendashndash allows for more flexible schedulingallows for more flexible scheduling
bullbull Each terminal listens to all bursts at its operationalEach terminal listens to all bursts at its operationalIUC or at a more robust one except when told toIUC or at a more robust one except when told totransmittransmit
bullbull Each burst may contain data for several terminalsEach burst may contain data for several terminals
bullbull SS must recognize the SS must recognize the PDUsPDUs with known CIDs with known CIDs
bullbull DL-MAP message signals downlink usageDL-MAP message signals downlink usage
Downlink Channel DescriptorDownlink Channel Descriptor
bullbull Used for advertising downlink burst profilesUsed for advertising downlink burst profiles
bullbull Burst profile of DL broadcast channel is well-Burst profile of DL broadcast channel is well-knownknown
bullbull All others are acquiredAll others are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the flywithout interrupting the servicewithout interrupting the servicendashndash Not intended as super-adaptive modulationNot intended as super-adaptive modulation
bullbull Establishes association between DIUC andEstablishes association between DIUC andactual PHY parametersactual PHY parameters
Burst profilesBurst profilesbullbull Each burst profile hasEach burst profile has
mandatory exit thresholdmandatory exit thresholdand minimum entryand minimum entrythresholdthreshold
bullbull SS allowed to request a lessSS allowed to request a lessrobust DIUC once above therobust DIUC once above theminimum entry levelminimum entry level
bullbull SS must request fall back toSS must request fall back tomore robust DIUC once atmore robust DIUC once atmandatory exit thresholdmandatory exit threshold
bullbull Requests to change DIUCRequests to change DIUCdone with DBPC-REQ ordone with DBPC-REQ orRNG-REQ messagesRNG-REQ messages
Downlink Map MessageDownlink Map Message
bullbull DL-MAP message defines usage ofDL-MAP message defines usage ofdownlink and contains carrier-specific datadownlink and contains carrier-specific data
bullbull DL-MAP is first message in each frameDL-MAP is first message in each frame
bullbull Decoding very time-criticalDecoding very time-criticalndashndash typically done in hardwaretypically done in hardware
bullbull Entries denote instants when the burstEntries denote instants when the burstprofile changesprofile changes
Uplink TransmissionsUplink Transmissionsbullbull Invited transmissionsInvited transmissions
bullbull Transmissions in contention slotsTransmissions in contention slotsndashndash Bandwidth requestsBandwidth requests
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Transmissions in initial ranging slotsTransmissions in initial ranging slotsndashndash Ranging Requests (RNG-REQ)Ranging Requests (RNG-REQ)
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Bursts defined by Bursts defined by UIUCsUIUCs
bullbull Transmissions allocated by the UL-MAP messageTransmissions allocated by the UL-MAP message
bullbull All transmissions have synchronization preambleAll transmissions have synchronization preamble
bullbull Ideally all data from a single SS is concatenated intoIdeally all data from a single SS is concatenated intoa single PHY bursta single PHY burst
Uplink Channel DescriptorUplink Channel Descriptor
bullbull Defines uplink burst profilesDefines uplink burst profiles
bullbull Sent regularlySent regularly
bullbull All Uplink Burst profiles are acquiredAll Uplink Burst profiles are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the fly
bullbull Establishes association between UIUCEstablishes association between UIUCand actual PHY parametersand actual PHY parameters
Uplink MAP MessageUplink MAP Message
bullbull UL-MAP message defines usage of the uplinkUL-MAP message defines usage of the uplink
bullbull Contains the grantsContains the grants
bullbull Grants addressed to the SSGrants addressed to the SS
bullbull Time given in mini-slotsTime given in mini-slotsndashndash unit ofunit of uplink uplink bandwidth allocation bandwidth allocation
ndashndash 22mm physical slots physical slotsbullbull in 10-66in 10-66 GHz GHz PHY physical slot is 4 symbols PHY physical slot is 4 symbols
bullbull TTime expressed as arrival time at BSime expressed as arrival time at BS
Classes of Uplink ServiceClasses of Uplink ServiceCharacteristic of the Service FlowCharacteristic of the Service Flow
bullbull Unsolicited Grant Services (UGS)Unsolicited Grant Services (UGS)ndashndash for constant bit-rate (CBR) or CBR-like servicefor constant bit-rate (CBR) or CBR-like service
flows (flows (SFsSFs) such as T1E1) such as T1E1
bullbull Real-time Polling Services (Real-time Polling Services (rtPSrtPS))ndashndash for for rtrt-VBR-like -VBR-like SFsSFs such as MPEG video such as MPEG video
bullbull Non-real-time Polling Services (Non-real-time Polling Services (nrtPSnrtPS))ndashndash for for nrtnrt SFsSFs with better than best effort service with better than best effort service
such as bandwidth-intensive file transfersuch as bandwidth-intensive file transfer
bullbull Best Effort (BE)Best Effort (BE)ndashndash for best-effort trafficfor best-effort traffic
Uplink Services - UGSUplink Services - UGS
bullbull No explicit bandwidth requests issued by SSNo explicit bandwidth requests issued by SS
bullbull Prohibited from using any contention requestsProhibited from using any contention requests
bullbull No No unicast unicast request opportunity providedrequest opportunity provided
bullbull May include a Grant Management (GM) sub-May include a Grant Management (GM) sub-header containingheader containingndashndash Slip indicator indicates that there is an backlog inSlip indicator indicates that there is an backlog in
the buffer due to clock skew or loss of mapsthe buffer due to clock skew or loss of maps
ndashndash Poll-me bit indicates that the terminal needs to bePoll-me bit indicates that the terminal needs to bepolled (allows for not polling terminals with UGS-polled (allows for not polling terminals with UGS-only services)only services)
Uplink Services - Uplink Services - rtPSrtPS
bullbull Intended for Intended for rtrt-VBR-like service flows such as-VBR-like service flows such asMPEG videoMPEG video
bullbull Prohibited from using any contention requestsProhibited from using any contention requestsbullbull Terminals polled frequently enough to meetTerminals polled frequently enough to meet
the delay requirements of the the delay requirements of the SFsSFsbullbull Bandwidth requested with BW requestBandwidth requested with BW request
messages (a special MAC PDU header)messages (a special MAC PDU header)bullbull May use Grant Management sub-headerMay use Grant Management sub-header
ndashndash new request can be piggybacked with eachnew request can be piggybacked with eachtransmitted PDUtransmitted PDU
Uplink Service - Uplink Service - nrtPSnrtPS
bullbull Intended for non-real-time service flows withIntended for non-real-time service flows withbetter than best effort servicebetter than best effort servicendashndash eg bandwidth-intensive file transfer eg bandwidth-intensive file transfer
bullbull Works like Works like rtrt-polling except that polls are-polling except that polls areissued less frequentlyissued less frequently
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
Uplink Service - BEUplink Service - BE
bullbull Generic dataGeneric datandashndash eg HTTP SMTP etceg HTTP SMTP etc
bullbull No QoS guaranteesNo QoS guarantees
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
RequestGrant SchemeRequestGrant Scheme
bullbull Self CorrectingSelf Correctingndashndash No acknowledgementNo acknowledgement
ndashndash All errors are handled in the same way ieAll errors are handled in the same way ieperiodical aggregate requestsperiodical aggregate requests
bullbull Bandwidth Requests are always per ConnectionBandwidth Requests are always per Connection
bullbull Grants are either per Connection (GPC) or perGrants are either per Connection (GPC) or perSubscriber Station (GPSS)Subscriber Station (GPSS)
ndashndash Grants (given as Grants (given as durationsdurations) are carried in the) are carried in theUL-MAP messagesUL-MAP messages
ndashndash SS needs to convert the time to amount of dataSS needs to convert the time to amount of datausing information about the UIUCusing information about the UIUC
GPSS vs GPCGPSS vs GPCbullbull Bandwidth Grant per Subscriber Station (GPSS)Bandwidth Grant per Subscriber Station (GPSS)
ndashndash Base station grants bandwidth to the subscriber stationBase station grants bandwidth to the subscriber stationndashndash Subscriber station may re-distribute bandwidth among itsSubscriber station may re-distribute bandwidth among its
connections maintaining QoS and service-levelconnections maintaining QoS and service-levelagreementsagreements
ndashndash Suitable for many connections per terminal off-loadingSuitable for many connections per terminal off-loadingbase stationrsquos workbase stationrsquos work
ndashndash Allows more sophisticated reaction to QoS needsAllows more sophisticated reaction to QoS needsndashndash Low overhead but requires intelligent subscriber stationLow overhead but requires intelligent subscriber stationndashndash Mandatory for P80216 10-66 GHz PHYMandatory for P80216 10-66 GHz PHY
bullbull Bandwidth Grant per Connection (GPC)Bandwidth Grant per Connection (GPC)ndashndash Base station grants bandwidth to a connectionBase station grants bandwidth to a connectionndashndash Mostly suitable for few users per subscriber stationMostly suitable for few users per subscriber stationndashndash Higher overhead but allows simpler subscriber stationHigher overhead but allows simpler subscriber station
Bandwidth RequestsBandwidth Requestsbullbull Come from the Come from the ConnectionConnection
bullbull Several kinds of requestsSeveral kinds of requestsndashndash Implicit requests (UGS)Implicit requests (UGS)
bullbull No actual messages negotiated at connection setupNo actual messages negotiated at connection setup
ndashndash BW request messagesBW request messagesbullbull Uses the special BW request headerUses the special BW request header
bullbull Requests up to 32 KB with a single messageRequests up to 32 KB with a single message
bullbull Incremental or aggregate as indicated by MAC headerIncremental or aggregate as indicated by MAC header
ndashndash Piggybacked request (for non-UGS services only)Piggybacked request (for non-UGS services only)bullbull Presented in GM sub-header and always incrementalPresented in GM sub-header and always incremental
bullbull Up to 32 KB per request for the CIDUp to 32 KB per request for the CID
ndashndash Poll-Me bit (for UGS services only)Poll-Me bit (for UGS services only)bullbull Used by the SS to request a bandwidth poll for non-UGS servicesUsed by the SS to request a bandwidth poll for non-UGS services
BW Request MessageBW Request Message
Maintaining QoS in GPSSMaintaining QoS in GPSSbullbull Semi-distributed approachSemi-distributed approachbullbull BS sees the requests for each connectionBS sees the requests for each connection
based on this grants bandwidth (BW) to thebased on this grants bandwidth (BW) to theSSsSSs (maintaining QoS and fairness) (maintaining QoS and fairness)
bullbull SS scheduler maintains QoS among itsSS scheduler maintains QoS among itsconnections and is responsible to share theconnections and is responsible to share theBW among the connections (maintaining QoSBW among the connections (maintaining QoSand fairness)and fairness)
bullbull Algorithm in BS and SS can be very differentAlgorithm in BS and SS can be very differentSS may use BW in a way unforeseen by theSS may use BW in a way unforeseen by theBSBS
SS initializationSS initializationbullbull Scan forScan for downlink downlink channel and establish channel and establish
synchronization with the BSsynchronization with the BS
bullbull Obtain transmit parameters (from UCD message)Obtain transmit parameters (from UCD message)
bullbull Perform rangingPerform ranging
bullbull Negotiate basic capabilitiesNegotiate basic capabilities
bullbull Authorize SS and perform key exchangeAuthorize SS and perform key exchange
bullbull Perform registrationPerform registration
bullbull Establish IP connectivityEstablish IP connectivity
bullbull Establish time of dayEstablish time of day
bullbull Transfer operational parametersTransfer operational parameters
bullbull Set up connectionsSet up connections
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
Packing Fixed-Length Packing Fixed-Length SDUsSDUs
Packing Variable-Length Packing Variable-Length SDUsSDUs
bullbull2 Byte Packing Sub-Header before each SDU2 Byte Packing Sub-Header before each SDUbullbullLength of the SDU 11 bitsLength of the SDU 11 bitsbullbullfragmentation control (FC) 2 bitsfragmentation control (FC) 2 bitsbullbullfragmentation sequence number (FS) 3 bitsfragmentation sequence number (FS) 3 bits
Packing with FragmentationPacking with Fragmentation
Downlink transmissionsDownlink transmissionsbullbull Two kinds of bursts TDM and TDMATwo kinds of bursts TDM and TDMA
bullbull All bursts are identified by a DIUCAll bursts are identified by a DIUC
ndashndash DownlinkDownlink Interval Usage Code Interval Usage Code
bullbull TDMA bursts haveTDMA bursts have resync resync preamble preamblendashndash allows for more flexible schedulingallows for more flexible scheduling
bullbull Each terminal listens to all bursts at its operationalEach terminal listens to all bursts at its operationalIUC or at a more robust one except when told toIUC or at a more robust one except when told totransmittransmit
bullbull Each burst may contain data for several terminalsEach burst may contain data for several terminals
bullbull SS must recognize the SS must recognize the PDUsPDUs with known CIDs with known CIDs
bullbull DL-MAP message signals downlink usageDL-MAP message signals downlink usage
Downlink Channel DescriptorDownlink Channel Descriptor
bullbull Used for advertising downlink burst profilesUsed for advertising downlink burst profiles
bullbull Burst profile of DL broadcast channel is well-Burst profile of DL broadcast channel is well-knownknown
bullbull All others are acquiredAll others are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the flywithout interrupting the servicewithout interrupting the servicendashndash Not intended as super-adaptive modulationNot intended as super-adaptive modulation
bullbull Establishes association between DIUC andEstablishes association between DIUC andactual PHY parametersactual PHY parameters
Burst profilesBurst profilesbullbull Each burst profile hasEach burst profile has
mandatory exit thresholdmandatory exit thresholdand minimum entryand minimum entrythresholdthreshold
bullbull SS allowed to request a lessSS allowed to request a lessrobust DIUC once above therobust DIUC once above theminimum entry levelminimum entry level
bullbull SS must request fall back toSS must request fall back tomore robust DIUC once atmore robust DIUC once atmandatory exit thresholdmandatory exit threshold
bullbull Requests to change DIUCRequests to change DIUCdone with DBPC-REQ ordone with DBPC-REQ orRNG-REQ messagesRNG-REQ messages
Downlink Map MessageDownlink Map Message
bullbull DL-MAP message defines usage ofDL-MAP message defines usage ofdownlink and contains carrier-specific datadownlink and contains carrier-specific data
bullbull DL-MAP is first message in each frameDL-MAP is first message in each frame
bullbull Decoding very time-criticalDecoding very time-criticalndashndash typically done in hardwaretypically done in hardware
bullbull Entries denote instants when the burstEntries denote instants when the burstprofile changesprofile changes
Uplink TransmissionsUplink Transmissionsbullbull Invited transmissionsInvited transmissions
bullbull Transmissions in contention slotsTransmissions in contention slotsndashndash Bandwidth requestsBandwidth requests
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Transmissions in initial ranging slotsTransmissions in initial ranging slotsndashndash Ranging Requests (RNG-REQ)Ranging Requests (RNG-REQ)
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Bursts defined by Bursts defined by UIUCsUIUCs
bullbull Transmissions allocated by the UL-MAP messageTransmissions allocated by the UL-MAP message
bullbull All transmissions have synchronization preambleAll transmissions have synchronization preamble
bullbull Ideally all data from a single SS is concatenated intoIdeally all data from a single SS is concatenated intoa single PHY bursta single PHY burst
Uplink Channel DescriptorUplink Channel Descriptor
bullbull Defines uplink burst profilesDefines uplink burst profiles
bullbull Sent regularlySent regularly
bullbull All Uplink Burst profiles are acquiredAll Uplink Burst profiles are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the fly
bullbull Establishes association between UIUCEstablishes association between UIUCand actual PHY parametersand actual PHY parameters
Uplink MAP MessageUplink MAP Message
bullbull UL-MAP message defines usage of the uplinkUL-MAP message defines usage of the uplink
bullbull Contains the grantsContains the grants
bullbull Grants addressed to the SSGrants addressed to the SS
bullbull Time given in mini-slotsTime given in mini-slotsndashndash unit ofunit of uplink uplink bandwidth allocation bandwidth allocation
ndashndash 22mm physical slots physical slotsbullbull in 10-66in 10-66 GHz GHz PHY physical slot is 4 symbols PHY physical slot is 4 symbols
bullbull TTime expressed as arrival time at BSime expressed as arrival time at BS
Classes of Uplink ServiceClasses of Uplink ServiceCharacteristic of the Service FlowCharacteristic of the Service Flow
bullbull Unsolicited Grant Services (UGS)Unsolicited Grant Services (UGS)ndashndash for constant bit-rate (CBR) or CBR-like servicefor constant bit-rate (CBR) or CBR-like service
flows (flows (SFsSFs) such as T1E1) such as T1E1
bullbull Real-time Polling Services (Real-time Polling Services (rtPSrtPS))ndashndash for for rtrt-VBR-like -VBR-like SFsSFs such as MPEG video such as MPEG video
bullbull Non-real-time Polling Services (Non-real-time Polling Services (nrtPSnrtPS))ndashndash for for nrtnrt SFsSFs with better than best effort service with better than best effort service
such as bandwidth-intensive file transfersuch as bandwidth-intensive file transfer
bullbull Best Effort (BE)Best Effort (BE)ndashndash for best-effort trafficfor best-effort traffic
Uplink Services - UGSUplink Services - UGS
bullbull No explicit bandwidth requests issued by SSNo explicit bandwidth requests issued by SS
bullbull Prohibited from using any contention requestsProhibited from using any contention requests
bullbull No No unicast unicast request opportunity providedrequest opportunity provided
bullbull May include a Grant Management (GM) sub-May include a Grant Management (GM) sub-header containingheader containingndashndash Slip indicator indicates that there is an backlog inSlip indicator indicates that there is an backlog in
the buffer due to clock skew or loss of mapsthe buffer due to clock skew or loss of maps
ndashndash Poll-me bit indicates that the terminal needs to bePoll-me bit indicates that the terminal needs to bepolled (allows for not polling terminals with UGS-polled (allows for not polling terminals with UGS-only services)only services)
Uplink Services - Uplink Services - rtPSrtPS
bullbull Intended for Intended for rtrt-VBR-like service flows such as-VBR-like service flows such asMPEG videoMPEG video
bullbull Prohibited from using any contention requestsProhibited from using any contention requestsbullbull Terminals polled frequently enough to meetTerminals polled frequently enough to meet
the delay requirements of the the delay requirements of the SFsSFsbullbull Bandwidth requested with BW requestBandwidth requested with BW request
messages (a special MAC PDU header)messages (a special MAC PDU header)bullbull May use Grant Management sub-headerMay use Grant Management sub-header
ndashndash new request can be piggybacked with eachnew request can be piggybacked with eachtransmitted PDUtransmitted PDU
Uplink Service - Uplink Service - nrtPSnrtPS
bullbull Intended for non-real-time service flows withIntended for non-real-time service flows withbetter than best effort servicebetter than best effort servicendashndash eg bandwidth-intensive file transfer eg bandwidth-intensive file transfer
bullbull Works like Works like rtrt-polling except that polls are-polling except that polls areissued less frequentlyissued less frequently
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
Uplink Service - BEUplink Service - BE
bullbull Generic dataGeneric datandashndash eg HTTP SMTP etceg HTTP SMTP etc
bullbull No QoS guaranteesNo QoS guarantees
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
RequestGrant SchemeRequestGrant Scheme
bullbull Self CorrectingSelf Correctingndashndash No acknowledgementNo acknowledgement
ndashndash All errors are handled in the same way ieAll errors are handled in the same way ieperiodical aggregate requestsperiodical aggregate requests
bullbull Bandwidth Requests are always per ConnectionBandwidth Requests are always per Connection
bullbull Grants are either per Connection (GPC) or perGrants are either per Connection (GPC) or perSubscriber Station (GPSS)Subscriber Station (GPSS)
ndashndash Grants (given as Grants (given as durationsdurations) are carried in the) are carried in theUL-MAP messagesUL-MAP messages
ndashndash SS needs to convert the time to amount of dataSS needs to convert the time to amount of datausing information about the UIUCusing information about the UIUC
GPSS vs GPCGPSS vs GPCbullbull Bandwidth Grant per Subscriber Station (GPSS)Bandwidth Grant per Subscriber Station (GPSS)
ndashndash Base station grants bandwidth to the subscriber stationBase station grants bandwidth to the subscriber stationndashndash Subscriber station may re-distribute bandwidth among itsSubscriber station may re-distribute bandwidth among its
connections maintaining QoS and service-levelconnections maintaining QoS and service-levelagreementsagreements
ndashndash Suitable for many connections per terminal off-loadingSuitable for many connections per terminal off-loadingbase stationrsquos workbase stationrsquos work
ndashndash Allows more sophisticated reaction to QoS needsAllows more sophisticated reaction to QoS needsndashndash Low overhead but requires intelligent subscriber stationLow overhead but requires intelligent subscriber stationndashndash Mandatory for P80216 10-66 GHz PHYMandatory for P80216 10-66 GHz PHY
bullbull Bandwidth Grant per Connection (GPC)Bandwidth Grant per Connection (GPC)ndashndash Base station grants bandwidth to a connectionBase station grants bandwidth to a connectionndashndash Mostly suitable for few users per subscriber stationMostly suitable for few users per subscriber stationndashndash Higher overhead but allows simpler subscriber stationHigher overhead but allows simpler subscriber station
Bandwidth RequestsBandwidth Requestsbullbull Come from the Come from the ConnectionConnection
bullbull Several kinds of requestsSeveral kinds of requestsndashndash Implicit requests (UGS)Implicit requests (UGS)
bullbull No actual messages negotiated at connection setupNo actual messages negotiated at connection setup
ndashndash BW request messagesBW request messagesbullbull Uses the special BW request headerUses the special BW request header
bullbull Requests up to 32 KB with a single messageRequests up to 32 KB with a single message
bullbull Incremental or aggregate as indicated by MAC headerIncremental or aggregate as indicated by MAC header
