WiMAX core net

Download Report

Transcript WiMAX core net

WiMAX Network
Architecture
潘仁義
國立中正大學通訊工程學系
[email protected]
Outline









WiMAX Introduction
WiMAX QoS & Flow
Network Working Group (NWG)
Network Reference Model
Network Entry
Authentication, Authorization, and Key Hierarchy
IP Configuration Setup
Mobility Management
QoS Functional Model
Outline









WiMAX Introduction
WiMAX QoS & Flow
Network Working Group (NWG)
Network Reference Model
Network Entry
Authentication, Authorization, and Key Hierarchy
IP Configuration Setup
Mobility Management
QoS Functional Model
WiMAX






Worldwide Interoperability for Microwave Access
The Institute of Electrical and Electronics Engineers
(IEEE) 802 committee (802.16 ).
Orthogonal Frequency Division Multiplexing (OFDM)
(carriers of width of 5MHz or greater can be used )
connectivity at speeds up to 70 Mbps
provide high speed access to about 60 businesses
at T1 speeds.
can serve up to a thousand homes in term of DSL
speed.
802.16 History


The initial 802.16 standard in 2002, operates
in the 10-to-66-GHz frequency band and
requires LOS towers.
The 802.16a extension, ratified in March
2003



allows use of 2 to 11 GHz frequency.
It boasts a 50 km range and 74.7Mbit/sec.
Data transfer rates and doesn't require LOS
transmission.
802.16 History

Additional 802.16 standards :

802.16b



Interoperability, with
protocols and test-suite
structures
802.16e

Quality of service
802.16c



802.16f


Fixing things not covered
by 802.16c


MIB
802.16g
802.16d

Support for mobile as
well as fixed broadband
(802.16e-2005)
System/resource/handov
er Management
Interoperability
802.16j

Relay
Mobile WiMAX

Mobile Technical Group (MTG) in WiMAX Forum develops the system
profile for Mobile WiMAX system

A Broadband wireless solution
 – Fix broadband network
 – Mobile broadband network
Signaling
 – Orthogonal Frequency Division Multiple Access (OFDMA)
 – Scalable OFDMA
Features
 High Data Rate
 Quality of Service
 Scalability
 Security
 Mobility


WiMAX entity

Two components

Subscriber Stations (SSs)


SS typically serves a building (business or
residence)
Base Station (BS)



connected to public networks
BS serves Subscriber Stations
provide SS with first-mile (or last mile) access to
public networks
Scenario
Outline









WiMAX Introduction
WiMAX QoS & Flow
Network Working Group (NWG)
Network Reference Model
Network Entry
Authentication, Authorization, and Key Hierarchy
IP Configuration Setup
Mobility Management
QoS Functional Model
Introduction

QoS supporting is a fundamental part of the
WiMAX MAC-layer design.

How does WiMAX support for QoS?
Connections

A connection-oriented MAC architecture


all downlink and uplink connections are controlled
by the serving BS
Each connection is identified by a connection
identifier (CID)
Service flows

A service flow is a unidirectional flow of
packets



with a particular set of QoS parameters
is identified by a service flow identifier (SFID)
The service flow characteristics of the
connection provide the QoS for that packet
Comparisons of SFID & CID



Service Flow ID (SFID) does not change upon HO
across BSs belonging to a single NAP
 SFID shall be set just once when a layer 2 service
flow is originally established, and SHALL NOT be
modified by HOs.
 SFID shall be assigned when a new service flow is set
up and shall be maintained as the same value at the
Anchor Data Path Function in spite of HOs.
Connection ID (CID) is defined as temporary in a
particular cell coverage area.
 CID shall be refreshed whenever MS moves into a
new cell.
SFID identifies a particular Layer 2 session while CID
specifies a particular logical radio link.
Operation Object Model
Service Flow Management



Dynamic Service Change (DSC)
Dynamic Service Delete (DSD)
Dynamic Service Activate (DSA)
DSD
DSC
NULL
DSA
OPERATIONAL
Dynamic Service Flow Change
Classifier

A classifier is a set of matching criteria
applied to each packet




It consists of some protocol-specific packet
matching criteria (destination IP address, for
example)
a classifier priority
a reference to a CID.
Classifiers can be added by dynamic
signaling
Scheduler
Scheduler
Service
Classifier flows
QoS logical
connections
MS1 MAC
Service flow
over
QoS connections
BS MAC
Priority
queues
MS2 MAC
Associate packets into service flow
Define QoS parameter for each service flow
Dynamically establishing QoS-enabled service flows
Associate QoS service flow with logical connections
Quality of Service Support
Scheduling services

Four services are supported in 802.16 802.16-2004





Unsolicited Grant Service (UGS),
Real-time Polling Service (rtPS),
Non-real-time Polling Service (nrtPS), and
Best Effort (BE).
Five services are supported in 802.16e 802.16e2005





UGS (Unsolicited Grant Service)
RT-VR (Real-Time -Variable Rate Service)
NRT-VR (Non-Real Time -Variable Rate service)
BE (Best Efforts)
ERT-VR (Extended Real-Time Variable Rate)
Unsolicited Grant Service (UGS)

support real-time data streams consisting of
fixed-size data packets issued at periodic
intervals

Such as T1/E1 and Voice over IP without silence
suppression
INTERNET
VoIP
Real-time Polling Service (rtPS)

support real-time data streams consisting of
variable-sized data packets that are issued at
periodic intervals

Such as moving pictures experts group (MPEG)
video.
Non-real-time Polling Service (nrtPS)

support delay-tolerant data streams
consisting of variable-sized data packets for
which a minimum data rate is required

such as FTP
Best Effort (BE)

support data streams for which no minimum
service level is required and therefore may be
handled on a space-available basis.
Extended Real-Time Variable Rate
(ERT-VR) service

support real-time applications with variable
data-rates, which require guaranteed data
and delay, for example VoIP with silence
suppression.
Outline









WiMAX Introduction
WiMAX QoS & Flow
Network Working Group (NWG)
Network Reference Model
Network Entry
Authentication, Authorization, and Key Hierarchy
IP Configuration Setup
Mobility Management
QoS Functional Model
WiMAX Forum


The WiMAX Forum is a nonprofit organization
formed in 2001 to enhance the compatibility and
interoperability of equipment based on the IEEE
802.16 family of standards
WiMAX Forum_Network Working Group (NWG)
define



Stage 1: Use case scenarios and service
requirements and defined along with Service
Provider Working Group
Stage 2: Architecture Tenets, Reference Model and
Reference Points
Stage 3: Detailed Protocols and Procedures
WiMAX Working Group

Application Working Group (AWG)


Certification Working Group (CWG)


Maintains existing OFDM profiles, develops additional fixed OFDM profiles,
and develops technical specifications for the evolution of the WiMAX
Forum's OFDM based networks from fixed to nomadic to portable, to
mobile.
Global Roaming Working Group (GRWG)


Handles the operational aspects of the WiMAX Forum Certified program.
Evolutionary Technical Working Group (ETWG)


Define applications over WiMAX that are necessary to meet core
competitive offerings
Assures the availability of global roaming service for WiMAX networks in a
timely manner as demanded by the marketplace.
Marketing Working Group (MWG)

Promotes the WiMAX Forum, its brands and the standards which form the
basis for worldwide interoperability of BWA systems.
WiMAX Working Group

Network Working Group (NWG)


Regulatory Working Group (RWG)