ndashndash Piggybacked request (for non-UGS services only)Piggybacked request (for non-UGS services only)bullbull Presented in GM sub-header and always incrementalPresented in GM sub-header and always incremental
bullbull Up to 32 KB per request for the CIDUp to 32 KB per request for the CID
ndashndash Poll-Me bit (for UGS services only)Poll-Me bit (for UGS services only)bullbull Used by the SS to request a bandwidth poll for non-UGS servicesUsed by the SS to request a bandwidth poll for non-UGS services
BW Request MessageBW Request Message
Maintaining QoS in GPSSMaintaining QoS in GPSSbullbull Semi-distributed approachSemi-distributed approachbullbull BS sees the requests for each connectionBS sees the requests for each connection
based on this grants bandwidth (BW) to thebased on this grants bandwidth (BW) to theSSsSSs (maintaining QoS and fairness) (maintaining QoS and fairness)
bullbull SS scheduler maintains QoS among itsSS scheduler maintains QoS among itsconnections and is responsible to share theconnections and is responsible to share theBW among the connections (maintaining QoSBW among the connections (maintaining QoSand fairness)and fairness)
bullbull Algorithm in BS and SS can be very differentAlgorithm in BS and SS can be very differentSS may use BW in a way unforeseen by theSS may use BW in a way unforeseen by theBSBS
SS initializationSS initializationbullbull Scan forScan for downlink downlink channel and establish channel and establish
synchronization with the BSsynchronization with the BS
bullbull Obtain transmit parameters (from UCD message)Obtain transmit parameters (from UCD message)
bullbull Perform rangingPerform ranging
bullbull Negotiate basic capabilitiesNegotiate basic capabilities
bullbull Authorize SS and perform key exchangeAuthorize SS and perform key exchange
bullbull Perform registrationPerform registration
bullbull Establish IP connectivityEstablish IP connectivity
bullbull Establish time of dayEstablish time of day
bullbull Transfer operational parametersTransfer operational parameters
bullbull Set up connectionsSet up connections
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
Packing Variable-Length Packing Variable-Length SDUsSDUs
bullbull2 Byte Packing Sub-Header before each SDU2 Byte Packing Sub-Header before each SDUbullbullLength of the SDU 11 bitsLength of the SDU 11 bitsbullbullfragmentation control (FC) 2 bitsfragmentation control (FC) 2 bitsbullbullfragmentation sequence number (FS) 3 bitsfragmentation sequence number (FS) 3 bits
Packing with FragmentationPacking with Fragmentation
Downlink transmissionsDownlink transmissionsbullbull Two kinds of bursts TDM and TDMATwo kinds of bursts TDM and TDMA
bullbull All bursts are identified by a DIUCAll bursts are identified by a DIUC
ndashndash DownlinkDownlink Interval Usage Code Interval Usage Code
bullbull TDMA bursts haveTDMA bursts have resync resync preamble preamblendashndash allows for more flexible schedulingallows for more flexible scheduling
bullbull Each terminal listens to all bursts at its operationalEach terminal listens to all bursts at its operationalIUC or at a more robust one except when told toIUC or at a more robust one except when told totransmittransmit
bullbull Each burst may contain data for several terminalsEach burst may contain data for several terminals
bullbull SS must recognize the SS must recognize the PDUsPDUs with known CIDs with known CIDs
bullbull DL-MAP message signals downlink usageDL-MAP message signals downlink usage
Downlink Channel DescriptorDownlink Channel Descriptor
bullbull Used for advertising downlink burst profilesUsed for advertising downlink burst profiles
bullbull Burst profile of DL broadcast channel is well-Burst profile of DL broadcast channel is well-knownknown
bullbull All others are acquiredAll others are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the flywithout interrupting the servicewithout interrupting the servicendashndash Not intended as super-adaptive modulationNot intended as super-adaptive modulation
bullbull Establishes association between DIUC andEstablishes association between DIUC andactual PHY parametersactual PHY parameters
Burst profilesBurst profilesbullbull Each burst profile hasEach burst profile has
mandatory exit thresholdmandatory exit thresholdand minimum entryand minimum entrythresholdthreshold
bullbull SS allowed to request a lessSS allowed to request a lessrobust DIUC once above therobust DIUC once above theminimum entry levelminimum entry level
bullbull SS must request fall back toSS must request fall back tomore robust DIUC once atmore robust DIUC once atmandatory exit thresholdmandatory exit threshold
bullbull Requests to change DIUCRequests to change DIUCdone with DBPC-REQ ordone with DBPC-REQ orRNG-REQ messagesRNG-REQ messages
Downlink Map MessageDownlink Map Message
bullbull DL-MAP message defines usage ofDL-MAP message defines usage ofdownlink and contains carrier-specific datadownlink and contains carrier-specific data
bullbull DL-MAP is first message in each frameDL-MAP is first message in each frame
bullbull Decoding very time-criticalDecoding very time-criticalndashndash typically done in hardwaretypically done in hardware
bullbull Entries denote instants when the burstEntries denote instants when the burstprofile changesprofile changes
Uplink TransmissionsUplink Transmissionsbullbull Invited transmissionsInvited transmissions
bullbull Transmissions in contention slotsTransmissions in contention slotsndashndash Bandwidth requestsBandwidth requests
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Transmissions in initial ranging slotsTransmissions in initial ranging slotsndashndash Ranging Requests (RNG-REQ)Ranging Requests (RNG-REQ)
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Bursts defined by Bursts defined by UIUCsUIUCs
bullbull Transmissions allocated by the UL-MAP messageTransmissions allocated by the UL-MAP message
bullbull All transmissions have synchronization preambleAll transmissions have synchronization preamble
bullbull Ideally all data from a single SS is concatenated intoIdeally all data from a single SS is concatenated intoa single PHY bursta single PHY burst
Uplink Channel DescriptorUplink Channel Descriptor
bullbull Defines uplink burst profilesDefines uplink burst profiles
bullbull Sent regularlySent regularly
bullbull All Uplink Burst profiles are acquiredAll Uplink Burst profiles are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the fly
bullbull Establishes association between UIUCEstablishes association between UIUCand actual PHY parametersand actual PHY parameters
Uplink MAP MessageUplink MAP Message
bullbull UL-MAP message defines usage of the uplinkUL-MAP message defines usage of the uplink
bullbull Contains the grantsContains the grants
bullbull Grants addressed to the SSGrants addressed to the SS
bullbull Time given in mini-slotsTime given in mini-slotsndashndash unit ofunit of uplink uplink bandwidth allocation bandwidth allocation
ndashndash 22mm physical slots physical slotsbullbull in 10-66in 10-66 GHz GHz PHY physical slot is 4 symbols PHY physical slot is 4 symbols
bullbull TTime expressed as arrival time at BSime expressed as arrival time at BS
Classes of Uplink ServiceClasses of Uplink ServiceCharacteristic of the Service FlowCharacteristic of the Service Flow
bullbull Unsolicited Grant Services (UGS)Unsolicited Grant Services (UGS)ndashndash for constant bit-rate (CBR) or CBR-like servicefor constant bit-rate (CBR) or CBR-like service
flows (flows (SFsSFs) such as T1E1) such as T1E1
bullbull Real-time Polling Services (Real-time Polling Services (rtPSrtPS))ndashndash for for rtrt-VBR-like -VBR-like SFsSFs such as MPEG video such as MPEG video
bullbull Non-real-time Polling Services (Non-real-time Polling Services (nrtPSnrtPS))ndashndash for for nrtnrt SFsSFs with better than best effort service with better than best effort service
such as bandwidth-intensive file transfersuch as bandwidth-intensive file transfer
bullbull Best Effort (BE)Best Effort (BE)ndashndash for best-effort trafficfor best-effort traffic
Uplink Services - UGSUplink Services - UGS
bullbull No explicit bandwidth requests issued by SSNo explicit bandwidth requests issued by SS
bullbull Prohibited from using any contention requestsProhibited from using any contention requests
bullbull No No unicast unicast request opportunity providedrequest opportunity provided
bullbull May include a Grant Management (GM) sub-May include a Grant Management (GM) sub-header containingheader containingndashndash Slip indicator indicates that there is an backlog inSlip indicator indicates that there is an backlog in
the buffer due to clock skew or loss of mapsthe buffer due to clock skew or loss of maps
ndashndash Poll-me bit indicates that the terminal needs to bePoll-me bit indicates that the terminal needs to bepolled (allows for not polling terminals with UGS-polled (allows for not polling terminals with UGS-only services)only services)
Uplink Services - Uplink Services - rtPSrtPS
bullbull Intended for Intended for rtrt-VBR-like service flows such as-VBR-like service flows such asMPEG videoMPEG video
bullbull Prohibited from using any contention requestsProhibited from using any contention requestsbullbull Terminals polled frequently enough to meetTerminals polled frequently enough to meet
the delay requirements of the the delay requirements of the SFsSFsbullbull Bandwidth requested with BW requestBandwidth requested with BW request
messages (a special MAC PDU header)messages (a special MAC PDU header)bullbull May use Grant Management sub-headerMay use Grant Management sub-header
ndashndash new request can be piggybacked with eachnew request can be piggybacked with eachtransmitted PDUtransmitted PDU
Uplink Service - Uplink Service - nrtPSnrtPS
bullbull Intended for non-real-time service flows withIntended for non-real-time service flows withbetter than best effort servicebetter than best effort servicendashndash eg bandwidth-intensive file transfer eg bandwidth-intensive file transfer
bullbull Works like Works like rtrt-polling except that polls are-polling except that polls areissued less frequentlyissued less frequently
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
Uplink Service - BEUplink Service - BE
bullbull Generic dataGeneric datandashndash eg HTTP SMTP etceg HTTP SMTP etc
bullbull No QoS guaranteesNo QoS guarantees
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
RequestGrant SchemeRequestGrant Scheme
bullbull Self CorrectingSelf Correctingndashndash No acknowledgementNo acknowledgement
ndashndash All errors are handled in the same way ieAll errors are handled in the same way ieperiodical aggregate requestsperiodical aggregate requests
bullbull Bandwidth Requests are always per ConnectionBandwidth Requests are always per Connection
bullbull Grants are either per Connection (GPC) or perGrants are either per Connection (GPC) or perSubscriber Station (GPSS)Subscriber Station (GPSS)
ndashndash Grants (given as Grants (given as durationsdurations) are carried in the) are carried in theUL-MAP messagesUL-MAP messages
ndashndash SS needs to convert the time to amount of dataSS needs to convert the time to amount of datausing information about the UIUCusing information about the UIUC
GPSS vs GPCGPSS vs GPCbullbull Bandwidth Grant per Subscriber Station (GPSS)Bandwidth Grant per Subscriber Station (GPSS)
ndashndash Base station grants bandwidth to the subscriber stationBase station grants bandwidth to the subscriber stationndashndash Subscriber station may re-distribute bandwidth among itsSubscriber station may re-distribute bandwidth among its
connections maintaining QoS and service-levelconnections maintaining QoS and service-levelagreementsagreements
ndashndash Suitable for many connections per terminal off-loadingSuitable for many connections per terminal off-loadingbase stationrsquos workbase stationrsquos work
ndashndash Allows more sophisticated reaction to QoS needsAllows more sophisticated reaction to QoS needsndashndash Low overhead but requires intelligent subscriber stationLow overhead but requires intelligent subscriber stationndashndash Mandatory for P80216 10-66 GHz PHYMandatory for P80216 10-66 GHz PHY
bullbull Bandwidth Grant per Connection (GPC)Bandwidth Grant per Connection (GPC)ndashndash Base station grants bandwidth to a connectionBase station grants bandwidth to a connectionndashndash Mostly suitable for few users per subscriber stationMostly suitable for few users per subscriber stationndashndash Higher overhead but allows simpler subscriber stationHigher overhead but allows simpler subscriber station
Bandwidth RequestsBandwidth Requestsbullbull Come from the Come from the ConnectionConnection
bullbull Several kinds of requestsSeveral kinds of requestsndashndash Implicit requests (UGS)Implicit requests (UGS)
bullbull No actual messages negotiated at connection setupNo actual messages negotiated at connection setup
ndashndash BW request messagesBW request messagesbullbull Uses the special BW request headerUses the special BW request header
bullbull Requests up to 32 KB with a single messageRequests up to 32 KB with a single message
bullbull Incremental or aggregate as indicated by MAC headerIncremental or aggregate as indicated by MAC header
ndashndash Piggybacked request (for non-UGS services only)Piggybacked request (for non-UGS services only)bullbull Presented in GM sub-header and always incrementalPresented in GM sub-header and always incremental
bullbull Up to 32 KB per request for the CIDUp to 32 KB per request for the CID
ndashndash Poll-Me bit (for UGS services only)Poll-Me bit (for UGS services only)bullbull Used by the SS to request a bandwidth poll for non-UGS servicesUsed by the SS to request a bandwidth poll for non-UGS services
BW Request MessageBW Request Message
Maintaining QoS in GPSSMaintaining QoS in GPSSbullbull Semi-distributed approachSemi-distributed approachbullbull BS sees the requests for each connectionBS sees the requests for each connection
based on this grants bandwidth (BW) to thebased on this grants bandwidth (BW) to theSSsSSs (maintaining QoS and fairness) (maintaining QoS and fairness)
bullbull SS scheduler maintains QoS among itsSS scheduler maintains QoS among itsconnections and is responsible to share theconnections and is responsible to share theBW among the connections (maintaining QoSBW among the connections (maintaining QoSand fairness)and fairness)
bullbull Algorithm in BS and SS can be very differentAlgorithm in BS and SS can be very differentSS may use BW in a way unforeseen by theSS may use BW in a way unforeseen by theBSBS
SS initializationSS initializationbullbull Scan forScan for downlink downlink channel and establish channel and establish
synchronization with the BSsynchronization with the BS
bullbull Obtain transmit parameters (from UCD message)Obtain transmit parameters (from UCD message)
bullbull Perform rangingPerform ranging
bullbull Negotiate basic capabilitiesNegotiate basic capabilities
bullbull Authorize SS and perform key exchangeAuthorize SS and perform key exchange
bullbull Perform registrationPerform registration
bullbull Establish IP connectivityEstablish IP connectivity
bullbull Establish time of dayEstablish time of day
bullbull Transfer operational parametersTransfer operational parameters
bullbull Set up connectionsSet up connections
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
Packing with FragmentationPacking with Fragmentation
Downlink transmissionsDownlink transmissionsbullbull Two kinds of bursts TDM and TDMATwo kinds of bursts TDM and TDMA
bullbull All bursts are identified by a DIUCAll bursts are identified by a DIUC
ndashndash DownlinkDownlink Interval Usage Code Interval Usage Code
bullbull TDMA bursts haveTDMA bursts have resync resync preamble preamblendashndash allows for more flexible schedulingallows for more flexible scheduling
bullbull Each terminal listens to all bursts at its operationalEach terminal listens to all bursts at its operationalIUC or at a more robust one except when told toIUC or at a more robust one except when told totransmittransmit
bullbull Each burst may contain data for several terminalsEach burst may contain data for several terminals
bullbull SS must recognize the SS must recognize the PDUsPDUs with known CIDs with known CIDs
bullbull DL-MAP message signals downlink usageDL-MAP message signals downlink usage
Downlink Channel DescriptorDownlink Channel Descriptor
bullbull Used for advertising downlink burst profilesUsed for advertising downlink burst profiles
bullbull Burst profile of DL broadcast channel is well-Burst profile of DL broadcast channel is well-knownknown
bullbull All others are acquiredAll others are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the flywithout interrupting the servicewithout interrupting the servicendashndash Not intended as super-adaptive modulationNot intended as super-adaptive modulation
bullbull Establishes association between DIUC andEstablishes association between DIUC andactual PHY parametersactual PHY parameters
Burst profilesBurst profilesbullbull Each burst profile hasEach burst profile has
mandatory exit thresholdmandatory exit thresholdand minimum entryand minimum entrythresholdthreshold
bullbull SS allowed to request a lessSS allowed to request a lessrobust DIUC once above therobust DIUC once above theminimum entry levelminimum entry level
bullbull SS must request fall back toSS must request fall back tomore robust DIUC once atmore robust DIUC once atmandatory exit thresholdmandatory exit threshold
bullbull Requests to change DIUCRequests to change DIUCdone with DBPC-REQ ordone with DBPC-REQ orRNG-REQ messagesRNG-REQ messages
Downlink Map MessageDownlink Map Message
bullbull DL-MAP message defines usage ofDL-MAP message defines usage ofdownlink and contains carrier-specific datadownlink and contains carrier-specific data
bullbull DL-MAP is first message in each frameDL-MAP is first message in each frame
bullbull Decoding very time-criticalDecoding very time-criticalndashndash typically done in hardwaretypically done in hardware
bullbull Entries denote instants when the burstEntries denote instants when the burstprofile changesprofile changes
Uplink TransmissionsUplink Transmissionsbullbull Invited transmissionsInvited transmissions
bullbull Transmissions in contention slotsTransmissions in contention slotsndashndash Bandwidth requestsBandwidth requests
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Transmissions in initial ranging slotsTransmissions in initial ranging slotsndashndash Ranging Requests (RNG-REQ)Ranging Requests (RNG-REQ)
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Bursts defined by Bursts defined by UIUCsUIUCs
bullbull Transmissions allocated by the UL-MAP messageTransmissions allocated by the UL-MAP message
bullbull All transmissions have synchronization preambleAll transmissions have synchronization preamble
bullbull Ideally all data from a single SS is concatenated intoIdeally all data from a single SS is concatenated intoa single PHY bursta single PHY burst
Uplink Channel DescriptorUplink Channel Descriptor
bullbull Defines uplink burst profilesDefines uplink burst profiles
bullbull Sent regularlySent regularly
bullbull All Uplink Burst profiles are acquiredAll Uplink Burst profiles are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the fly
bullbull Establishes association between UIUCEstablishes association between UIUCand actual PHY parametersand actual PHY parameters
Uplink MAP MessageUplink MAP Message
bullbull UL-MAP message defines usage of the uplinkUL-MAP message defines usage of the uplink
bullbull Contains the grantsContains the grants
bullbull Grants addressed to the SSGrants addressed to the SS
bullbull Time given in mini-slotsTime given in mini-slotsndashndash unit ofunit of uplink uplink bandwidth allocation bandwidth allocation
ndashndash 22mm physical slots physical slotsbullbull in 10-66in 10-66 GHz GHz PHY physical slot is 4 symbols PHY physical slot is 4 symbols
bullbull TTime expressed as arrival time at BSime expressed as arrival time at BS
Classes of Uplink ServiceClasses of Uplink ServiceCharacteristic of the Service FlowCharacteristic of the Service Flow
bullbull Unsolicited Grant Services (UGS)Unsolicited Grant Services (UGS)ndashndash for constant bit-rate (CBR) or CBR-like servicefor constant bit-rate (CBR) or CBR-like service
flows (flows (SFsSFs) such as T1E1) such as T1E1
bullbull Real-time Polling Services (Real-time Polling Services (rtPSrtPS))ndashndash for for rtrt-VBR-like -VBR-like SFsSFs such as MPEG video such as MPEG video
bullbull Non-real-time Polling Services (Non-real-time Polling Services (nrtPSnrtPS))ndashndash for for nrtnrt SFsSFs with better than best effort service with better than best effort service
such as bandwidth-intensive file transfersuch as bandwidth-intensive file transfer
bullbull Best Effort (BE)Best Effort (BE)ndashndash for best-effort trafficfor best-effort traffic
Uplink Services - UGSUplink Services - UGS
bullbull No explicit bandwidth requests issued by SSNo explicit bandwidth requests issued by SS
bullbull Prohibited from using any contention requestsProhibited from using any contention requests
bullbull No No unicast unicast request opportunity providedrequest opportunity provided
bullbull May include a Grant Management (GM) sub-May include a Grant Management (GM) sub-header containingheader containingndashndash Slip indicator indicates that there is an backlog inSlip indicator indicates that there is an backlog in
the buffer due to clock skew or loss of mapsthe buffer due to clock skew or loss of maps
ndashndash Poll-me bit indicates that the terminal needs to bePoll-me bit indicates that the terminal needs to bepolled (allows for not polling terminals with UGS-polled (allows for not polling terminals with UGS-only services)only services)
Uplink Services - Uplink Services - rtPSrtPS
bullbull Intended for Intended for rtrt-VBR-like service flows such as-VBR-like service flows such asMPEG videoMPEG video
bullbull Prohibited from using any contention requestsProhibited from using any contention requestsbullbull Terminals polled frequently enough to meetTerminals polled frequently enough to meet
the delay requirements of the the delay requirements of the SFsSFsbullbull Bandwidth requested with BW requestBandwidth requested with BW request
messages (a special MAC PDU header)messages (a special MAC PDU header)bullbull May use Grant Management sub-headerMay use Grant Management sub-header
ndashndash new request can be piggybacked with eachnew request can be piggybacked with eachtransmitted PDUtransmitted PDU
Uplink Service - Uplink Service - nrtPSnrtPS
bullbull Intended for non-real-time service flows withIntended for non-real-time service flows withbetter than best effort servicebetter than best effort servicendashndash eg bandwidth-intensive file transfer eg bandwidth-intensive file transfer
bullbull Works like Works like rtrt-polling except that polls are-polling except that polls areissued less frequentlyissued less frequently
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
Uplink Service - BEUplink Service - BE
bullbull Generic dataGeneric datandashndash eg HTTP SMTP etceg HTTP SMTP etc
bullbull No QoS guaranteesNo QoS guarantees
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
RequestGrant SchemeRequestGrant Scheme
bullbull Self CorrectingSelf Correctingndashndash No acknowledgementNo acknowledgement
ndashndash All errors are handled in the same way ieAll errors are handled in the same way ieperiodical aggregate requestsperiodical aggregate requests
bullbull Bandwidth Requests are always per ConnectionBandwidth Requests are always per Connection
bullbull Grants are either per Connection (GPC) or perGrants are either per Connection (GPC) or perSubscriber Station (GPSS)Subscriber Station (GPSS)
ndashndash Grants (given as Grants (given as durationsdurations) are carried in the) are carried in theUL-MAP messagesUL-MAP messages
ndashndash SS needs to convert the time to amount of dataSS needs to convert the time to amount of datausing information about the UIUCusing information about the UIUC
GPSS vs GPCGPSS vs GPCbullbull Bandwidth Grant per Subscriber Station (GPSS)Bandwidth Grant per Subscriber Station (GPSS)
ndashndash Base station grants bandwidth to the subscriber stationBase station grants bandwidth to the subscriber stationndashndash Subscriber station may re-distribute bandwidth among itsSubscriber station may re-distribute bandwidth among its
connections maintaining QoS and service-levelconnections maintaining QoS and service-levelagreementsagreements
ndashndash Suitable for many connections per terminal off-loadingSuitable for many connections per terminal off-loadingbase stationrsquos workbase stationrsquos work
ndashndash Allows more sophisticated reaction to QoS needsAllows more sophisticated reaction to QoS needsndashndash Low overhead but requires intelligent subscriber stationLow overhead but requires intelligent subscriber stationndashndash Mandatory for P80216 10-66 GHz PHYMandatory for P80216 10-66 GHz PHY
bullbull Bandwidth Grant per Connection (GPC)Bandwidth Grant per Connection (GPC)ndashndash Base station grants bandwidth to a connectionBase station grants bandwidth to a connectionndashndash Mostly suitable for few users per subscriber stationMostly suitable for few users per subscriber stationndashndash Higher overhead but allows simpler subscriber stationHigher overhead but allows simpler subscriber station
Bandwidth RequestsBandwidth Requestsbullbull Come from the Come from the ConnectionConnection
bullbull Several kinds of requestsSeveral kinds of requestsndashndash Implicit requests (UGS)Implicit requests (UGS)
bullbull No actual messages negotiated at connection setupNo actual messages negotiated at connection setup
ndashndash BW request messagesBW request messagesbullbull Uses the special BW request headerUses the special BW request header
bullbull Requests up to 32 KB with a single messageRequests up to 32 KB with a single message
bullbull Incremental or aggregate as indicated by MAC headerIncremental or aggregate as indicated by MAC header
ndashndash Piggybacked request (for non-UGS services only)Piggybacked request (for non-UGS services only)bullbull Presented in GM sub-header and always incrementalPresented in GM sub-header and always incremental
bullbull Up to 32 KB per request for the CIDUp to 32 KB per request for the CID
ndashndash Poll-Me bit (for UGS services only)Poll-Me bit (for UGS services only)bullbull Used by the SS to request a bandwidth poll for non-UGS servicesUsed by the SS to request a bandwidth poll for non-UGS services
BW Request MessageBW Request Message
Maintaining QoS in GPSSMaintaining QoS in GPSSbullbull Semi-distributed approachSemi-distributed approachbullbull BS sees the requests for each connectionBS sees the requests for each connection
based on this grants bandwidth (BW) to thebased on this grants bandwidth (BW) to theSSsSSs (maintaining QoS and fairness) (maintaining QoS and fairness)
bullbull SS scheduler maintains QoS among itsSS scheduler maintains QoS among itsconnections and is responsible to share theconnections and is responsible to share theBW among the connections (maintaining QoSBW among the connections (maintaining QoSand fairness)and fairness)
bullbull Algorithm in BS and SS can be very differentAlgorithm in BS and SS can be very differentSS may use BW in a way unforeseen by theSS may use BW in a way unforeseen by theBSBS
SS initializationSS initializationbullbull Scan forScan for downlink downlink channel and establish channel and establish
synchronization with the BSsynchronization with the BS
bullbull Obtain transmit parameters (from UCD message)Obtain transmit parameters (from UCD message)
bullbull Perform rangingPerform ranging
bullbull Negotiate basic capabilitiesNegotiate basic capabilities
bullbull Authorize SS and perform key exchangeAuthorize SS and perform key exchange
bullbull Perform registrationPerform registration
bullbull Establish IP connectivityEstablish IP connectivity
bullbull Establish time of dayEstablish time of day
bullbull Transfer operational parametersTransfer operational parameters
bullbull Set up connectionsSet up connections
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
Downlink transmissionsDownlink transmissionsbullbull Two kinds of bursts TDM and TDMATwo kinds of bursts TDM and TDMA
bullbull All bursts are identified by a DIUCAll bursts are identified by a DIUC
ndashndash DownlinkDownlink Interval Usage Code Interval Usage Code
bullbull TDMA bursts haveTDMA bursts have resync resync preamble preamblendashndash allows for more flexible schedulingallows for more flexible scheduling
bullbull Each terminal listens to all bursts at its operationalEach terminal listens to all bursts at its operationalIUC or at a more robust one except when told toIUC or at a more robust one except when told totransmittransmit
bullbull Each burst may contain data for several terminalsEach burst may contain data for several terminals
bullbull SS must recognize the SS must recognize the PDUsPDUs with known CIDs with known CIDs
bullbull DL-MAP message signals downlink usageDL-MAP message signals downlink usage
Downlink Channel DescriptorDownlink Channel Descriptor
bullbull Used for advertising downlink burst profilesUsed for advertising downlink burst profiles
bullbull Burst profile of DL broadcast channel is well-Burst profile of DL broadcast channel is well-knownknown
bullbull All others are acquiredAll others are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the flywithout interrupting the servicewithout interrupting the servicendashndash Not intended as super-adaptive modulationNot intended as super-adaptive modulation
bullbull Establishes association between DIUC andEstablishes association between DIUC andactual PHY parametersactual PHY parameters
Burst profilesBurst profilesbullbull Each burst profile hasEach burst profile has
mandatory exit thresholdmandatory exit thresholdand minimum entryand minimum entrythresholdthreshold
bullbull SS allowed to request a lessSS allowed to request a lessrobust DIUC once above therobust DIUC once above theminimum entry levelminimum entry level
bullbull SS must request fall back toSS must request fall back tomore robust DIUC once atmore robust DIUC once atmandatory exit thresholdmandatory exit threshold
bullbull Requests to change DIUCRequests to change DIUCdone with DBPC-REQ ordone with DBPC-REQ orRNG-REQ messagesRNG-REQ messages
Downlink Map MessageDownlink Map Message
bullbull DL-MAP message defines usage ofDL-MAP message defines usage ofdownlink and contains carrier-specific datadownlink and contains carrier-specific data
bullbull DL-MAP is first message in each frameDL-MAP is first message in each frame
bullbull Decoding very time-criticalDecoding very time-criticalndashndash typically done in hardwaretypically done in hardware
bullbull Entries denote instants when the burstEntries denote instants when the burstprofile changesprofile changes
Uplink TransmissionsUplink Transmissionsbullbull Invited transmissionsInvited transmissions
bullbull Transmissions in contention slotsTransmissions in contention slotsndashndash Bandwidth requestsBandwidth requests
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Transmissions in initial ranging slotsTransmissions in initial ranging slotsndashndash Ranging Requests (RNG-REQ)Ranging Requests (RNG-REQ)
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Bursts defined by Bursts defined by UIUCsUIUCs
bullbull Transmissions allocated by the UL-MAP messageTransmissions allocated by the UL-MAP message
bullbull All transmissions have synchronization preambleAll transmissions have synchronization preamble
bullbull Ideally all data from a single SS is concatenated intoIdeally all data from a single SS is concatenated intoa single PHY bursta single PHY burst
Uplink Channel DescriptorUplink Channel Descriptor
bullbull Defines uplink burst profilesDefines uplink burst profiles
bullbull Sent regularlySent regularly
bullbull All Uplink Burst profiles are acquiredAll Uplink Burst profiles are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the fly
bullbull Establishes association between UIUCEstablishes association between UIUCand actual PHY parametersand actual PHY parameters
Uplink MAP MessageUplink MAP Message
bullbull UL-MAP message defines usage of the uplinkUL-MAP message defines usage of the uplink
bullbull Contains the grantsContains the grants
bullbull Grants addressed to the SSGrants addressed to the SS
bullbull Time given in mini-slotsTime given in mini-slotsndashndash unit ofunit of uplink uplink bandwidth allocation bandwidth allocation
ndashndash 22mm physical slots physical slotsbullbull in 10-66in 10-66 GHz GHz PHY physical slot is 4 symbols PHY physical slot is 4 symbols
bullbull TTime expressed as arrival time at BSime expressed as arrival time at BS
Classes of Uplink ServiceClasses of Uplink ServiceCharacteristic of the Service FlowCharacteristic of the Service Flow
bullbull Unsolicited Grant Services (UGS)Unsolicited Grant Services (UGS)ndashndash for constant bit-rate (CBR) or CBR-like servicefor constant bit-rate (CBR) or CBR-like service
flows (flows (SFsSFs) such as T1E1) such as T1E1
bullbull Real-time Polling Services (Real-time Polling Services (rtPSrtPS))ndashndash for for rtrt-VBR-like -VBR-like SFsSFs such as MPEG video such as MPEG video
bullbull Non-real-time Polling Services (Non-real-time Polling Services (nrtPSnrtPS))ndashndash for for nrtnrt SFsSFs with better than best effort service with better than best effort service
such as bandwidth-intensive file transfersuch as bandwidth-intensive file transfer
bullbull Best Effort (BE)Best Effort (BE)ndashndash for best-effort trafficfor best-effort traffic
Uplink Services - UGSUplink Services - UGS
bullbull No explicit bandwidth requests issued by SSNo explicit bandwidth requests issued by SS
bullbull Prohibited from using any contention requestsProhibited from using any contention requests
bullbull No No unicast unicast request opportunity providedrequest opportunity provided
bullbull May include a Grant Management (GM) sub-May include a Grant Management (GM) sub-header containingheader containingndashndash Slip indicator indicates that there is an backlog inSlip indicator indicates that there is an backlog in
the buffer due to clock skew or loss of mapsthe buffer due to clock skew or loss of maps
ndashndash Poll-me bit indicates that the terminal needs to bePoll-me bit indicates that the terminal needs to bepolled (allows for not polling terminals with UGS-polled (allows for not polling terminals with UGS-only services)only services)
Uplink Services - Uplink Services - rtPSrtPS
bullbull Intended for Intended for rtrt-VBR-like service flows such as-VBR-like service flows such asMPEG videoMPEG video
bullbull Prohibited from using any contention requestsProhibited from using any contention requestsbullbull Terminals polled frequently enough to meetTerminals polled frequently enough to meet
the delay requirements of the the delay requirements of the SFsSFsbullbull Bandwidth requested with BW requestBandwidth requested with BW request
messages (a special MAC PDU header)messages (a special MAC PDU header)bullbull May use Grant Management sub-headerMay use Grant Management sub-header
ndashndash new request can be piggybacked with eachnew request can be piggybacked with eachtransmitted PDUtransmitted PDU
Uplink Service - Uplink Service - nrtPSnrtPS
bullbull Intended for non-real-time service flows withIntended for non-real-time service flows withbetter than best effort servicebetter than best effort servicendashndash eg bandwidth-intensive file transfer eg bandwidth-intensive file transfer
bullbull Works like Works like rtrt-polling except that polls are-polling except that polls areissued less frequentlyissued less frequently
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
Uplink Service - BEUplink Service - BE
bullbull Generic dataGeneric datandashndash eg HTTP SMTP etceg HTTP SMTP etc
bullbull No QoS guaranteesNo QoS guarantees
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
RequestGrant SchemeRequestGrant Scheme
bullbull Self CorrectingSelf Correctingndashndash No acknowledgementNo acknowledgement
ndashndash All errors are handled in the same way ieAll errors are handled in the same way ieperiodical aggregate requestsperiodical aggregate requests
bullbull Bandwidth Requests are always per ConnectionBandwidth Requests are always per Connection
bullbull Grants are either per Connection (GPC) or perGrants are either per Connection (GPC) or perSubscriber Station (GPSS)Subscriber Station (GPSS)
ndashndash Grants (given as Grants (given as durationsdurations) are carried in the) are carried in theUL-MAP messagesUL-MAP messages
ndashndash SS needs to convert the time to amount of dataSS needs to convert the time to amount of datausing information about the UIUCusing information about the UIUC
GPSS vs GPCGPSS vs GPCbullbull Bandwidth Grant per Subscriber Station (GPSS)Bandwidth Grant per Subscriber Station (GPSS)
ndashndash Base station grants bandwidth to the subscriber stationBase station grants bandwidth to the subscriber stationndashndash Subscriber station may re-distribute bandwidth among itsSubscriber station may re-distribute bandwidth among its
connections maintaining QoS and service-levelconnections maintaining QoS and service-levelagreementsagreements
ndashndash Suitable for many connections per terminal off-loadingSuitable for many connections per terminal off-loadingbase stationrsquos workbase stationrsquos work
ndashndash Allows more sophisticated reaction to QoS needsAllows more sophisticated reaction to QoS needsndashndash Low overhead but requires intelligent subscriber stationLow overhead but requires intelligent subscriber stationndashndash Mandatory for P80216 10-66 GHz PHYMandatory for P80216 10-66 GHz PHY
bullbull Bandwidth Grant per Connection (GPC)Bandwidth Grant per Connection (GPC)ndashndash Base station grants bandwidth to a connectionBase station grants bandwidth to a connectionndashndash Mostly suitable for few users per subscriber stationMostly suitable for few users per subscriber stationndashndash Higher overhead but allows simpler subscriber stationHigher overhead but allows simpler subscriber station
Bandwidth RequestsBandwidth Requestsbullbull Come from the Come from the ConnectionConnection
bullbull Several kinds of requestsSeveral kinds of requestsndashndash Implicit requests (UGS)Implicit requests (UGS)
bullbull No actual messages negotiated at connection setupNo actual messages negotiated at connection setup
ndashndash BW request messagesBW request messagesbullbull Uses the special BW request headerUses the special BW request header
bullbull Requests up to 32 KB with a single messageRequests up to 32 KB with a single message
bullbull Incremental or aggregate as indicated by MAC headerIncremental or aggregate as indicated by MAC header
ndashndash Piggybacked request (for non-UGS services only)Piggybacked request (for non-UGS services only)bullbull Presented in GM sub-header and always incrementalPresented in GM sub-header and always incremental
bullbull Up to 32 KB per request for the CIDUp to 32 KB per request for the CID
ndashndash Poll-Me bit (for UGS services only)Poll-Me bit (for UGS services only)bullbull Used by the SS to request a bandwidth poll for non-UGS servicesUsed by the SS to request a bandwidth poll for non-UGS services
BW Request MessageBW Request Message
Maintaining QoS in GPSSMaintaining QoS in GPSSbullbull Semi-distributed approachSemi-distributed approachbullbull BS sees the requests for each connectionBS sees the requests for each connection
based on this grants bandwidth (BW) to thebased on this grants bandwidth (BW) to theSSsSSs (maintaining QoS and fairness) (maintaining QoS and fairness)
bullbull SS scheduler maintains QoS among itsSS scheduler maintains QoS among itsconnections and is responsible to share theconnections and is responsible to share theBW among the connections (maintaining QoSBW among the connections (maintaining QoSand fairness)and fairness)
bullbull Algorithm in BS and SS can be very differentAlgorithm in BS and SS can be very differentSS may use BW in a way unforeseen by theSS may use BW in a way unforeseen by theBSBS
SS initializationSS initializationbullbull Scan forScan for downlink downlink channel and establish channel and establish
synchronization with the BSsynchronization with the BS
bullbull Obtain transmit parameters (from UCD message)Obtain transmit parameters (from UCD message)
bullbull Perform rangingPerform ranging
bullbull Negotiate basic capabilitiesNegotiate basic capabilities
bullbull Authorize SS and perform key exchangeAuthorize SS and perform key exchange
bullbull Perform registrationPerform registration
bullbull Establish IP connectivityEstablish IP connectivity
bullbull Establish time of dayEstablish time of day
bullbull Transfer operational parametersTransfer operational parameters
bullbull Set up connectionsSet up connections
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
Downlink Channel DescriptorDownlink Channel Descriptor
bullbull Used for advertising downlink burst profilesUsed for advertising downlink burst profiles
bullbull Burst profile of DL broadcast channel is well-Burst profile of DL broadcast channel is well-knownknown
bullbull All others are acquiredAll others are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the flywithout interrupting the servicewithout interrupting the servicendashndash Not intended as super-adaptive modulationNot intended as super-adaptive modulation
bullbull Establishes association between DIUC andEstablishes association between DIUC andactual PHY parametersactual PHY parameters
Burst profilesBurst profilesbullbull Each burst profile hasEach burst profile has
mandatory exit thresholdmandatory exit thresholdand minimum entryand minimum entrythresholdthreshold
bullbull SS allowed to request a lessSS allowed to request a lessrobust DIUC once above therobust DIUC once above theminimum entry levelminimum entry level
bullbull SS must request fall back toSS must request fall back tomore robust DIUC once atmore robust DIUC once atmandatory exit thresholdmandatory exit threshold
bullbull Requests to change DIUCRequests to change DIUCdone with DBPC-REQ ordone with DBPC-REQ orRNG-REQ messagesRNG-REQ messages
Downlink Map MessageDownlink Map Message
bullbull DL-MAP message defines usage ofDL-MAP message defines usage ofdownlink and contains carrier-specific datadownlink and contains carrier-specific data
bullbull DL-MAP is first message in each frameDL-MAP is first message in each frame
bullbull Decoding very time-criticalDecoding very time-criticalndashndash typically done in hardwaretypically done in hardware
bullbull Entries denote instants when the burstEntries denote instants when the burstprofile changesprofile changes
Uplink TransmissionsUplink Transmissionsbullbull Invited transmissionsInvited transmissions
bullbull Transmissions in contention slotsTransmissions in contention slotsndashndash Bandwidth requestsBandwidth requests
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Transmissions in initial ranging slotsTransmissions in initial ranging slotsndashndash Ranging Requests (RNG-REQ)Ranging Requests (RNG-REQ)
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Bursts defined by Bursts defined by UIUCsUIUCs
bullbull Transmissions allocated by the UL-MAP messageTransmissions allocated by the UL-MAP message
bullbull All transmissions have synchronization preambleAll transmissions have synchronization preamble
bullbull Ideally all data from a single SS is concatenated intoIdeally all data from a single SS is concatenated intoa single PHY bursta single PHY burst
Uplink Channel DescriptorUplink Channel Descriptor
bullbull Defines uplink burst profilesDefines uplink burst profiles
bullbull Sent regularlySent regularly
bullbull All Uplink Burst profiles are acquiredAll Uplink Burst profiles are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the fly
bullbull Establishes association between UIUCEstablishes association between UIUCand actual PHY parametersand actual PHY parameters
Uplink MAP MessageUplink MAP Message
bullbull UL-MAP message defines usage of the uplinkUL-MAP message defines usage of the uplink
bullbull Contains the grantsContains the grants
bullbull Grants addressed to the SSGrants addressed to the SS
bullbull Time given in mini-slotsTime given in mini-slotsndashndash unit ofunit of uplink uplink bandwidth allocation bandwidth allocation
ndashndash 22mm physical slots physical slotsbullbull in 10-66in 10-66 GHz GHz PHY physical slot is 4 symbols PHY physical slot is 4 symbols
bullbull TTime expressed as arrival time at BSime expressed as arrival time at BS
Classes of Uplink ServiceClasses of Uplink ServiceCharacteristic of the Service FlowCharacteristic of the Service Flow
bullbull Unsolicited Grant Services (UGS)Unsolicited Grant Services (UGS)ndashndash for constant bit-rate (CBR) or CBR-like servicefor constant bit-rate (CBR) or CBR-like service
flows (flows (SFsSFs) such as T1E1) such as T1E1
bullbull Real-time Polling Services (Real-time Polling Services (rtPSrtPS))ndashndash for for rtrt-VBR-like -VBR-like SFsSFs such as MPEG video such as MPEG video
bullbull Non-real-time Polling Services (Non-real-time Polling Services (nrtPSnrtPS))ndashndash for for nrtnrt SFsSFs with better than best effort service with better than best effort service
such as bandwidth-intensive file transfersuch as bandwidth-intensive file transfer
bullbull Best Effort (BE)Best Effort (BE)ndashndash for best-effort trafficfor best-effort traffic
Uplink Services - UGSUplink Services - UGS
bullbull No explicit bandwidth requests issued by SSNo explicit bandwidth requests issued by SS
bullbull Prohibited from using any contention requestsProhibited from using any contention requests
bullbull No No unicast unicast request opportunity providedrequest opportunity provided
bullbull May include a Grant Management (GM) sub-May include a Grant Management (GM) sub-header containingheader containingndashndash Slip indicator indicates that there is an backlog inSlip indicator indicates that there is an backlog in
the buffer due to clock skew or loss of mapsthe buffer due to clock skew or loss of maps
ndashndash Poll-me bit indicates that the terminal needs to bePoll-me bit indicates that the terminal needs to bepolled (allows for not polling terminals with UGS-polled (allows for not polling terminals with UGS-only services)only services)
Uplink Services - Uplink Services - rtPSrtPS
bullbull Intended for Intended for rtrt-VBR-like service flows such as-VBR-like service flows such asMPEG videoMPEG video
bullbull Prohibited from using any contention requestsProhibited from using any contention requestsbullbull Terminals polled frequently enough to meetTerminals polled frequently enough to meet
the delay requirements of the the delay requirements of the SFsSFsbullbull Bandwidth requested with BW requestBandwidth requested with BW request
messages (a special MAC PDU header)messages (a special MAC PDU header)bullbull May use Grant Management sub-headerMay use Grant Management sub-header
ndashndash new request can be piggybacked with eachnew request can be piggybacked with eachtransmitted PDUtransmitted PDU
Uplink Service - Uplink Service - nrtPSnrtPS
bullbull Intended for non-real-time service flows withIntended for non-real-time service flows withbetter than best effort servicebetter than best effort servicendashndash eg bandwidth-intensive file transfer eg bandwidth-intensive file transfer
bullbull Works like Works like rtrt-polling except that polls are-polling except that polls areissued less frequentlyissued less frequently
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
Uplink Service - BEUplink Service - BE
bullbull Generic dataGeneric datandashndash eg HTTP SMTP etceg HTTP SMTP etc
bullbull No QoS guaranteesNo QoS guarantees
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
RequestGrant SchemeRequestGrant Scheme
bullbull Self CorrectingSelf Correctingndashndash No acknowledgementNo acknowledgement
ndashndash All errors are handled in the same way ieAll errors are handled in the same way ieperiodical aggregate requestsperiodical aggregate requests
bullbull Bandwidth Requests are always per ConnectionBandwidth Requests are always per Connection
bullbull Grants are either per Connection (GPC) or perGrants are either per Connection (GPC) or perSubscriber Station (GPSS)Subscriber Station (GPSS)
ndashndash Grants (given as Grants (given as durationsdurations) are carried in the) are carried in theUL-MAP messagesUL-MAP messages
ndashndash SS needs to convert the time to amount of dataSS needs to convert the time to amount of datausing information about the UIUCusing information about the UIUC
GPSS vs GPCGPSS vs GPCbullbull Bandwidth Grant per Subscriber Station (GPSS)Bandwidth Grant per Subscriber Station (GPSS)
ndashndash Base station grants bandwidth to the subscriber stationBase station grants bandwidth to the subscriber stationndashndash Subscriber station may re-distribute bandwidth among itsSubscriber station may re-distribute bandwidth among its
connections maintaining QoS and service-levelconnections maintaining QoS and service-levelagreementsagreements
ndashndash Suitable for many connections per terminal off-loadingSuitable for many connections per terminal off-loadingbase stationrsquos workbase stationrsquos work
ndashndash Allows more sophisticated reaction to QoS needsAllows more sophisticated reaction to QoS needsndashndash Low overhead but requires intelligent subscriber stationLow overhead but requires intelligent subscriber stationndashndash Mandatory for P80216 10-66 GHz PHYMandatory for P80216 10-66 GHz PHY
bullbull Bandwidth Grant per Connection (GPC)Bandwidth Grant per Connection (GPC)ndashndash Base station grants bandwidth to a connectionBase station grants bandwidth to a connectionndashndash Mostly suitable for few users per subscriber stationMostly suitable for few users per subscriber stationndashndash Higher overhead but allows simpler subscriber stationHigher overhead but allows simpler subscriber station
Bandwidth RequestsBandwidth Requestsbullbull Come from the Come from the ConnectionConnection
bullbull Several kinds of requestsSeveral kinds of requestsndashndash Implicit requests (UGS)Implicit requests (UGS)
bullbull No actual messages negotiated at connection setupNo actual messages negotiated at connection setup
ndashndash BW request messagesBW request messagesbullbull Uses the special BW request headerUses the special BW request header
bullbull Requests up to 32 KB with a single messageRequests up to 32 KB with a single message
bullbull Incremental or aggregate as indicated by MAC headerIncremental or aggregate as indicated by MAC header
ndashndash Piggybacked request (for non-UGS services only)Piggybacked request (for non-UGS services only)bullbull Presented in GM sub-header and always incrementalPresented in GM sub-header and always incremental
bullbull Up to 32 KB per request for the CIDUp to 32 KB per request for the CID
ndashndash Poll-Me bit (for UGS services only)Poll-Me bit (for UGS services only)bullbull Used by the SS to request a bandwidth poll for non-UGS servicesUsed by the SS to request a bandwidth poll for non-UGS services
BW Request MessageBW Request Message
Maintaining QoS in GPSSMaintaining QoS in GPSSbullbull Semi-distributed approachSemi-distributed approachbullbull BS sees the requests for each connectionBS sees the requests for each connection
based on this grants bandwidth (BW) to thebased on this grants bandwidth (BW) to theSSsSSs (maintaining QoS and fairness) (maintaining QoS and fairness)
bullbull SS scheduler maintains QoS among itsSS scheduler maintains QoS among itsconnections and is responsible to share theconnections and is responsible to share theBW among the connections (maintaining QoSBW among the connections (maintaining QoSand fairness)and fairness)
bullbull Algorithm in BS and SS can be very differentAlgorithm in BS and SS can be very differentSS may use BW in a way unforeseen by theSS may use BW in a way unforeseen by theBSBS
SS initializationSS initializationbullbull Scan forScan for downlink downlink channel and establish channel and establish
synchronization with the BSsynchronization with the BS
bullbull Obtain transmit parameters (from UCD message)Obtain transmit parameters (from UCD message)
bullbull Perform rangingPerform ranging
bullbull Negotiate basic capabilitiesNegotiate basic capabilities
bullbull Authorize SS and perform key exchangeAuthorize SS and perform key exchange
bullbull Perform registrationPerform registration
bullbull Establish IP connectivityEstablish IP connectivity
bullbull Establish time of dayEstablish time of day
bullbull Transfer operational parametersTransfer operational parameters
bullbull Set up connectionsSet up connections
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
Burst profilesBurst profilesbullbull Each burst profile hasEach burst profile has
mandatory exit thresholdmandatory exit thresholdand minimum entryand minimum entrythresholdthreshold
bullbull SS allowed to request a lessSS allowed to request a lessrobust DIUC once above therobust DIUC once above theminimum entry levelminimum entry level
bullbull SS must request fall back toSS must request fall back tomore robust DIUC once atmore robust DIUC once atmandatory exit thresholdmandatory exit threshold
bullbull Requests to change DIUCRequests to change DIUCdone with DBPC-REQ ordone with DBPC-REQ orRNG-REQ messagesRNG-REQ messages
Downlink Map MessageDownlink Map Message
bullbull DL-MAP message defines usage ofDL-MAP message defines usage ofdownlink and contains carrier-specific datadownlink and contains carrier-specific data
bullbull DL-MAP is first message in each frameDL-MAP is first message in each frame
bullbull Decoding very time-criticalDecoding very time-criticalndashndash typically done in hardwaretypically done in hardware
bullbull Entries denote instants when the burstEntries denote instants when the burstprofile changesprofile changes
Uplink TransmissionsUplink Transmissionsbullbull Invited transmissionsInvited transmissions
bullbull Transmissions in contention slotsTransmissions in contention slotsndashndash Bandwidth requestsBandwidth requests
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Transmissions in initial ranging slotsTransmissions in initial ranging slotsndashndash Ranging Requests (RNG-REQ)Ranging Requests (RNG-REQ)
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Bursts defined by Bursts defined by UIUCsUIUCs
bullbull Transmissions allocated by the UL-MAP messageTransmissions allocated by the UL-MAP message
bullbull All transmissions have synchronization preambleAll transmissions have synchronization preamble
bullbull Ideally all data from a single SS is concatenated intoIdeally all data from a single SS is concatenated intoa single PHY bursta single PHY burst
Uplink Channel DescriptorUplink Channel Descriptor
bullbull Defines uplink burst profilesDefines uplink burst profiles
bullbull Sent regularlySent regularly
bullbull All Uplink Burst profiles are acquiredAll Uplink Burst profiles are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the fly
bullbull Establishes association between UIUCEstablishes association between UIUCand actual PHY parametersand actual PHY parameters
Uplink MAP MessageUplink MAP Message
bullbull UL-MAP message defines usage of the uplinkUL-MAP message defines usage of the uplink
bullbull Contains the grantsContains the grants
bullbull Grants addressed to the SSGrants addressed to the SS
bullbull Time given in mini-slotsTime given in mini-slotsndashndash unit ofunit of uplink uplink bandwidth allocation bandwidth allocation
ndashndash 22mm physical slots physical slotsbullbull in 10-66in 10-66 GHz GHz PHY physical slot is 4 symbols PHY physical slot is 4 symbols
bullbull TTime expressed as arrival time at BSime expressed as arrival time at BS
Classes of Uplink ServiceClasses of Uplink ServiceCharacteristic of the Service FlowCharacteristic of the Service Flow
bullbull Unsolicited Grant Services (UGS)Unsolicited Grant Services (UGS)ndashndash for constant bit-rate (CBR) or CBR-like servicefor constant bit-rate (CBR) or CBR-like service
flows (flows (SFsSFs) such as T1E1) such as T1E1
bullbull Real-time Polling Services (Real-time Polling Services (rtPSrtPS))ndashndash for for rtrt-VBR-like -VBR-like SFsSFs such as MPEG video such as MPEG video
bullbull Non-real-time Polling Services (Non-real-time Polling Services (nrtPSnrtPS))ndashndash for for nrtnrt SFsSFs with better than best effort service with better than best effort service
such as bandwidth-intensive file transfersuch as bandwidth-intensive file transfer
bullbull Best Effort (BE)Best Effort (BE)ndashndash for best-effort trafficfor best-effort traffic
Uplink Services - UGSUplink Services - UGS
bullbull No explicit bandwidth requests issued by SSNo explicit bandwidth requests issued by SS
bullbull Prohibited from using any contention requestsProhibited from using any contention requests
bullbull No No unicast unicast request opportunity providedrequest opportunity provided
bullbull May include a Grant Management (GM) sub-May include a Grant Management (GM) sub-header containingheader containingndashndash Slip indicator indicates that there is an backlog inSlip indicator indicates that there is an backlog in
the buffer due to clock skew or loss of mapsthe buffer due to clock skew or loss of maps
ndashndash Poll-me bit indicates that the terminal needs to bePoll-me bit indicates that the terminal needs to bepolled (allows for not polling terminals with UGS-polled (allows for not polling terminals with UGS-only services)only services)
Uplink Services - Uplink Services - rtPSrtPS
bullbull Intended for Intended for rtrt-VBR-like service flows such as-VBR-like service flows such asMPEG videoMPEG video
bullbull Prohibited from using any contention requestsProhibited from using any contention requestsbullbull Terminals polled frequently enough to meetTerminals polled frequently enough to meet
the delay requirements of the the delay requirements of the SFsSFsbullbull Bandwidth requested with BW requestBandwidth requested with BW request
messages (a special MAC PDU header)messages (a special MAC PDU header)bullbull May use Grant Management sub-headerMay use Grant Management sub-header
ndashndash new request can be piggybacked with eachnew request can be piggybacked with eachtransmitted PDUtransmitted PDU
Uplink Service - Uplink Service - nrtPSnrtPS
bullbull Intended for non-real-time service flows withIntended for non-real-time service flows withbetter than best effort servicebetter than best effort servicendashndash eg bandwidth-intensive file transfer eg bandwidth-intensive file transfer
bullbull Works like Works like rtrt-polling except that polls are-polling except that polls areissued less frequentlyissued less frequently
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
Uplink Service - BEUplink Service - BE
bullbull Generic dataGeneric datandashndash eg HTTP SMTP etceg HTTP SMTP etc
bullbull No QoS guaranteesNo QoS guarantees
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
RequestGrant SchemeRequestGrant Scheme
bullbull Self CorrectingSelf Correctingndashndash No acknowledgementNo acknowledgement
ndashndash All errors are handled in the same way ieAll errors are handled in the same way ieperiodical aggregate requestsperiodical aggregate requests
bullbull Bandwidth Requests are always per ConnectionBandwidth Requests are always per Connection
bullbull Grants are either per Connection (GPC) or perGrants are either per Connection (GPC) or perSubscriber Station (GPSS)Subscriber Station (GPSS)
ndashndash Grants (given as Grants (given as durationsdurations) are carried in the) are carried in theUL-MAP messagesUL-MAP messages
ndashndash SS needs to convert the time to amount of dataSS needs to convert the time to amount of datausing information about the UIUCusing information about the UIUC
GPSS vs GPCGPSS vs GPCbullbull Bandwidth Grant per Subscriber Station (GPSS)Bandwidth Grant per Subscriber Station (GPSS)
ndashndash Base station grants bandwidth to the subscriber stationBase station grants bandwidth to the subscriber stationndashndash Subscriber station may re-distribute bandwidth among itsSubscriber station may re-distribute bandwidth among its
connections maintaining QoS and service-levelconnections maintaining QoS and service-levelagreementsagreements
ndashndash Suitable for many connections per terminal off-loadingSuitable for many connections per terminal off-loadingbase stationrsquos workbase stationrsquos work
ndashndash Allows more sophisticated reaction to QoS needsAllows more sophisticated reaction to QoS needsndashndash Low overhead but requires intelligent subscriber stationLow overhead but requires intelligent subscriber stationndashndash Mandatory for P80216 10-66 GHz PHYMandatory for P80216 10-66 GHz PHY
bullbull Bandwidth Grant per Connection (GPC)Bandwidth Grant per Connection (GPC)ndashndash Base station grants bandwidth to a connectionBase station grants bandwidth to a connectionndashndash Mostly suitable for few users per subscriber stationMostly suitable for few users per subscriber stationndashndash Higher overhead but allows simpler subscriber stationHigher overhead but allows simpler subscriber station
Bandwidth RequestsBandwidth Requestsbullbull Come from the Come from the ConnectionConnection
bullbull Several kinds of requestsSeveral kinds of requestsndashndash Implicit requests (UGS)Implicit requests (UGS)
bullbull No actual messages negotiated at connection setupNo actual messages negotiated at connection setup
ndashndash BW request messagesBW request messagesbullbull Uses the special BW request headerUses the special BW request header
bullbull Requests up to 32 KB with a single messageRequests up to 32 KB with a single message
bullbull Incremental or aggregate as indicated by MAC headerIncremental or aggregate as indicated by MAC header
ndashndash Piggybacked request (for non-UGS services only)Piggybacked request (for non-UGS services only)bullbull Presented in GM sub-header and always incrementalPresented in GM sub-header and always incremental
bullbull Up to 32 KB per request for the CIDUp to 32 KB per request for the CID
ndashndash Poll-Me bit (for UGS services only)Poll-Me bit (for UGS services only)bullbull Used by the SS to request a bandwidth poll for non-UGS servicesUsed by the SS to request a bandwidth poll for non-UGS services
BW Request MessageBW Request Message
Maintaining QoS in GPSSMaintaining QoS in GPSSbullbull Semi-distributed approachSemi-distributed approachbullbull BS sees the requests for each connectionBS sees the requests for each connection
based on this grants bandwidth (BW) to thebased on this grants bandwidth (BW) to theSSsSSs (maintaining QoS and fairness) (maintaining QoS and fairness)
bullbull SS scheduler maintains QoS among itsSS scheduler maintains QoS among itsconnections and is responsible to share theconnections and is responsible to share theBW among the connections (maintaining QoSBW among the connections (maintaining QoSand fairness)and fairness)
bullbull Algorithm in BS and SS can be very differentAlgorithm in BS and SS can be very differentSS may use BW in a way unforeseen by theSS may use BW in a way unforeseen by theBSBS
SS initializationSS initializationbullbull Scan forScan for downlink downlink channel and establish channel and establish
synchronization with the BSsynchronization with the BS
bullbull Obtain transmit parameters (from UCD message)Obtain transmit parameters (from UCD message)
bullbull Perform rangingPerform ranging
bullbull Negotiate basic capabilitiesNegotiate basic capabilities
bullbull Authorize SS and perform key exchangeAuthorize SS and perform key exchange
bullbull Perform registrationPerform registration
bullbull Establish IP connectivityEstablish IP connectivity
bullbull Establish time of dayEstablish time of day
bullbull Transfer operational parametersTransfer operational parameters
bullbull Set up connectionsSet up connections
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
Downlink Map MessageDownlink Map Message
bullbull DL-MAP message defines usage ofDL-MAP message defines usage ofdownlink and contains carrier-specific datadownlink and contains carrier-specific data
bullbull DL-MAP is first message in each frameDL-MAP is first message in each frame
bullbull Decoding very time-criticalDecoding very time-criticalndashndash typically done in hardwaretypically done in hardware
bullbull Entries denote instants when the burstEntries denote instants when the burstprofile changesprofile changes
Uplink TransmissionsUplink Transmissionsbullbull Invited transmissionsInvited transmissions
bullbull Transmissions in contention slotsTransmissions in contention slotsndashndash Bandwidth requestsBandwidth requests
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Transmissions in initial ranging slotsTransmissions in initial ranging slotsndashndash Ranging Requests (RNG-REQ)Ranging Requests (RNG-REQ)
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Bursts defined by Bursts defined by UIUCsUIUCs
bullbull Transmissions allocated by the UL-MAP messageTransmissions allocated by the UL-MAP message
bullbull All transmissions have synchronization preambleAll transmissions have synchronization preamble
bullbull Ideally all data from a single SS is concatenated intoIdeally all data from a single SS is concatenated intoa single PHY bursta single PHY burst
Uplink Channel DescriptorUplink Channel Descriptor
bullbull Defines uplink burst profilesDefines uplink burst profiles
bullbull Sent regularlySent regularly
bullbull All Uplink Burst profiles are acquiredAll Uplink Burst profiles are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the fly
bullbull Establishes association between UIUCEstablishes association between UIUCand actual PHY parametersand actual PHY parameters
Uplink MAP MessageUplink MAP Message
bullbull UL-MAP message defines usage of the uplinkUL-MAP message defines usage of the uplink
bullbull Contains the grantsContains the grants
bullbull Grants addressed to the SSGrants addressed to the SS
bullbull Time given in mini-slotsTime given in mini-slotsndashndash unit ofunit of uplink uplink bandwidth allocation bandwidth allocation
ndashndash 22mm physical slots physical slotsbullbull in 10-66in 10-66 GHz GHz PHY physical slot is 4 symbols PHY physical slot is 4 symbols
bullbull TTime expressed as arrival time at BSime expressed as arrival time at BS
Classes of Uplink ServiceClasses of Uplink ServiceCharacteristic of the Service FlowCharacteristic of the Service Flow
bullbull Unsolicited Grant Services (UGS)Unsolicited Grant Services (UGS)ndashndash for constant bit-rate (CBR) or CBR-like servicefor constant bit-rate (CBR) or CBR-like service
flows (flows (SFsSFs) such as T1E1) such as T1E1
bullbull Real-time Polling Services (Real-time Polling Services (rtPSrtPS))ndashndash for for rtrt-VBR-like -VBR-like SFsSFs such as MPEG video such as MPEG video
bullbull Non-real-time Polling Services (Non-real-time Polling Services (nrtPSnrtPS))ndashndash for for nrtnrt SFsSFs with better than best effort service with better than best effort service
such as bandwidth-intensive file transfersuch as bandwidth-intensive file transfer
bullbull Best Effort (BE)Best Effort (BE)ndashndash for best-effort trafficfor best-effort traffic
Uplink Services - UGSUplink Services - UGS
bullbull No explicit bandwidth requests issued by SSNo explicit bandwidth requests issued by SS
bullbull Prohibited from using any contention requestsProhibited from using any contention requests
bullbull No No unicast unicast request opportunity providedrequest opportunity provided
bullbull May include a Grant Management (GM) sub-May include a Grant Management (GM) sub-header containingheader containingndashndash Slip indicator indicates that there is an backlog inSlip indicator indicates that there is an backlog in
the buffer due to clock skew or loss of mapsthe buffer due to clock skew or loss of maps
ndashndash Poll-me bit indicates that the terminal needs to bePoll-me bit indicates that the terminal needs to bepolled (allows for not polling terminals with UGS-polled (allows for not polling terminals with UGS-only services)only services)
Uplink Services - Uplink Services - rtPSrtPS
bullbull Intended for Intended for rtrt-VBR-like service flows such as-VBR-like service flows such asMPEG videoMPEG video
bullbull Prohibited from using any contention requestsProhibited from using any contention requestsbullbull Terminals polled frequently enough to meetTerminals polled frequently enough to meet
the delay requirements of the the delay requirements of the SFsSFsbullbull Bandwidth requested with BW requestBandwidth requested with BW request
messages (a special MAC PDU header)messages (a special MAC PDU header)bullbull May use Grant Management sub-headerMay use Grant Management sub-header
ndashndash new request can be piggybacked with eachnew request can be piggybacked with eachtransmitted PDUtransmitted PDU
Uplink Service - Uplink Service - nrtPSnrtPS
bullbull Intended for non-real-time service flows withIntended for non-real-time service flows withbetter than best effort servicebetter than best effort servicendashndash eg bandwidth-intensive file transfer eg bandwidth-intensive file transfer
bullbull Works like Works like rtrt-polling except that polls are-polling except that polls areissued less frequentlyissued less frequently
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
Uplink Service - BEUplink Service - BE
bullbull Generic dataGeneric datandashndash eg HTTP SMTP etceg HTTP SMTP etc
bullbull No QoS guaranteesNo QoS guarantees
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
RequestGrant SchemeRequestGrant Scheme
bullbull Self CorrectingSelf Correctingndashndash No acknowledgementNo acknowledgement
ndashndash All errors are handled in the same way ieAll errors are handled in the same way ieperiodical aggregate requestsperiodical aggregate requests
bullbull Bandwidth Requests are always per ConnectionBandwidth Requests are always per Connection
bullbull Grants are either per Connection (GPC) or perGrants are either per Connection (GPC) or perSubscriber Station (GPSS)Subscriber Station (GPSS)
ndashndash Grants (given as Grants (given as durationsdurations) are carried in the) are carried in theUL-MAP messagesUL-MAP messages
ndashndash SS needs to convert the time to amount of dataSS needs to convert the time to amount of datausing information about the UIUCusing information about the UIUC
GPSS vs GPCGPSS vs GPCbullbull Bandwidth Grant per Subscriber Station (GPSS)Bandwidth Grant per Subscriber Station (GPSS)
ndashndash Base station grants bandwidth to the subscriber stationBase station grants bandwidth to the subscriber stationndashndash Subscriber station may re-distribute bandwidth among itsSubscriber station may re-distribute bandwidth among its
connections maintaining QoS and service-levelconnections maintaining QoS and service-levelagreementsagreements
ndashndash Suitable for many connections per terminal off-loadingSuitable for many connections per terminal off-loadingbase stationrsquos workbase stationrsquos work
ndashndash Allows more sophisticated reaction to QoS needsAllows more sophisticated reaction to QoS needsndashndash Low overhead but requires intelligent subscriber stationLow overhead but requires intelligent subscriber stationndashndash Mandatory for P80216 10-66 GHz PHYMandatory for P80216 10-66 GHz PHY
bullbull Bandwidth Grant per Connection (GPC)Bandwidth Grant per Connection (GPC)ndashndash Base station grants bandwidth to a connectionBase station grants bandwidth to a connectionndashndash Mostly suitable for few users per subscriber stationMostly suitable for few users per subscriber stationndashndash Higher overhead but allows simpler subscriber stationHigher overhead but allows simpler subscriber station
Bandwidth RequestsBandwidth Requestsbullbull Come from the Come from the ConnectionConnection
bullbull Several kinds of requestsSeveral kinds of requestsndashndash Implicit requests (UGS)Implicit requests (UGS)
bullbull No actual messages negotiated at connection setupNo actual messages negotiated at connection setup
ndashndash BW request messagesBW request messagesbullbull Uses the special BW request headerUses the special BW request header
bullbull Requests up to 32 KB with a single messageRequests up to 32 KB with a single message
bullbull Incremental or aggregate as indicated by MAC headerIncremental or aggregate as indicated by MAC header
ndashndash Piggybacked request (for non-UGS services only)Piggybacked request (for non-UGS services only)bullbull Presented in GM sub-header and always incrementalPresented in GM sub-header and always incremental
bullbull Up to 32 KB per request for the CIDUp to 32 KB per request for the CID
ndashndash Poll-Me bit (for UGS services only)Poll-Me bit (for UGS services only)bullbull Used by the SS to request a bandwidth poll for non-UGS servicesUsed by the SS to request a bandwidth poll for non-UGS services
BW Request MessageBW Request Message
Maintaining QoS in GPSSMaintaining QoS in GPSSbullbull Semi-distributed approachSemi-distributed approachbullbull BS sees the requests for each connectionBS sees the requests for each connection
based on this grants bandwidth (BW) to thebased on this grants bandwidth (BW) to theSSsSSs (maintaining QoS and fairness) (maintaining QoS and fairness)
bullbull SS scheduler maintains QoS among itsSS scheduler maintains QoS among itsconnections and is responsible to share theconnections and is responsible to share theBW among the connections (maintaining QoSBW among the connections (maintaining QoSand fairness)and fairness)
bullbull Algorithm in BS and SS can be very differentAlgorithm in BS and SS can be very differentSS may use BW in a way unforeseen by theSS may use BW in a way unforeseen by theBSBS
SS initializationSS initializationbullbull Scan forScan for downlink downlink channel and establish channel and establish
synchronization with the BSsynchronization with the BS
bullbull Obtain transmit parameters (from UCD message)Obtain transmit parameters (from UCD message)
bullbull Perform rangingPerform ranging
bullbull Negotiate basic capabilitiesNegotiate basic capabilities
bullbull Authorize SS and perform key exchangeAuthorize SS and perform key exchange
bullbull Perform registrationPerform registration
bullbull Establish IP connectivityEstablish IP connectivity
bullbull Establish time of dayEstablish time of day
bullbull Transfer operational parametersTransfer operational parameters
bullbull Set up connectionsSet up connections
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
Uplink TransmissionsUplink Transmissionsbullbull Invited transmissionsInvited transmissions
bullbull Transmissions in contention slotsTransmissions in contention slotsndashndash Bandwidth requestsBandwidth requests
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Transmissions in initial ranging slotsTransmissions in initial ranging slotsndashndash Ranging Requests (RNG-REQ)Ranging Requests (RNG-REQ)
ndashndash Contention resolved using truncated exponential Contention resolved using truncated exponential backoffbackoff
bullbull Bursts defined by Bursts defined by UIUCsUIUCs
bullbull Transmissions allocated by the UL-MAP messageTransmissions allocated by the UL-MAP message
bullbull All transmissions have synchronization preambleAll transmissions have synchronization preamble
bullbull Ideally all data from a single SS is concatenated intoIdeally all data from a single SS is concatenated intoa single PHY bursta single PHY burst
Uplink Channel DescriptorUplink Channel Descriptor
bullbull Defines uplink burst profilesDefines uplink burst profiles
bullbull Sent regularlySent regularly
bullbull All Uplink Burst profiles are acquiredAll Uplink Burst profiles are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the fly
bullbull Establishes association between UIUCEstablishes association between UIUCand actual PHY parametersand actual PHY parameters
Uplink MAP MessageUplink MAP Message
bullbull UL-MAP message defines usage of the uplinkUL-MAP message defines usage of the uplink
bullbull Contains the grantsContains the grants
bullbull Grants addressed to the SSGrants addressed to the SS
bullbull Time given in mini-slotsTime given in mini-slotsndashndash unit ofunit of uplink uplink bandwidth allocation bandwidth allocation
ndashndash 22mm physical slots physical slotsbullbull in 10-66in 10-66 GHz GHz PHY physical slot is 4 symbols PHY physical slot is 4 symbols
bullbull TTime expressed as arrival time at BSime expressed as arrival time at BS
Classes of Uplink ServiceClasses of Uplink ServiceCharacteristic of the Service FlowCharacteristic of the Service Flow
bullbull Unsolicited Grant Services (UGS)Unsolicited Grant Services (UGS)ndashndash for constant bit-rate (CBR) or CBR-like servicefor constant bit-rate (CBR) or CBR-like service
flows (flows (SFsSFs) such as T1E1) such as T1E1
bullbull Real-time Polling Services (Real-time Polling Services (rtPSrtPS))ndashndash for for rtrt-VBR-like -VBR-like SFsSFs such as MPEG video such as MPEG video
bullbull Non-real-time Polling Services (Non-real-time Polling Services (nrtPSnrtPS))ndashndash for for nrtnrt SFsSFs with better than best effort service with better than best effort service
such as bandwidth-intensive file transfersuch as bandwidth-intensive file transfer
bullbull Best Effort (BE)Best Effort (BE)ndashndash for best-effort trafficfor best-effort traffic
Uplink Services - UGSUplink Services - UGS
bullbull No explicit bandwidth requests issued by SSNo explicit bandwidth requests issued by SS
bullbull Prohibited from using any contention requestsProhibited from using any contention requests
bullbull No No unicast unicast request opportunity providedrequest opportunity provided
bullbull May include a Grant Management (GM) sub-May include a Grant Management (GM) sub-header containingheader containingndashndash Slip indicator indicates that there is an backlog inSlip indicator indicates that there is an backlog in
the buffer due to clock skew or loss of mapsthe buffer due to clock skew or loss of maps
ndashndash Poll-me bit indicates that the terminal needs to bePoll-me bit indicates that the terminal needs to bepolled (allows for not polling terminals with UGS-polled (allows for not polling terminals with UGS-only services)only services)
Uplink Services - Uplink Services - rtPSrtPS
bullbull Intended for Intended for rtrt-VBR-like service flows such as-VBR-like service flows such asMPEG videoMPEG video
bullbull Prohibited from using any contention requestsProhibited from using any contention requestsbullbull Terminals polled frequently enough to meetTerminals polled frequently enough to meet
the delay requirements of the the delay requirements of the SFsSFsbullbull Bandwidth requested with BW requestBandwidth requested with BW request
messages (a special MAC PDU header)messages (a special MAC PDU header)bullbull May use Grant Management sub-headerMay use Grant Management sub-header
ndashndash new request can be piggybacked with eachnew request can be piggybacked with eachtransmitted PDUtransmitted PDU
Uplink Service - Uplink Service - nrtPSnrtPS
bullbull Intended for non-real-time service flows withIntended for non-real-time service flows withbetter than best effort servicebetter than best effort servicendashndash eg bandwidth-intensive file transfer eg bandwidth-intensive file transfer
bullbull Works like Works like rtrt-polling except that polls are-polling except that polls areissued less frequentlyissued less frequently
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
Uplink Service - BEUplink Service - BE
bullbull Generic dataGeneric datandashndash eg HTTP SMTP etceg HTTP SMTP etc
bullbull No QoS guaranteesNo QoS guarantees
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
RequestGrant SchemeRequestGrant Scheme
bullbull Self CorrectingSelf Correctingndashndash No acknowledgementNo acknowledgement
ndashndash All errors are handled in the same way ieAll errors are handled in the same way ieperiodical aggregate requestsperiodical aggregate requests
bullbull Bandwidth Requests are always per ConnectionBandwidth Requests are always per Connection
bullbull Grants are either per Connection (GPC) or perGrants are either per Connection (GPC) or perSubscriber Station (GPSS)Subscriber Station (GPSS)
ndashndash Grants (given as Grants (given as durationsdurations) are carried in the) are carried in theUL-MAP messagesUL-MAP messages
ndashndash SS needs to convert the time to amount of dataSS needs to convert the time to amount of datausing information about the UIUCusing information about the UIUC
GPSS vs GPCGPSS vs GPCbullbull Bandwidth Grant per Subscriber Station (GPSS)Bandwidth Grant per Subscriber Station (GPSS)
ndashndash Base station grants bandwidth to the subscriber stationBase station grants bandwidth to the subscriber stationndashndash Subscriber station may re-distribute bandwidth among itsSubscriber station may re-distribute bandwidth among its
connections maintaining QoS and service-levelconnections maintaining QoS and service-levelagreementsagreements
ndashndash Suitable for many connections per terminal off-loadingSuitable for many connections per terminal off-loadingbase stationrsquos workbase stationrsquos work
ndashndash Allows more sophisticated reaction to QoS needsAllows more sophisticated reaction to QoS needsndashndash Low overhead but requires intelligent subscriber stationLow overhead but requires intelligent subscriber stationndashndash Mandatory for P80216 10-66 GHz PHYMandatory for P80216 10-66 GHz PHY
bullbull Bandwidth Grant per Connection (GPC)Bandwidth Grant per Connection (GPC)ndashndash Base station grants bandwidth to a connectionBase station grants bandwidth to a connectionndashndash Mostly suitable for few users per subscriber stationMostly suitable for few users per subscriber stationndashndash Higher overhead but allows simpler subscriber stationHigher overhead but allows simpler subscriber station
Bandwidth RequestsBandwidth Requestsbullbull Come from the Come from the ConnectionConnection
bullbull Several kinds of requestsSeveral kinds of requestsndashndash Implicit requests (UGS)Implicit requests (UGS)
bullbull No actual messages negotiated at connection setupNo actual messages negotiated at connection setup
ndashndash BW request messagesBW request messagesbullbull Uses the special BW request headerUses the special BW request header
bullbull Requests up to 32 KB with a single messageRequests up to 32 KB with a single message
bullbull Incremental or aggregate as indicated by MAC headerIncremental or aggregate as indicated by MAC header
ndashndash Piggybacked request (for non-UGS services only)Piggybacked request (for non-UGS services only)bullbull Presented in GM sub-header and always incrementalPresented in GM sub-header and always incremental
bullbull Up to 32 KB per request for the CIDUp to 32 KB per request for the CID
ndashndash Poll-Me bit (for UGS services only)Poll-Me bit (for UGS services only)bullbull Used by the SS to request a bandwidth poll for non-UGS servicesUsed by the SS to request a bandwidth poll for non-UGS services
BW Request MessageBW Request Message
Maintaining QoS in GPSSMaintaining QoS in GPSSbullbull Semi-distributed approachSemi-distributed approachbullbull BS sees the requests for each connectionBS sees the requests for each connection
based on this grants bandwidth (BW) to thebased on this grants bandwidth (BW) to theSSsSSs (maintaining QoS and fairness) (maintaining QoS and fairness)
bullbull SS scheduler maintains QoS among itsSS scheduler maintains QoS among itsconnections and is responsible to share theconnections and is responsible to share theBW among the connections (maintaining QoSBW among the connections (maintaining QoSand fairness)and fairness)
bullbull Algorithm in BS and SS can be very differentAlgorithm in BS and SS can be very differentSS may use BW in a way unforeseen by theSS may use BW in a way unforeseen by theBSBS
SS initializationSS initializationbullbull Scan forScan for downlink downlink channel and establish channel and establish
synchronization with the BSsynchronization with the BS
bullbull Obtain transmit parameters (from UCD message)Obtain transmit parameters (from UCD message)
bullbull Perform rangingPerform ranging
bullbull Negotiate basic capabilitiesNegotiate basic capabilities
bullbull Authorize SS and perform key exchangeAuthorize SS and perform key exchange
bullbull Perform registrationPerform registration
bullbull Establish IP connectivityEstablish IP connectivity
bullbull Establish time of dayEstablish time of day
bullbull Transfer operational parametersTransfer operational parameters
bullbull Set up connectionsSet up connections
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
Uplink Channel DescriptorUplink Channel Descriptor
bullbull Defines uplink burst profilesDefines uplink burst profiles
bullbull Sent regularlySent regularly
bullbull All Uplink Burst profiles are acquiredAll Uplink Burst profiles are acquired
bullbull Burst profiles can be changed on the flyBurst profiles can be changed on the fly
bullbull Establishes association between UIUCEstablishes association between UIUCand actual PHY parametersand actual PHY parameters
Uplink MAP MessageUplink MAP Message
bullbull UL-MAP message defines usage of the uplinkUL-MAP message defines usage of the uplink
bullbull Contains the grantsContains the grants
bullbull Grants addressed to the SSGrants addressed to the SS
bullbull Time given in mini-slotsTime given in mini-slotsndashndash unit ofunit of uplink uplink bandwidth allocation bandwidth allocation
ndashndash 22mm physical slots physical slotsbullbull in 10-66in 10-66 GHz GHz PHY physical slot is 4 symbols PHY physical slot is 4 symbols
bullbull TTime expressed as arrival time at BSime expressed as arrival time at BS
Classes of Uplink ServiceClasses of Uplink ServiceCharacteristic of the Service FlowCharacteristic of the Service Flow
bullbull Unsolicited Grant Services (UGS)Unsolicited Grant Services (UGS)ndashndash for constant bit-rate (CBR) or CBR-like servicefor constant bit-rate (CBR) or CBR-like service
flows (flows (SFsSFs) such as T1E1) such as T1E1
bullbull Real-time Polling Services (Real-time Polling Services (rtPSrtPS))ndashndash for for rtrt-VBR-like -VBR-like SFsSFs such as MPEG video such as MPEG video
bullbull Non-real-time Polling Services (Non-real-time Polling Services (nrtPSnrtPS))ndashndash for for nrtnrt SFsSFs with better than best effort service with better than best effort service
such as bandwidth-intensive file transfersuch as bandwidth-intensive file transfer
bullbull Best Effort (BE)Best Effort (BE)ndashndash for best-effort trafficfor best-effort traffic
Uplink Services - UGSUplink Services - UGS
bullbull No explicit bandwidth requests issued by SSNo explicit bandwidth requests issued by SS
bullbull Prohibited from using any contention requestsProhibited from using any contention requests
bullbull No No unicast unicast request opportunity providedrequest opportunity provided
bullbull May include a Grant Management (GM) sub-May include a Grant Management (GM) sub-header containingheader containingndashndash Slip indicator indicates that there is an backlog inSlip indicator indicates that there is an backlog in
the buffer due to clock skew or loss of mapsthe buffer due to clock skew or loss of maps
ndashndash Poll-me bit indicates that the terminal needs to bePoll-me bit indicates that the terminal needs to bepolled (allows for not polling terminals with UGS-polled (allows for not polling terminals with UGS-only services)only services)
Uplink Services - Uplink Services - rtPSrtPS
bullbull Intended for Intended for rtrt-VBR-like service flows such as-VBR-like service flows such asMPEG videoMPEG video
bullbull Prohibited from using any contention requestsProhibited from using any contention requestsbullbull Terminals polled frequently enough to meetTerminals polled frequently enough to meet
the delay requirements of the the delay requirements of the SFsSFsbullbull Bandwidth requested with BW requestBandwidth requested with BW request
messages (a special MAC PDU header)messages (a special MAC PDU header)bullbull May use Grant Management sub-headerMay use Grant Management sub-header
ndashndash new request can be piggybacked with eachnew request can be piggybacked with eachtransmitted PDUtransmitted PDU
Uplink Service - Uplink Service - nrtPSnrtPS
bullbull Intended for non-real-time service flows withIntended for non-real-time service flows withbetter than best effort servicebetter than best effort servicendashndash eg bandwidth-intensive file transfer eg bandwidth-intensive file transfer
bullbull Works like Works like rtrt-polling except that polls are-polling except that polls areissued less frequentlyissued less frequently
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
Uplink Service - BEUplink Service - BE
bullbull Generic dataGeneric datandashndash eg HTTP SMTP etceg HTTP SMTP etc
bullbull No QoS guaranteesNo QoS guarantees
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
RequestGrant SchemeRequestGrant Scheme
bullbull Self CorrectingSelf Correctingndashndash No acknowledgementNo acknowledgement
ndashndash All errors are handled in the same way ieAll errors are handled in the same way ieperiodical aggregate requestsperiodical aggregate requests
bullbull Bandwidth Requests are always per ConnectionBandwidth Requests are always per Connection
bullbull Grants are either per Connection (GPC) or perGrants are either per Connection (GPC) or perSubscriber Station (GPSS)Subscriber Station (GPSS)
ndashndash Grants (given as Grants (given as durationsdurations) are carried in the) are carried in theUL-MAP messagesUL-MAP messages
ndashndash SS needs to convert the time to amount of dataSS needs to convert the time to amount of datausing information about the UIUCusing information about the UIUC
GPSS vs GPCGPSS vs GPCbullbull Bandwidth Grant per Subscriber Station (GPSS)Bandwidth Grant per Subscriber Station (GPSS)
ndashndash Base station grants bandwidth to the subscriber stationBase station grants bandwidth to the subscriber stationndashndash Subscriber station may re-distribute bandwidth among itsSubscriber station may re-distribute bandwidth among its
connections maintaining QoS and service-levelconnections maintaining QoS and service-levelagreementsagreements
ndashndash Suitable for many connections per terminal off-loadingSuitable for many connections per terminal off-loadingbase stationrsquos workbase stationrsquos work
ndashndash Allows more sophisticated reaction to QoS needsAllows more sophisticated reaction to QoS needsndashndash Low overhead but requires intelligent subscriber stationLow overhead but requires intelligent subscriber stationndashndash Mandatory for P80216 10-66 GHz PHYMandatory for P80216 10-66 GHz PHY
bullbull Bandwidth Grant per Connection (GPC)Bandwidth Grant per Connection (GPC)ndashndash Base station grants bandwidth to a connectionBase station grants bandwidth to a connectionndashndash Mostly suitable for few users per subscriber stationMostly suitable for few users per subscriber stationndashndash Higher overhead but allows simpler subscriber stationHigher overhead but allows simpler subscriber station
Bandwidth RequestsBandwidth Requestsbullbull Come from the Come from the ConnectionConnection
bullbull Several kinds of requestsSeveral kinds of requestsndashndash Implicit requests (UGS)Implicit requests (UGS)
bullbull No actual messages negotiated at connection setupNo actual messages negotiated at connection setup
ndashndash BW request messagesBW request messagesbullbull Uses the special BW request headerUses the special BW request header
bullbull Requests up to 32 KB with a single messageRequests up to 32 KB with a single message
bullbull Incremental or aggregate as indicated by MAC headerIncremental or aggregate as indicated by MAC header
ndashndash Piggybacked request (for non-UGS services only)Piggybacked request (for non-UGS services only)bullbull Presented in GM sub-header and always incrementalPresented in GM sub-header and always incremental
bullbull Up to 32 KB per request for the CIDUp to 32 KB per request for the CID
ndashndash Poll-Me bit (for UGS services only)Poll-Me bit (for UGS services only)bullbull Used by the SS to request a bandwidth poll for non-UGS servicesUsed by the SS to request a bandwidth poll for non-UGS services
BW Request MessageBW Request Message
Maintaining QoS in GPSSMaintaining QoS in GPSSbullbull Semi-distributed approachSemi-distributed approachbullbull BS sees the requests for each connectionBS sees the requests for each connection
based on this grants bandwidth (BW) to thebased on this grants bandwidth (BW) to theSSsSSs (maintaining QoS and fairness) (maintaining QoS and fairness)
bullbull SS scheduler maintains QoS among itsSS scheduler maintains QoS among itsconnections and is responsible to share theconnections and is responsible to share theBW among the connections (maintaining QoSBW among the connections (maintaining QoSand fairness)and fairness)
bullbull Algorithm in BS and SS can be very differentAlgorithm in BS and SS can be very differentSS may use BW in a way unforeseen by theSS may use BW in a way unforeseen by theBSBS
SS initializationSS initializationbullbull Scan forScan for downlink downlink channel and establish channel and establish
synchronization with the BSsynchronization with the BS
bullbull Obtain transmit parameters (from UCD message)Obtain transmit parameters (from UCD message)
bullbull Perform rangingPerform ranging
bullbull Negotiate basic capabilitiesNegotiate basic capabilities
bullbull Authorize SS and perform key exchangeAuthorize SS and perform key exchange
bullbull Perform registrationPerform registration
bullbull Establish IP connectivityEstablish IP connectivity
bullbull Establish time of dayEstablish time of day
bullbull Transfer operational parametersTransfer operational parameters
bullbull Set up connectionsSet up connections
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
Uplink MAP MessageUplink MAP Message
bullbull UL-MAP message defines usage of the uplinkUL-MAP message defines usage of the uplink
bullbull Contains the grantsContains the grants
bullbull Grants addressed to the SSGrants addressed to the SS
bullbull Time given in mini-slotsTime given in mini-slotsndashndash unit ofunit of uplink uplink bandwidth allocation bandwidth allocation
ndashndash 22mm physical slots physical slotsbullbull in 10-66in 10-66 GHz GHz PHY physical slot is 4 symbols PHY physical slot is 4 symbols
bullbull TTime expressed as arrival time at BSime expressed as arrival time at BS
Classes of Uplink ServiceClasses of Uplink ServiceCharacteristic of the Service FlowCharacteristic of the Service Flow
bullbull Unsolicited Grant Services (UGS)Unsolicited Grant Services (UGS)ndashndash for constant bit-rate (CBR) or CBR-like servicefor constant bit-rate (CBR) or CBR-like service
flows (flows (SFsSFs) such as T1E1) such as T1E1
bullbull Real-time Polling Services (Real-time Polling Services (rtPSrtPS))ndashndash for for rtrt-VBR-like -VBR-like SFsSFs such as MPEG video such as MPEG video
bullbull Non-real-time Polling Services (Non-real-time Polling Services (nrtPSnrtPS))ndashndash for for nrtnrt SFsSFs with better than best effort service with better than best effort service
such as bandwidth-intensive file transfersuch as bandwidth-intensive file transfer
bullbull Best Effort (BE)Best Effort (BE)ndashndash for best-effort trafficfor best-effort traffic
Uplink Services - UGSUplink Services - UGS
bullbull No explicit bandwidth requests issued by SSNo explicit bandwidth requests issued by SS
bullbull Prohibited from using any contention requestsProhibited from using any contention requests
bullbull No No unicast unicast request opportunity providedrequest opportunity provided
bullbull May include a Grant Management (GM) sub-May include a Grant Management (GM) sub-header containingheader containingndashndash Slip indicator indicates that there is an backlog inSlip indicator indicates that there is an backlog in
the buffer due to clock skew or loss of mapsthe buffer due to clock skew or loss of maps
ndashndash Poll-me bit indicates that the terminal needs to bePoll-me bit indicates that the terminal needs to bepolled (allows for not polling terminals with UGS-polled (allows for not polling terminals with UGS-only services)only services)
Uplink Services - Uplink Services - rtPSrtPS
bullbull Intended for Intended for rtrt-VBR-like service flows such as-VBR-like service flows such asMPEG videoMPEG video
bullbull Prohibited from using any contention requestsProhibited from using any contention requestsbullbull Terminals polled frequently enough to meetTerminals polled frequently enough to meet
the delay requirements of the the delay requirements of the SFsSFsbullbull Bandwidth requested with BW requestBandwidth requested with BW request
messages (a special MAC PDU header)messages (a special MAC PDU header)bullbull May use Grant Management sub-headerMay use Grant Management sub-header
ndashndash new request can be piggybacked with eachnew request can be piggybacked with eachtransmitted PDUtransmitted PDU
Uplink Service - Uplink Service - nrtPSnrtPS
bullbull Intended for non-real-time service flows withIntended for non-real-time service flows withbetter than best effort servicebetter than best effort servicendashndash eg bandwidth-intensive file transfer eg bandwidth-intensive file transfer
bullbull Works like Works like rtrt-polling except that polls are-polling except that polls areissued less frequentlyissued less frequently
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
Uplink Service - BEUplink Service - BE
bullbull Generic dataGeneric datandashndash eg HTTP SMTP etceg HTTP SMTP etc
bullbull No QoS guaranteesNo QoS guarantees
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
RequestGrant SchemeRequestGrant Scheme
bullbull Self CorrectingSelf Correctingndashndash No acknowledgementNo acknowledgement
ndashndash All errors are handled in the same way ieAll errors are handled in the same way ieperiodical aggregate requestsperiodical aggregate requests
bullbull Bandwidth Requests are always per ConnectionBandwidth Requests are always per Connection
bullbull Grants are either per Connection (GPC) or perGrants are either per Connection (GPC) or perSubscriber Station (GPSS)Subscriber Station (GPSS)
ndashndash Grants (given as Grants (given as durationsdurations) are carried in the) are carried in theUL-MAP messagesUL-MAP messages
ndashndash SS needs to convert the time to amount of dataSS needs to convert the time to amount of datausing information about the UIUCusing information about the UIUC
GPSS vs GPCGPSS vs GPCbullbull Bandwidth Grant per Subscriber Station (GPSS)Bandwidth Grant per Subscriber Station (GPSS)
ndashndash Base station grants bandwidth to the subscriber stationBase station grants bandwidth to the subscriber stationndashndash Subscriber station may re-distribute bandwidth among itsSubscriber station may re-distribute bandwidth among its
connections maintaining QoS and service-levelconnections maintaining QoS and service-levelagreementsagreements
ndashndash Suitable for many connections per terminal off-loadingSuitable for many connections per terminal off-loadingbase stationrsquos workbase stationrsquos work
ndashndash Allows more sophisticated reaction to QoS needsAllows more sophisticated reaction to QoS needsndashndash Low overhead but requires intelligent subscriber stationLow overhead but requires intelligent subscriber stationndashndash Mandatory for P80216 10-66 GHz PHYMandatory for P80216 10-66 GHz PHY
bullbull Bandwidth Grant per Connection (GPC)Bandwidth Grant per Connection (GPC)ndashndash Base station grants bandwidth to a connectionBase station grants bandwidth to a connectionndashndash Mostly suitable for few users per subscriber stationMostly suitable for few users per subscriber stationndashndash Higher overhead but allows simpler subscriber stationHigher overhead but allows simpler subscriber station
Bandwidth RequestsBandwidth Requestsbullbull Come from the Come from the ConnectionConnection
bullbull Several kinds of requestsSeveral kinds of requestsndashndash Implicit requests (UGS)Implicit requests (UGS)
bullbull No actual messages negotiated at connection setupNo actual messages negotiated at connection setup
ndashndash BW request messagesBW request messagesbullbull Uses the special BW request headerUses the special BW request header
bullbull Requests up to 32 KB with a single messageRequests up to 32 KB with a single message
bullbull Incremental or aggregate as indicated by MAC headerIncremental or aggregate as indicated by MAC header
ndashndash Piggybacked request (for non-UGS services only)Piggybacked request (for non-UGS services only)bullbull Presented in GM sub-header and always incrementalPresented in GM sub-header and always incremental
bullbull Up to 32 KB per request for the CIDUp to 32 KB per request for the CID
ndashndash Poll-Me bit (for UGS services only)Poll-Me bit (for UGS services only)bullbull Used by the SS to request a bandwidth poll for non-UGS servicesUsed by the SS to request a bandwidth poll for non-UGS services
BW Request MessageBW Request Message
Maintaining QoS in GPSSMaintaining QoS in GPSSbullbull Semi-distributed approachSemi-distributed approachbullbull BS sees the requests for each connectionBS sees the requests for each connection
based on this grants bandwidth (BW) to thebased on this grants bandwidth (BW) to theSSsSSs (maintaining QoS and fairness) (maintaining QoS and fairness)
bullbull SS scheduler maintains QoS among itsSS scheduler maintains QoS among itsconnections and is responsible to share theconnections and is responsible to share theBW among the connections (maintaining QoSBW among the connections (maintaining QoSand fairness)and fairness)
bullbull Algorithm in BS and SS can be very differentAlgorithm in BS and SS can be very differentSS may use BW in a way unforeseen by theSS may use BW in a way unforeseen by theBSBS
SS initializationSS initializationbullbull Scan forScan for downlink downlink channel and establish channel and establish
synchronization with the BSsynchronization with the BS
bullbull Obtain transmit parameters (from UCD message)Obtain transmit parameters (from UCD message)
bullbull Perform rangingPerform ranging
bullbull Negotiate basic capabilitiesNegotiate basic capabilities
bullbull Authorize SS and perform key exchangeAuthorize SS and perform key exchange
bullbull Perform registrationPerform registration
bullbull Establish IP connectivityEstablish IP connectivity
bullbull Establish time of dayEstablish time of day
bullbull Transfer operational parametersTransfer operational parameters
bullbull Set up connectionsSet up connections
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
Classes of Uplink ServiceClasses of Uplink ServiceCharacteristic of the Service FlowCharacteristic of the Service Flow
bullbull Unsolicited Grant Services (UGS)Unsolicited Grant Services (UGS)ndashndash for constant bit-rate (CBR) or CBR-like servicefor constant bit-rate (CBR) or CBR-like service
flows (flows (SFsSFs) such as T1E1) such as T1E1
bullbull Real-time Polling Services (Real-time Polling Services (rtPSrtPS))ndashndash for for rtrt-VBR-like -VBR-like SFsSFs such as MPEG video such as MPEG video
bullbull Non-real-time Polling Services (Non-real-time Polling Services (nrtPSnrtPS))ndashndash for for nrtnrt SFsSFs with better than best effort service with better than best effort service
such as bandwidth-intensive file transfersuch as bandwidth-intensive file transfer
bullbull Best Effort (BE)Best Effort (BE)ndashndash for best-effort trafficfor best-effort traffic
Uplink Services - UGSUplink Services - UGS
bullbull No explicit bandwidth requests issued by SSNo explicit bandwidth requests issued by SS
bullbull Prohibited from using any contention requestsProhibited from using any contention requests
bullbull No No unicast unicast request opportunity providedrequest opportunity provided
bullbull May include a Grant Management (GM) sub-May include a Grant Management (GM) sub-header containingheader containingndashndash Slip indicator indicates that there is an backlog inSlip indicator indicates that there is an backlog in
the buffer due to clock skew or loss of mapsthe buffer due to clock skew or loss of maps
ndashndash Poll-me bit indicates that the terminal needs to bePoll-me bit indicates that the terminal needs to bepolled (allows for not polling terminals with UGS-polled (allows for not polling terminals with UGS-only services)only services)
Uplink Services - Uplink Services - rtPSrtPS
bullbull Intended for Intended for rtrt-VBR-like service flows such as-VBR-like service flows such asMPEG videoMPEG video
bullbull Prohibited from using any contention requestsProhibited from using any contention requestsbullbull Terminals polled frequently enough to meetTerminals polled frequently enough to meet
the delay requirements of the the delay requirements of the SFsSFsbullbull Bandwidth requested with BW requestBandwidth requested with BW request
messages (a special MAC PDU header)messages (a special MAC PDU header)bullbull May use Grant Management sub-headerMay use Grant Management sub-header
ndashndash new request can be piggybacked with eachnew request can be piggybacked with eachtransmitted PDUtransmitted PDU
Uplink Service - Uplink Service - nrtPSnrtPS
bullbull Intended for non-real-time service flows withIntended for non-real-time service flows withbetter than best effort servicebetter than best effort servicendashndash eg bandwidth-intensive file transfer eg bandwidth-intensive file transfer
bullbull Works like Works like rtrt-polling except that polls are-polling except that polls areissued less frequentlyissued less frequently
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
Uplink Service - BEUplink Service - BE
bullbull Generic dataGeneric datandashndash eg HTTP SMTP etceg HTTP SMTP etc
bullbull No QoS guaranteesNo QoS guarantees
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
RequestGrant SchemeRequestGrant Scheme
bullbull Self CorrectingSelf Correctingndashndash No acknowledgementNo acknowledgement
ndashndash All errors are handled in the same way ieAll errors are handled in the same way ieperiodical aggregate requestsperiodical aggregate requests
bullbull Bandwidth Requests are always per ConnectionBandwidth Requests are always per Connection
bullbull Grants are either per Connection (GPC) or perGrants are either per Connection (GPC) or perSubscriber Station (GPSS)Subscriber Station (GPSS)
ndashndash Grants (given as Grants (given as durationsdurations) are carried in the) are carried in theUL-MAP messagesUL-MAP messages
ndashndash SS needs to convert the time to amount of dataSS needs to convert the time to amount of datausing information about the UIUCusing information about the UIUC
GPSS vs GPCGPSS vs GPCbullbull Bandwidth Grant per Subscriber Station (GPSS)Bandwidth Grant per Subscriber Station (GPSS)
ndashndash Base station grants bandwidth to the subscriber stationBase station grants bandwidth to the subscriber stationndashndash Subscriber station may re-distribute bandwidth among itsSubscriber station may re-distribute bandwidth among its
connections maintaining QoS and service-levelconnections maintaining QoS and service-levelagreementsagreements
ndashndash Suitable for many connections per terminal off-loadingSuitable for many connections per terminal off-loadingbase stationrsquos workbase stationrsquos work
ndashndash Allows more sophisticated reaction to QoS needsAllows more sophisticated reaction to QoS needsndashndash Low overhead but requires intelligent subscriber stationLow overhead but requires intelligent subscriber stationndashndash Mandatory for P80216 10-66 GHz PHYMandatory for P80216 10-66 GHz PHY
bullbull Bandwidth Grant per Connection (GPC)Bandwidth Grant per Connection (GPC)ndashndash Base station grants bandwidth to a connectionBase station grants bandwidth to a connectionndashndash Mostly suitable for few users per subscriber stationMostly suitable for few users per subscriber stationndashndash Higher overhead but allows simpler subscriber stationHigher overhead but allows simpler subscriber station
Bandwidth RequestsBandwidth Requestsbullbull Come from the Come from the ConnectionConnection
bullbull Several kinds of requestsSeveral kinds of requestsndashndash Implicit requests (UGS)Implicit requests (UGS)
bullbull No actual messages negotiated at connection setupNo actual messages negotiated at connection setup
ndashndash BW request messagesBW request messagesbullbull Uses the special BW request headerUses the special BW request header
bullbull Requests up to 32 KB with a single messageRequests up to 32 KB with a single message
bullbull Incremental or aggregate as indicated by MAC headerIncremental or aggregate as indicated by MAC header
ndashndash Piggybacked request (for non-UGS services only)Piggybacked request (for non-UGS services only)bullbull Presented in GM sub-header and always incrementalPresented in GM sub-header and always incremental
bullbull Up to 32 KB per request for the CIDUp to 32 KB per request for the CID
ndashndash Poll-Me bit (for UGS services only)Poll-Me bit (for UGS services only)bullbull Used by the SS to request a bandwidth poll for non-UGS servicesUsed by the SS to request a bandwidth poll for non-UGS services
BW Request MessageBW Request Message
Maintaining QoS in GPSSMaintaining QoS in GPSSbullbull Semi-distributed approachSemi-distributed approachbullbull BS sees the requests for each connectionBS sees the requests for each connection
based on this grants bandwidth (BW) to thebased on this grants bandwidth (BW) to theSSsSSs (maintaining QoS and fairness) (maintaining QoS and fairness)
bullbull SS scheduler maintains QoS among itsSS scheduler maintains QoS among itsconnections and is responsible to share theconnections and is responsible to share theBW among the connections (maintaining QoSBW among the connections (maintaining QoSand fairness)and fairness)
bullbull Algorithm in BS and SS can be very differentAlgorithm in BS and SS can be very differentSS may use BW in a way unforeseen by theSS may use BW in a way unforeseen by theBSBS
SS initializationSS initializationbullbull Scan forScan for downlink downlink channel and establish channel and establish
synchronization with the BSsynchronization with the BS
bullbull Obtain transmit parameters (from UCD message)Obtain transmit parameters (from UCD message)
bullbull Perform rangingPerform ranging
bullbull Negotiate basic capabilitiesNegotiate basic capabilities
bullbull Authorize SS and perform key exchangeAuthorize SS and perform key exchange
bullbull Perform registrationPerform registration
bullbull Establish IP connectivityEstablish IP connectivity
bullbull Establish time of dayEstablish time of day
bullbull Transfer operational parametersTransfer operational parameters
bullbull Set up connectionsSet up connections
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
Uplink Services - UGSUplink Services - UGS
bullbull No explicit bandwidth requests issued by SSNo explicit bandwidth requests issued by SS
bullbull Prohibited from using any contention requestsProhibited from using any contention requests
bullbull No No unicast unicast request opportunity providedrequest opportunity provided
bullbull May include a Grant Management (GM) sub-May include a Grant Management (GM) sub-header containingheader containingndashndash Slip indicator indicates that there is an backlog inSlip indicator indicates that there is an backlog in
the buffer due to clock skew or loss of mapsthe buffer due to clock skew or loss of maps
ndashndash Poll-me bit indicates that the terminal needs to bePoll-me bit indicates that the terminal needs to bepolled (allows for not polling terminals with UGS-polled (allows for not polling terminals with UGS-only services)only services)
Uplink Services - Uplink Services - rtPSrtPS
bullbull Intended for Intended for rtrt-VBR-like service flows such as-VBR-like service flows such asMPEG videoMPEG video
bullbull Prohibited from using any contention requestsProhibited from using any contention requestsbullbull Terminals polled frequently enough to meetTerminals polled frequently enough to meet
the delay requirements of the the delay requirements of the SFsSFsbullbull Bandwidth requested with BW requestBandwidth requested with BW request
messages (a special MAC PDU header)messages (a special MAC PDU header)bullbull May use Grant Management sub-headerMay use Grant Management sub-header
ndashndash new request can be piggybacked with eachnew request can be piggybacked with eachtransmitted PDUtransmitted PDU
Uplink Service - Uplink Service - nrtPSnrtPS
bullbull Intended for non-real-time service flows withIntended for non-real-time service flows withbetter than best effort servicebetter than best effort servicendashndash eg bandwidth-intensive file transfer eg bandwidth-intensive file transfer
bullbull Works like Works like rtrt-polling except that polls are-polling except that polls areissued less frequentlyissued less frequently
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
Uplink Service - BEUplink Service - BE
bullbull Generic dataGeneric datandashndash eg HTTP SMTP etceg HTTP SMTP etc
bullbull No QoS guaranteesNo QoS guarantees
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
RequestGrant SchemeRequestGrant Scheme
bullbull Self CorrectingSelf Correctingndashndash No acknowledgementNo acknowledgement
ndashndash All errors are handled in the same way ieAll errors are handled in the same way ieperiodical aggregate requestsperiodical aggregate requests
bullbull Bandwidth Requests are always per ConnectionBandwidth Requests are always per Connection
bullbull Grants are either per Connection (GPC) or perGrants are either per Connection (GPC) or perSubscriber Station (GPSS)Subscriber Station (GPSS)
ndashndash Grants (given as Grants (given as durationsdurations) are carried in the) are carried in theUL-MAP messagesUL-MAP messages
ndashndash SS needs to convert the time to amount of dataSS needs to convert the time to amount of datausing information about the UIUCusing information about the UIUC
GPSS vs GPCGPSS vs GPCbullbull Bandwidth Grant per Subscriber Station (GPSS)Bandwidth Grant per Subscriber Station (GPSS)
ndashndash Base station grants bandwidth to the subscriber stationBase station grants bandwidth to the subscriber stationndashndash Subscriber station may re-distribute bandwidth among itsSubscriber station may re-distribute bandwidth among its
connections maintaining QoS and service-levelconnections maintaining QoS and service-levelagreementsagreements
ndashndash Suitable for many connections per terminal off-loadingSuitable for many connections per terminal off-loadingbase stationrsquos workbase stationrsquos work
ndashndash Allows more sophisticated reaction to QoS needsAllows more sophisticated reaction to QoS needsndashndash Low overhead but requires intelligent subscriber stationLow overhead but requires intelligent subscriber stationndashndash Mandatory for P80216 10-66 GHz PHYMandatory for P80216 10-66 GHz PHY
bullbull Bandwidth Grant per Connection (GPC)Bandwidth Grant per Connection (GPC)ndashndash Base station grants bandwidth to a connectionBase station grants bandwidth to a connectionndashndash Mostly suitable for few users per subscriber stationMostly suitable for few users per subscriber stationndashndash Higher overhead but allows simpler subscriber stationHigher overhead but allows simpler subscriber station
Bandwidth RequestsBandwidth Requestsbullbull Come from the Come from the ConnectionConnection
bullbull Several kinds of requestsSeveral kinds of requestsndashndash Implicit requests (UGS)Implicit requests (UGS)
bullbull No actual messages negotiated at connection setupNo actual messages negotiated at connection setup
ndashndash BW request messagesBW request messagesbullbull Uses the special BW request headerUses the special BW request header
bullbull Requests up to 32 KB with a single messageRequests up to 32 KB with a single message
bullbull Incremental or aggregate as indicated by MAC headerIncremental or aggregate as indicated by MAC header
ndashndash Piggybacked request (for non-UGS services only)Piggybacked request (for non-UGS services only)bullbull Presented in GM sub-header and always incrementalPresented in GM sub-header and always incremental
bullbull Up to 32 KB per request for the CIDUp to 32 KB per request for the CID
ndashndash Poll-Me bit (for UGS services only)Poll-Me bit (for UGS services only)bullbull Used by the SS to request a bandwidth poll for non-UGS servicesUsed by the SS to request a bandwidth poll for non-UGS services
BW Request MessageBW Request Message
Maintaining QoS in GPSSMaintaining QoS in GPSSbullbull Semi-distributed approachSemi-distributed approachbullbull BS sees the requests for each connectionBS sees the requests for each connection
based on this grants bandwidth (BW) to thebased on this grants bandwidth (BW) to theSSsSSs (maintaining QoS and fairness) (maintaining QoS and fairness)
bullbull SS scheduler maintains QoS among itsSS scheduler maintains QoS among itsconnections and is responsible to share theconnections and is responsible to share theBW among the connections (maintaining QoSBW among the connections (maintaining QoSand fairness)and fairness)
bullbull Algorithm in BS and SS can be very differentAlgorithm in BS and SS can be very differentSS may use BW in a way unforeseen by theSS may use BW in a way unforeseen by theBSBS
SS initializationSS initializationbullbull Scan forScan for downlink downlink channel and establish channel and establish
synchronization with the BSsynchronization with the BS
bullbull Obtain transmit parameters (from UCD message)Obtain transmit parameters (from UCD message)
bullbull Perform rangingPerform ranging
bullbull Negotiate basic capabilitiesNegotiate basic capabilities
bullbull Authorize SS and perform key exchangeAuthorize SS and perform key exchange
bullbull Perform registrationPerform registration
bullbull Establish IP connectivityEstablish IP connectivity
bullbull Establish time of dayEstablish time of day
bullbull Transfer operational parametersTransfer operational parameters
bullbull Set up connectionsSet up connections
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
Uplink Services - Uplink Services - rtPSrtPS
bullbull Intended for Intended for rtrt-VBR-like service flows such as-VBR-like service flows such asMPEG videoMPEG video
bullbull Prohibited from using any contention requestsProhibited from using any contention requestsbullbull Terminals polled frequently enough to meetTerminals polled frequently enough to meet
the delay requirements of the the delay requirements of the SFsSFsbullbull Bandwidth requested with BW requestBandwidth requested with BW request
messages (a special MAC PDU header)messages (a special MAC PDU header)bullbull May use Grant Management sub-headerMay use Grant Management sub-header
ndashndash new request can be piggybacked with eachnew request can be piggybacked with eachtransmitted PDUtransmitted PDU
Uplink Service - Uplink Service - nrtPSnrtPS
bullbull Intended for non-real-time service flows withIntended for non-real-time service flows withbetter than best effort servicebetter than best effort servicendashndash eg bandwidth-intensive file transfer eg bandwidth-intensive file transfer
bullbull Works like Works like rtrt-polling except that polls are-polling except that polls areissued less frequentlyissued less frequently
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
Uplink Service - BEUplink Service - BE
bullbull Generic dataGeneric datandashndash eg HTTP SMTP etceg HTTP SMTP etc
bullbull No QoS guaranteesNo QoS guarantees
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
RequestGrant SchemeRequestGrant Scheme
bullbull Self CorrectingSelf Correctingndashndash No acknowledgementNo acknowledgement
ndashndash All errors are handled in the same way ieAll errors are handled in the same way ieperiodical aggregate requestsperiodical aggregate requests
bullbull Bandwidth Requests are always per ConnectionBandwidth Requests are always per Connection
bullbull Grants are either per Connection (GPC) or perGrants are either per Connection (GPC) or perSubscriber Station (GPSS)Subscriber Station (GPSS)
ndashndash Grants (given as Grants (given as durationsdurations) are carried in the) are carried in theUL-MAP messagesUL-MAP messages
ndashndash SS needs to convert the time to amount of dataSS needs to convert the time to amount of datausing information about the UIUCusing information about the UIUC
GPSS vs GPCGPSS vs GPCbullbull Bandwidth Grant per Subscriber Station (GPSS)Bandwidth Grant per Subscriber Station (GPSS)
ndashndash Base station grants bandwidth to the subscriber stationBase station grants bandwidth to the subscriber stationndashndash Subscriber station may re-distribute bandwidth among itsSubscriber station may re-distribute bandwidth among its
connections maintaining QoS and service-levelconnections maintaining QoS and service-levelagreementsagreements
ndashndash Suitable for many connections per terminal off-loadingSuitable for many connections per terminal off-loadingbase stationrsquos workbase stationrsquos work
ndashndash Allows more sophisticated reaction to QoS needsAllows more sophisticated reaction to QoS needsndashndash Low overhead but requires intelligent subscriber stationLow overhead but requires intelligent subscriber stationndashndash Mandatory for P80216 10-66 GHz PHYMandatory for P80216 10-66 GHz PHY
bullbull Bandwidth Grant per Connection (GPC)Bandwidth Grant per Connection (GPC)ndashndash Base station grants bandwidth to a connectionBase station grants bandwidth to a connectionndashndash Mostly suitable for few users per subscriber stationMostly suitable for few users per subscriber stationndashndash Higher overhead but allows simpler subscriber stationHigher overhead but allows simpler subscriber station
Bandwidth RequestsBandwidth Requestsbullbull Come from the Come from the ConnectionConnection
bullbull Several kinds of requestsSeveral kinds of requestsndashndash Implicit requests (UGS)Implicit requests (UGS)
bullbull No actual messages negotiated at connection setupNo actual messages negotiated at connection setup
ndashndash BW request messagesBW request messagesbullbull Uses the special BW request headerUses the special BW request header
bullbull Requests up to 32 KB with a single messageRequests up to 32 KB with a single message
bullbull Incremental or aggregate as indicated by MAC headerIncremental or aggregate as indicated by MAC header
ndashndash Piggybacked request (for non-UGS services only)Piggybacked request (for non-UGS services only)bullbull Presented in GM sub-header and always incrementalPresented in GM sub-header and always incremental
bullbull Up to 32 KB per request for the CIDUp to 32 KB per request for the CID
ndashndash Poll-Me bit (for UGS services only)Poll-Me bit (for UGS services only)bullbull Used by the SS to request a bandwidth poll for non-UGS servicesUsed by the SS to request a bandwidth poll for non-UGS services
BW Request MessageBW Request Message
Maintaining QoS in GPSSMaintaining QoS in GPSSbullbull Semi-distributed approachSemi-distributed approachbullbull BS sees the requests for each connectionBS sees the requests for each connection
based on this grants bandwidth (BW) to thebased on this grants bandwidth (BW) to theSSsSSs (maintaining QoS and fairness) (maintaining QoS and fairness)
bullbull SS scheduler maintains QoS among itsSS scheduler maintains QoS among itsconnections and is responsible to share theconnections and is responsible to share theBW among the connections (maintaining QoSBW among the connections (maintaining QoSand fairness)and fairness)
bullbull Algorithm in BS and SS can be very differentAlgorithm in BS and SS can be very differentSS may use BW in a way unforeseen by theSS may use BW in a way unforeseen by theBSBS
SS initializationSS initializationbullbull Scan forScan for downlink downlink channel and establish channel and establish
synchronization with the BSsynchronization with the BS
bullbull Obtain transmit parameters (from UCD message)Obtain transmit parameters (from UCD message)
bullbull Perform rangingPerform ranging
bullbull Negotiate basic capabilitiesNegotiate basic capabilities
bullbull Authorize SS and perform key exchangeAuthorize SS and perform key exchange
bullbull Perform registrationPerform registration
bullbull Establish IP connectivityEstablish IP connectivity
bullbull Establish time of dayEstablish time of day
bullbull Transfer operational parametersTransfer operational parameters
bullbull Set up connectionsSet up connections
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
Uplink Service - Uplink Service - nrtPSnrtPS
bullbull Intended for non-real-time service flows withIntended for non-real-time service flows withbetter than best effort servicebetter than best effort servicendashndash eg bandwidth-intensive file transfer eg bandwidth-intensive file transfer
bullbull Works like Works like rtrt-polling except that polls are-polling except that polls areissued less frequentlyissued less frequently
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
Uplink Service - BEUplink Service - BE
bullbull Generic dataGeneric datandashndash eg HTTP SMTP etceg HTTP SMTP etc
bullbull No QoS guaranteesNo QoS guarantees
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
RequestGrant SchemeRequestGrant Scheme
bullbull Self CorrectingSelf Correctingndashndash No acknowledgementNo acknowledgement
ndashndash All errors are handled in the same way ieAll errors are handled in the same way ieperiodical aggregate requestsperiodical aggregate requests
bullbull Bandwidth Requests are always per ConnectionBandwidth Requests are always per Connection
bullbull Grants are either per Connection (GPC) or perGrants are either per Connection (GPC) or perSubscriber Station (GPSS)Subscriber Station (GPSS)
ndashndash Grants (given as Grants (given as durationsdurations) are carried in the) are carried in theUL-MAP messagesUL-MAP messages
ndashndash SS needs to convert the time to amount of dataSS needs to convert the time to amount of datausing information about the UIUCusing information about the UIUC
GPSS vs GPCGPSS vs GPCbullbull Bandwidth Grant per Subscriber Station (GPSS)Bandwidth Grant per Subscriber Station (GPSS)
ndashndash Base station grants bandwidth to the subscriber stationBase station grants bandwidth to the subscriber stationndashndash Subscriber station may re-distribute bandwidth among itsSubscriber station may re-distribute bandwidth among its
connections maintaining QoS and service-levelconnections maintaining QoS and service-levelagreementsagreements
ndashndash Suitable for many connections per terminal off-loadingSuitable for many connections per terminal off-loadingbase stationrsquos workbase stationrsquos work
ndashndash Allows more sophisticated reaction to QoS needsAllows more sophisticated reaction to QoS needsndashndash Low overhead but requires intelligent subscriber stationLow overhead but requires intelligent subscriber stationndashndash Mandatory for P80216 10-66 GHz PHYMandatory for P80216 10-66 GHz PHY
bullbull Bandwidth Grant per Connection (GPC)Bandwidth Grant per Connection (GPC)ndashndash Base station grants bandwidth to a connectionBase station grants bandwidth to a connectionndashndash Mostly suitable for few users per subscriber stationMostly suitable for few users per subscriber stationndashndash Higher overhead but allows simpler subscriber stationHigher overhead but allows simpler subscriber station
Bandwidth RequestsBandwidth Requestsbullbull Come from the Come from the ConnectionConnection
bullbull Several kinds of requestsSeveral kinds of requestsndashndash Implicit requests (UGS)Implicit requests (UGS)
bullbull No actual messages negotiated at connection setupNo actual messages negotiated at connection setup
ndashndash BW request messagesBW request messagesbullbull Uses the special BW request headerUses the special BW request header
bullbull Requests up to 32 KB with a single messageRequests up to 32 KB with a single message
bullbull Incremental or aggregate as indicated by MAC headerIncremental or aggregate as indicated by MAC header
ndashndash Piggybacked request (for non-UGS services only)Piggybacked request (for non-UGS services only)bullbull Presented in GM sub-header and always incrementalPresented in GM sub-header and always incremental
bullbull Up to 32 KB per request for the CIDUp to 32 KB per request for the CID
ndashndash Poll-Me bit (for UGS services only)Poll-Me bit (for UGS services only)bullbull Used by the SS to request a bandwidth poll for non-UGS servicesUsed by the SS to request a bandwidth poll for non-UGS services
BW Request MessageBW Request Message
Maintaining QoS in GPSSMaintaining QoS in GPSSbullbull Semi-distributed approachSemi-distributed approachbullbull BS sees the requests for each connectionBS sees the requests for each connection
based on this grants bandwidth (BW) to thebased on this grants bandwidth (BW) to theSSsSSs (maintaining QoS and fairness) (maintaining QoS and fairness)
bullbull SS scheduler maintains QoS among itsSS scheduler maintains QoS among itsconnections and is responsible to share theconnections and is responsible to share theBW among the connections (maintaining QoSBW among the connections (maintaining QoSand fairness)and fairness)
bullbull Algorithm in BS and SS can be very differentAlgorithm in BS and SS can be very differentSS may use BW in a way unforeseen by theSS may use BW in a way unforeseen by theBSBS
SS initializationSS initializationbullbull Scan forScan for downlink downlink channel and establish channel and establish
synchronization with the BSsynchronization with the BS
bullbull Obtain transmit parameters (from UCD message)Obtain transmit parameters (from UCD message)
bullbull Perform rangingPerform ranging
bullbull Negotiate basic capabilitiesNegotiate basic capabilities
bullbull Authorize SS and perform key exchangeAuthorize SS and perform key exchange
bullbull Perform registrationPerform registration
bullbull Establish IP connectivityEstablish IP connectivity
bullbull Establish time of dayEstablish time of day
bullbull Transfer operational parametersTransfer operational parameters
bullbull Set up connectionsSet up connections
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
Uplink Service - BEUplink Service - BE
bullbull Generic dataGeneric datandashndash eg HTTP SMTP etceg HTTP SMTP etc
bullbull No QoS guaranteesNo QoS guarantees
bullbull Allowed to use contention requestsAllowed to use contention requests
bullbull May use Grant Management sub-headerMay use Grant Management sub-headerndashndash new request can be piggybacked with eachnew request can be piggybacked with each
transmitted PDUtransmitted PDU
RequestGrant SchemeRequestGrant Scheme
bullbull Self CorrectingSelf Correctingndashndash No acknowledgementNo acknowledgement
ndashndash All errors are handled in the same way ieAll errors are handled in the same way ieperiodical aggregate requestsperiodical aggregate requests
bullbull Bandwidth Requests are always per ConnectionBandwidth Requests are always per Connection
bullbull Grants are either per Connection (GPC) or perGrants are either per Connection (GPC) or perSubscriber Station (GPSS)Subscriber Station (GPSS)
ndashndash Grants (given as Grants (given as durationsdurations) are carried in the) are carried in theUL-MAP messagesUL-MAP messages
ndashndash SS needs to convert the time to amount of dataSS needs to convert the time to amount of datausing information about the UIUCusing information about the UIUC
GPSS vs GPCGPSS vs GPCbullbull Bandwidth Grant per Subscriber Station (GPSS)Bandwidth Grant per Subscriber Station (GPSS)
ndashndash Base station grants bandwidth to the subscriber stationBase station grants bandwidth to the subscriber stationndashndash Subscriber station may re-distribute bandwidth among itsSubscriber station may re-distribute bandwidth among its
connections maintaining QoS and service-levelconnections maintaining QoS and service-levelagreementsagreements
ndashndash Suitable for many connections per terminal off-loadingSuitable for many connections per terminal off-loadingbase stationrsquos workbase stationrsquos work
ndashndash Allows more sophisticated reaction to QoS needsAllows more sophisticated reaction to QoS needsndashndash Low overhead but requires intelligent subscriber stationLow overhead but requires intelligent subscriber stationndashndash Mandatory for P80216 10-66 GHz PHYMandatory for P80216 10-66 GHz PHY
bullbull Bandwidth Grant per Connection (GPC)Bandwidth Grant per Connection (GPC)ndashndash Base station grants bandwidth to a connectionBase station grants bandwidth to a connectionndashndash Mostly suitable for few users per subscriber stationMostly suitable for few users per subscriber stationndashndash Higher overhead but allows simpler subscriber stationHigher overhead but allows simpler subscriber station
Bandwidth RequestsBandwidth Requestsbullbull Come from the Come from the ConnectionConnection
bullbull Several kinds of requestsSeveral kinds of requestsndashndash Implicit requests (UGS)Implicit requests (UGS)
bullbull No actual messages negotiated at connection setupNo actual messages negotiated at connection setup
ndashndash BW request messagesBW request messagesbullbull Uses the special BW request headerUses the special BW request header
bullbull Requests up to 32 KB with a single messageRequests up to 32 KB with a single message
bullbull Incremental or aggregate as indicated by MAC headerIncremental or aggregate as indicated by MAC header
ndashndash Piggybacked request (for non-UGS services only)Piggybacked request (for non-UGS services only)bullbull Presented in GM sub-header and always incrementalPresented in GM sub-header and always incremental
bullbull Up to 32 KB per request for the CIDUp to 32 KB per request for the CID
ndashndash Poll-Me bit (for UGS services only)Poll-Me bit (for UGS services only)bullbull Used by the SS to request a bandwidth poll for non-UGS servicesUsed by the SS to request a bandwidth poll for non-UGS services
BW Request MessageBW Request Message
Maintaining QoS in GPSSMaintaining QoS in GPSSbullbull Semi-distributed approachSemi-distributed approachbullbull BS sees the requests for each connectionBS sees the requests for each connection
based on this grants bandwidth (BW) to thebased on this grants bandwidth (BW) to theSSsSSs (maintaining QoS and fairness) (maintaining QoS and fairness)
bullbull SS scheduler maintains QoS among itsSS scheduler maintains QoS among itsconnections and is responsible to share theconnections and is responsible to share theBW among the connections (maintaining QoSBW among the connections (maintaining QoSand fairness)and fairness)
bullbull Algorithm in BS and SS can be very differentAlgorithm in BS and SS can be very differentSS may use BW in a way unforeseen by theSS may use BW in a way unforeseen by theBSBS
SS initializationSS initializationbullbull Scan forScan for downlink downlink channel and establish channel and establish
synchronization with the BSsynchronization with the BS
bullbull Obtain transmit parameters (from UCD message)Obtain transmit parameters (from UCD message)
bullbull Perform rangingPerform ranging
bullbull Negotiate basic capabilitiesNegotiate basic capabilities
bullbull Authorize SS and perform key exchangeAuthorize SS and perform key exchange
bullbull Perform registrationPerform registration
bullbull Establish IP connectivityEstablish IP connectivity
bullbull Establish time of dayEstablish time of day
bullbull Transfer operational parametersTransfer operational parameters
bullbull Set up connectionsSet up connections
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
RequestGrant SchemeRequestGrant Scheme
bullbull Self CorrectingSelf Correctingndashndash No acknowledgementNo acknowledgement
ndashndash All errors are handled in the same way ieAll errors are handled in the same way ieperiodical aggregate requestsperiodical aggregate requests
bullbull Bandwidth Requests are always per ConnectionBandwidth Requests are always per Connection
bullbull Grants are either per Connection (GPC) or perGrants are either per Connection (GPC) or perSubscriber Station (GPSS)Subscriber Station (GPSS)
ndashndash Grants (given as Grants (given as durationsdurations) are carried in the) are carried in theUL-MAP messagesUL-MAP messages
ndashndash SS needs to convert the time to amount of dataSS needs to convert the time to amount of datausing information about the UIUCusing information about the UIUC
GPSS vs GPCGPSS vs GPCbullbull Bandwidth Grant per Subscriber Station (GPSS)Bandwidth Grant per Subscriber Station (GPSS)
ndashndash Base station grants bandwidth to the subscriber stationBase station grants bandwidth to the subscriber stationndashndash Subscriber station may re-distribute bandwidth among itsSubscriber station may re-distribute bandwidth among its
connections maintaining QoS and service-levelconnections maintaining QoS and service-levelagreementsagreements
ndashndash Suitable for many connections per terminal off-loadingSuitable for many connections per terminal off-loadingbase stationrsquos workbase stationrsquos work
ndashndash Allows more sophisticated reaction to QoS needsAllows more sophisticated reaction to QoS needsndashndash Low overhead but requires intelligent subscriber stationLow overhead but requires intelligent subscriber stationndashndash Mandatory for P80216 10-66 GHz PHYMandatory for P80216 10-66 GHz PHY
bullbull Bandwidth Grant per Connection (GPC)Bandwidth Grant per Connection (GPC)ndashndash Base station grants bandwidth to a connectionBase station grants bandwidth to a connectionndashndash Mostly suitable for few users per subscriber stationMostly suitable for few users per subscriber stationndashndash Higher overhead but allows simpler subscriber stationHigher overhead but allows simpler subscriber station
Bandwidth RequestsBandwidth Requestsbullbull Come from the Come from the ConnectionConnection
bullbull Several kinds of requestsSeveral kinds of requestsndashndash Implicit requests (UGS)Implicit requests (UGS)
bullbull No actual messages negotiated at connection setupNo actual messages negotiated at connection setup
ndashndash BW request messagesBW request messagesbullbull Uses the special BW request headerUses the special BW request header
bullbull Requests up to 32 KB with a single messageRequests up to 32 KB with a single message
bullbull Incremental or aggregate as indicated by MAC headerIncremental or aggregate as indicated by MAC header
ndashndash Piggybacked request (for non-UGS services only)Piggybacked request (for non-UGS services only)bullbull Presented in GM sub-header and always incrementalPresented in GM sub-header and always incremental
bullbull Up to 32 KB per request for the CIDUp to 32 KB per request for the CID
ndashndash Poll-Me bit (for UGS services only)Poll-Me bit (for UGS services only)bullbull Used by the SS to request a bandwidth poll for non-UGS servicesUsed by the SS to request a bandwidth poll for non-UGS services
BW Request MessageBW Request Message
Maintaining QoS in GPSSMaintaining QoS in GPSSbullbull Semi-distributed approachSemi-distributed approachbullbull BS sees the requests for each connectionBS sees the requests for each connection
based on this grants bandwidth (BW) to thebased on this grants bandwidth (BW) to theSSsSSs (maintaining QoS and fairness) (maintaining QoS and fairness)
bullbull SS scheduler maintains QoS among itsSS scheduler maintains QoS among itsconnections and is responsible to share theconnections and is responsible to share theBW among the connections (maintaining QoSBW among the connections (maintaining QoSand fairness)and fairness)
bullbull Algorithm in BS and SS can be very differentAlgorithm in BS and SS can be very differentSS may use BW in a way unforeseen by theSS may use BW in a way unforeseen by theBSBS
SS initializationSS initializationbullbull Scan forScan for downlink downlink channel and establish channel and establish
synchronization with the BSsynchronization with the BS
bullbull Obtain transmit parameters (from UCD message)Obtain transmit parameters (from UCD message)
bullbull Perform rangingPerform ranging
bullbull Negotiate basic capabilitiesNegotiate basic capabilities
bullbull Authorize SS and perform key exchangeAuthorize SS and perform key exchange
bullbull Perform registrationPerform registration
bullbull Establish IP connectivityEstablish IP connectivity
bullbull Establish time of dayEstablish time of day
bullbull Transfer operational parametersTransfer operational parameters
bullbull Set up connectionsSet up connections
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
GPSS vs GPCGPSS vs GPCbullbull Bandwidth Grant per Subscriber Station (GPSS)Bandwidth Grant per Subscriber Station (GPSS)
ndashndash Base station grants bandwidth to the subscriber stationBase station grants bandwidth to the subscriber stationndashndash Subscriber station may re-distribute bandwidth among itsSubscriber station may re-distribute bandwidth among its
connections maintaining QoS and service-levelconnections maintaining QoS and service-levelagreementsagreements
ndashndash Suitable for many connections per terminal off-loadingSuitable for many connections per terminal off-loadingbase stationrsquos workbase stationrsquos work
ndashndash Allows more sophisticated reaction to QoS needsAllows more sophisticated reaction to QoS needsndashndash Low overhead but requires intelligent subscriber stationLow overhead but requires intelligent subscriber stationndashndash Mandatory for P80216 10-66 GHz PHYMandatory for P80216 10-66 GHz PHY
bullbull Bandwidth Grant per Connection (GPC)Bandwidth Grant per Connection (GPC)ndashndash Base station grants bandwidth to a connectionBase station grants bandwidth to a connectionndashndash Mostly suitable for few users per subscriber stationMostly suitable for few users per subscriber stationndashndash Higher overhead but allows simpler subscriber stationHigher overhead but allows simpler subscriber station
Bandwidth RequestsBandwidth Requestsbullbull Come from the Come from the ConnectionConnection
bullbull Several kinds of requestsSeveral kinds of requestsndashndash Implicit requests (UGS)Implicit requests (UGS)
bullbull No actual messages negotiated at connection setupNo actual messages negotiated at connection setup
ndashndash BW request messagesBW request messagesbullbull Uses the special BW request headerUses the special BW request header
bullbull Requests up to 32 KB with a single messageRequests up to 32 KB with a single message
bullbull Incremental or aggregate as indicated by MAC headerIncremental or aggregate as indicated by MAC header
ndashndash Piggybacked request (for non-UGS services only)Piggybacked request (for non-UGS services only)bullbull Presented in GM sub-header and always incrementalPresented in GM sub-header and always incremental
bullbull Up to 32 KB per request for the CIDUp to 32 KB per request for the CID
ndashndash Poll-Me bit (for UGS services only)Poll-Me bit (for UGS services only)bullbull Used by the SS to request a bandwidth poll for non-UGS servicesUsed by the SS to request a bandwidth poll for non-UGS services
BW Request MessageBW Request Message
Maintaining QoS in GPSSMaintaining QoS in GPSSbullbull Semi-distributed approachSemi-distributed approachbullbull BS sees the requests for each connectionBS sees the requests for each connection
based on this grants bandwidth (BW) to thebased on this grants bandwidth (BW) to theSSsSSs (maintaining QoS and fairness) (maintaining QoS and fairness)
bullbull SS scheduler maintains QoS among itsSS scheduler maintains QoS among itsconnections and is responsible to share theconnections and is responsible to share theBW among the connections (maintaining QoSBW among the connections (maintaining QoSand fairness)and fairness)
bullbull Algorithm in BS and SS can be very differentAlgorithm in BS and SS can be very differentSS may use BW in a way unforeseen by theSS may use BW in a way unforeseen by theBSBS
SS initializationSS initializationbullbull Scan forScan for downlink downlink channel and establish channel and establish
synchronization with the BSsynchronization with the BS
bullbull Obtain transmit parameters (from UCD message)Obtain transmit parameters (from UCD message)
bullbull Perform rangingPerform ranging
bullbull Negotiate basic capabilitiesNegotiate basic capabilities
bullbull Authorize SS and perform key exchangeAuthorize SS and perform key exchange
bullbull Perform registrationPerform registration
bullbull Establish IP connectivityEstablish IP connectivity
bullbull Establish time of dayEstablish time of day
bullbull Transfer operational parametersTransfer operational parameters
bullbull Set up connectionsSet up connections
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
Bandwidth RequestsBandwidth Requestsbullbull Come from the Come from the ConnectionConnection
bullbull Several kinds of requestsSeveral kinds of requestsndashndash Implicit requests (UGS)Implicit requests (UGS)
bullbull No actual messages negotiated at connection setupNo actual messages negotiated at connection setup
ndashndash BW request messagesBW request messagesbullbull Uses the special BW request headerUses the special BW request header
bullbull Requests up to 32 KB with a single messageRequests up to 32 KB with a single message
bullbull Incremental or aggregate as indicated by MAC headerIncremental or aggregate as indicated by MAC header
ndashndash Piggybacked request (for non-UGS services only)Piggybacked request (for non-UGS services only)bullbull Presented in GM sub-header and always incrementalPresented in GM sub-header and always incremental
bullbull Up to 32 KB per request for the CIDUp to 32 KB per request for the CID
ndashndash Poll-Me bit (for UGS services only)Poll-Me bit (for UGS services only)bullbull Used by the SS to request a bandwidth poll for non-UGS servicesUsed by the SS to request a bandwidth poll for non-UGS services
BW Request MessageBW Request Message
Maintaining QoS in GPSSMaintaining QoS in GPSSbullbull Semi-distributed approachSemi-distributed approachbullbull BS sees the requests for each connectionBS sees the requests for each connection
based on this grants bandwidth (BW) to thebased on this grants bandwidth (BW) to theSSsSSs (maintaining QoS and fairness) (maintaining QoS and fairness)
bullbull SS scheduler maintains QoS among itsSS scheduler maintains QoS among itsconnections and is responsible to share theconnections and is responsible to share theBW among the connections (maintaining QoSBW among the connections (maintaining QoSand fairness)and fairness)
bullbull Algorithm in BS and SS can be very differentAlgorithm in BS and SS can be very differentSS may use BW in a way unforeseen by theSS may use BW in a way unforeseen by theBSBS
SS initializationSS initializationbullbull Scan forScan for downlink downlink channel and establish channel and establish
synchronization with the BSsynchronization with the BS
bullbull Obtain transmit parameters (from UCD message)Obtain transmit parameters (from UCD message)
bullbull Perform rangingPerform ranging
bullbull Negotiate basic capabilitiesNegotiate basic capabilities
bullbull Authorize SS and perform key exchangeAuthorize SS and perform key exchange
bullbull Perform registrationPerform registration
bullbull Establish IP connectivityEstablish IP connectivity
bullbull Establish time of dayEstablish time of day
bullbull Transfer operational parametersTransfer operational parameters
bullbull Set up connectionsSet up connections
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
BW Request MessageBW Request Message
Maintaining QoS in GPSSMaintaining QoS in GPSSbullbull Semi-distributed approachSemi-distributed approachbullbull BS sees the requests for each connectionBS sees the requests for each connection
based on this grants bandwidth (BW) to thebased on this grants bandwidth (BW) to theSSsSSs (maintaining QoS and fairness) (maintaining QoS and fairness)
bullbull SS scheduler maintains QoS among itsSS scheduler maintains QoS among itsconnections and is responsible to share theconnections and is responsible to share theBW among the connections (maintaining QoSBW among the connections (maintaining QoSand fairness)and fairness)
bullbull Algorithm in BS and SS can be very differentAlgorithm in BS and SS can be very differentSS may use BW in a way unforeseen by theSS may use BW in a way unforeseen by theBSBS
SS initializationSS initializationbullbull Scan forScan for downlink downlink channel and establish channel and establish
synchronization with the BSsynchronization with the BS
bullbull Obtain transmit parameters (from UCD message)Obtain transmit parameters (from UCD message)
bullbull Perform rangingPerform ranging
bullbull Negotiate basic capabilitiesNegotiate basic capabilities
bullbull Authorize SS and perform key exchangeAuthorize SS and perform key exchange
bullbull Perform registrationPerform registration
bullbull Establish IP connectivityEstablish IP connectivity
bullbull Establish time of dayEstablish time of day
bullbull Transfer operational parametersTransfer operational parameters
bullbull Set up connectionsSet up connections
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
Maintaining QoS in GPSSMaintaining QoS in GPSSbullbull Semi-distributed approachSemi-distributed approachbullbull BS sees the requests for each connectionBS sees the requests for each connection
based on this grants bandwidth (BW) to thebased on this grants bandwidth (BW) to theSSsSSs (maintaining QoS and fairness) (maintaining QoS and fairness)
bullbull SS scheduler maintains QoS among itsSS scheduler maintains QoS among itsconnections and is responsible to share theconnections and is responsible to share theBW among the connections (maintaining QoSBW among the connections (maintaining QoSand fairness)and fairness)
bullbull Algorithm in BS and SS can be very differentAlgorithm in BS and SS can be very differentSS may use BW in a way unforeseen by theSS may use BW in a way unforeseen by theBSBS
SS initializationSS initializationbullbull Scan forScan for downlink downlink channel and establish channel and establish
synchronization with the BSsynchronization with the BS
bullbull Obtain transmit parameters (from UCD message)Obtain transmit parameters (from UCD message)
bullbull Perform rangingPerform ranging
bullbull Negotiate basic capabilitiesNegotiate basic capabilities
bullbull Authorize SS and perform key exchangeAuthorize SS and perform key exchange
bullbull Perform registrationPerform registration
bullbull Establish IP connectivityEstablish IP connectivity
bullbull Establish time of dayEstablish time of day
bullbull Transfer operational parametersTransfer operational parameters
bullbull Set up connectionsSet up connections
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
SS initializationSS initializationbullbull Scan forScan for downlink downlink channel and establish channel and establish
synchronization with the BSsynchronization with the BS
bullbull Obtain transmit parameters (from UCD message)Obtain transmit parameters (from UCD message)
bullbull Perform rangingPerform ranging
bullbull Negotiate basic capabilitiesNegotiate basic capabilities
bullbull Authorize SS and perform key exchangeAuthorize SS and perform key exchange
bullbull Perform registrationPerform registration
bullbull Establish IP connectivityEstablish IP connectivity
bullbull Establish time of dayEstablish time of day
bullbull Transfer operational parametersTransfer operational parameters
bullbull Set up connectionsSet up connections
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
RangingRanging
bullbull For uplink transmissions times are measured at BSFor uplink transmissions times are measured at BS
bullbull At startup SS sends a RNG-REQ in a rangingAt startup SS sends a RNG-REQ in a rangingwindowwindow
bullbull BS measures arrival time and signal powerBS measures arrival time and signal powercalculates required advance and power adjustmentcalculates required advance and power adjustment
bullbull BS sends adjustment in RNG-RSPBS sends adjustment in RNG-RSP
bullbull SS adjusts advance and power sends newSS adjusts advance and power sends newRNG-REQRNG-REQ
bullbull Loop is continued until power and timing is okLoop is continued until power and timing is ok
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
RegistrationRegistration
bullbull Registration is a form of capability negotiationRegistration is a form of capability negotiation
bullbull SS sends a list of capabilities and parts of theSS sends a list of capabilities and parts of theconfiguration file to the BS in the REG-REQconfiguration file to the BS in the REG-REQmessagemessage
bullbull BS replies with the REG-RSP messageBS replies with the REG-RSP messagendashndash tells which capabilities are supportedallowedtells which capabilities are supportedallowed
bullbull SS acknowledges the REG-RSP withSS acknowledges the REG-RSP withREG-ACK messageREG-ACK message
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
IP connectivity andIP connectivity and
configuration file downloadconfiguration file download
bullbull IP connectivity established via DHCPIP connectivity established via DHCP
bullbull Configuration file downloaded via TFTPConfiguration file downloaded via TFTP
bullbull contains provisioned informationcontains provisioned informationndashndash operational parametersoperational parameters
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
Initial Connection SetupInitial Connection Setup
bullbull BS passes Service Flow BS passes Service Flow EncodingsEncodings to the SS to the SSin multiple DSA-REQ messagesin multiple DSA-REQ messages
bullbull SS replies with DSA-RSP messagesSS replies with DSA-RSP messages
bullbull Service FlowService Flow Encodings Encodings contain either contain eitherndashndash full definition of service attributes (omittingfull definition of service attributes (omitting
defaultabledefaultable items if desired) items if desired)
ndashndash service class nameservice class namebullbull ASCII string which is known at the BS and whichASCII string which is known at the BS and which
indirectly specifies a set ofindirectly specifies a set of QoS QoS Parameters Parameters
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
Privacy and EncryptionPrivacy and Encryptionbullbull Secures over-the-air transmissionsSecures over-the-air transmissionsbullbull AuthenticationAuthentication
ndashndash X509 certificates with RSA PKCSX509 certificates with RSA PKCSndashndash Strong authentication of Strong authentication of SSs SSs (prevents theft of service)(prevents theft of service)ndashndash Prevents cloningPrevents cloning
bullbull Data encryptionData encryptionndashndash Currently 56-bit DES in CBC modeCurrently 56-bit DES in CBC modendashndash IV based on frame numberIV based on frame numberndashndash Easily exportableEasily exportable
bullbull Message authenticationMessage authenticationndashndash Key MAC management messages authenticated with one-Key MAC management messages authenticated with one-
way hashing (HMAC with SHA-1)way hashing (HMAC with SHA-1)
bullbull Designed to allow newmultiple encryption algorithmsDesigned to allow newmultiple encryption algorithmsbullbull Protocol descends from BPI+ (from DOCSIS)Protocol descends from BPI+ (from DOCSIS)
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
Security AssociationsSecurity Associations
bullbull A set of privacy informationA set of privacy informationndashndash shared by a BS and one or more of its client shared by a BS and one or more of its client SSsSSs
share in order to support securedshare in order to support securedcommunicationscommunications
ndashndash includes traffic encryption keys and CBC IVsincludes traffic encryption keys and CBC IVs
bullbull Security Association EstablishmentSecurity Association Establishmentndashndash Primary SA established during initial registrationPrimary SA established during initial registration
ndashndash other other SAsSAs may be provisioned or dynamically may be provisioned or dynamicallycreated within the BScreated within the BS
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
Key Management MessagesKey Management MessagesPKM Message
AuthenticationInformation
AuthorizationRequest
AuthorizationReply
AuthorizationReject
AuthorizationInvalid
Key Request
Key Reply
Key Reject
TEK Invalid
Description
contains the manufacturer s X509 Certificate issued by an externalauthoritysent from an SS to its BS to request an AK and list of authorizedSAIDssent from a BS to an SS to reply an AK and a list of authorized SAIDs
send from a BS to an SS in rejection of an Authorization Requestmessage sent by the SSsend from a BS to an SS as an unsolicited indication or a responseto a message received from that SS
sent from an SS to its BS requesting a TEK for the privacy of one ofits authorized SAIDssent from a BS to an SS carrying the two active sets of traffic keyingmaterial for the SAIDsent from a BS to an SS indicating that the SAID is no longer validand no key will be sentsent from a BS to an SS if it determines that the SS encrypted uplinktraffic with an invalid TEK
SA Add sent from a BS to an SS to establish one or more additional SAs
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
SS AuthorizationSS Authorization
bullbull Authentication and AuthorizationAuthentication and Authorizationndashndash SS manufacturerSS manufacturerrsquorsquos X509 certificates X509 certificate binding the SSbinding the SSrsquorsquoss
public key to its other identifying informationpublic key to its other identifying information
ndashndash Trust relation assumed between equipmentTrust relation assumed between equipmentmanufacturer and network operatormanufacturer and network operator
ndashndash Possibility to accommodate ldquoroot authorityrdquo if requiredPossibility to accommodate ldquoroot authorityrdquo if required
bullbull Authorization Key Update ProtocolAuthorization Key Update Protocolndashndash The SS is responsible for maintaining valid keysThe SS is responsible for maintaining valid keys
ndashndash Two active Two active AKsAKs with overlapping lifetimes at all times with overlapping lifetimes at all times
ndashndash Reauthorization process done periodicallyReauthorization process done periodically
ndashndash AK lifetime (7 days) amp grace time timer (1 hr)AK lifetime (7 days) amp grace time timer (1 hr)
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
Auth FSM Transition MatrixAuth FSM Transition MatrixState
˚Event orRcvd msg
(A)Start
(B)Auth Wait
(C)Authorized
(D)Reauth
Wait
(E)Auth
Reject Wait
(F)Silent
(1)Provisioned
Auth Wait ˚ ˚ ˚ ˚ ˚
(2)Auth Reject(non-perm)
˚ Auth RejectWait
˚ Auth RejectWait
˚ ˚
(3)Auth Reject
(perm)
˚ Silent ˚ Silent ˚ ˚
(4)Auth Reply
˚ Authorized ˚ Authorized ˚ ˚
(5)Timeout
˚Auth Wait
˚ ReauthWait Start
˚
(6)Auth Grace
Timeout
˚ ˚ ReauthWait
˚ ˚ ˚
(7)Auth Invalid
˚ ˚ ReauthWait
ReauthWait
˚ ˚
(8)Reauth
˚ ˚ ReauthWait
˚ ˚ ˚
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
AuthAuth FSM Flow Diagram FSM Flow Diagram
Start Auth RejectWait
Silent
Auth Wait
Provisioned Authent InfoAuth Request
Timeout
Auth Reject (non-perm)
Auth Reject (perm)
Timeout Authent InfoAuth Request
Authorized
Auth Reply [TEK] Authorized
Reauth Wait
Auth Reject (perm) [TEK] Stop
Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Auth Reject (non-perm) [TEK] Stop
Auth Grace Timeout Auth Request
Auth Invalid Auth Request
[TEK] Auth Pend
Reauth Auth Request
Auth Reply [TEK] Auth Comp
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
Traffic Encryption KeyTraffic Encryption Key
ManagementManagementbullbull Two-level key exchange protocolTwo-level key exchange protocol
ndashndash Key Encryption Key (symmetric) established with RSAKey Encryption Key (symmetric) established with RSAndashndash Traffic Encryption Keys (TEK) Traffic Encryption Keys (TEK) exhangedexhanged with symmetric with symmetric
algorithm negotiated at SA establishment (currently onlyalgorithm negotiated at SA establishment (currently only3-DES supported)3-DES supported)
ndashndash Two sets of overlapping keying material maintainedTwo sets of overlapping keying material maintainedndashndash No explicit key acknowledgementsNo explicit key acknowledgementsndashndash Key synchronization maintained by 2-bit key sequenceKey synchronization maintained by 2-bit key sequence
number in the MAC PDU headernumber in the MAC PDU header
bullbull Traffic Encryption Key Exchange ProtocolTraffic Encryption Key Exchange Protocolndashndash Defined by the TEK FSM Transition MatrixDefined by the TEK FSM Transition Matrix
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
TEK FSM Transition MatrixTEK FSM Transition MatrixState
Event orRcvd msg
(A)Start
(B)Op Wait
(C)Op Reauth
Wait
(D)Opera-tional
(E)Rekey Wait
(F)Rekey
Reaut Wait
(1)Stop
˚ Start Start Start Start Start
(2)Authorized
Op Wait ˚ ˚ ˚ ˚ ˚
(3)Auth Pend
˚ Op ReauthWait
˚ ˚ RekeyReauth
Wait
˚
(4)Auth Comp
˚ ˚ Op Wait ˚ ˚ Rekey Wait
(5)TEK
Invalid
˚ ˚ ˚ Op Wait Op Wait Op ReauthWait
(6)Timeout
˚Op Wait
˚ ˚Rekey Wait
˚
(7)TEK
RefreshTimeout
˚ ˚ ˚ Rekey Wait ˚ ˚
(8)Key Reply
˚ Operational
˚ ˚ Operational
˚
(9)Key Reject
˚ Start ˚ ˚ Start ˚
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
TEK FSM Flow DiagramTEK FSM Flow Diagram
Start
Authorized Key Request
Op ReauthWait
Stop
Op Wait
Auth Pend
Auth Comp Key Request
Key RejectStop
Operational
Key Reply
Timeout Key Request
Stop
TEK Invalid Key Request
Rekey Wait
RekeyReaauth
Wait
Auth Pend
Auth Comp Key Request
Timeout Key Request
TEK Refresh Timeout Key Request
Key Reply
TEK Invalid Key Request
TEK Invalid
Stop
Key RejectStop
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
Data EncryptionData Encryption
bullbull DES in CBC mode with IV derived from the frame numberDES in CBC mode with IV derived from the frame number
bullbull Hooks defined for other stronger algorithms eg AESHooks defined for other stronger algorithms eg AES
bullbull Two simultaneous keys with overlapping and offsetTwo simultaneous keys with overlapping and offsetlifetimes allow for uninterrupted servicelifetimes allow for uninterrupted servicendashndash Rules for key usageRules for key usage
bullbull AP encryption (older key) decryption (both keys)AP encryption (older key) decryption (both keys)bullbull AT encryption (newer key) decryption (both keys)AT encryption (newer key) decryption (both keys)
bullbull Key sequence number carried in MAC headerKey sequence number carried in MAC header
bullbull Only MAC PDU payload (including sub-headers) isOnly MAC PDU payload (including sub-headers) isencryptedencrypted
bullbull Management messages are unencryptedManagement messages are unencrypted
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
Amendment ProjectAmendment Project
IEEE P80216aIEEE P80216a
Media Access ControlMedia Access ControlModifications and AdditionalModifications and AdditionalPhysical Layer for 2-11 GHzPhysical Layer for 2-11 GHz
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
Amendment ProjectAmendment Project
IEEE P80216bIEEE P80216b
Media Access Control Modifications andMedia Access Control Modifications andAdditional Physical Layer for License-ExemptAdditional Physical Layer for License-Exempt
FrequenciesFrequencies
Wireless High-Speed Unlicensed MetropolitanWireless High-Speed Unlicensed MetropolitanArea Network (ldquoArea Network (ldquoWirelessHUMANWirelessHUMANTMTMrdquo)rdquo)
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
Key 80216a80216bKey 80216a80216b
EnhancementsEnhancements
bullbull OFDM SupportOFDM Support
bullbull ARQARQ
bullbull 80216b Mesh Mode80216b Mesh Modendashndash Optional topologyOptional topology
ndashndash Subscriber-to-Subscriber communicationsSubscriber-to-Subscriber communications
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
BWA in ETSI BRANBWA in ETSI BRAN
bullbull HIPERACCESSHIPERACCESSndashndash Above 11 GHzAbove 11 GHzndashndash HIPERACCESS began before 80216HIPERACCESS began before 80216ndashndash Difficulty in resolving processesDifficulty in resolving processesndashndash IEEE now well ahead in scheduleIEEE now well ahead in schedule
bullbull HIPERMANHIPERMANndashndash Below 11 GHzBelow 11 GHzndashndash IEEE went firstIEEE went firstndashndash Signs of healthy cooperationSigns of healthy cooperationndashndash Recently selected 80216 MAC as baselineRecently selected 80216 MAC as baseline
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
SummarySummarybullbull The IEEE 80216The IEEE 80216 WirelessMAN WirelessMAN Air Interface Air Interface
designed within the 80216 Working Groupdesigned within the 80216 Working Groupaddresses worldwide BWA market needsaddresses worldwide BWA market needs
bullbull The outcome is due to successful cooperationThe outcome is due to successful cooperationbetween BWA leadersbetween BWA leaders
bullbull The 80216 MAC is flexible and powerfulThe 80216 MAC is flexible and powerfulenough to support any fixed BWA technologyenough to support any fixed BWA technologyvariant in any spectrum in any marketvariant in any spectrum in any market
bullbull The 80216 Air Interface provides greatThe 80216 Air Interface provides greatopportunities for vendor differentiation at bothopportunities for vendor differentiation at boththe base station and subscriber station withoutthe base station and subscriber station withoutcompromising interoperabilitycompromising interoperability
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
IEEE 80216 ResourcesIEEE 80216 Resources
IEEE 80216 Working Group on BroadbandIEEE 80216 Working Group on BroadbandWireless AccessWireless Access
info documents email lists etcinfo documents email lists etc
httphttpWirelessMANWirelessMANorgorg
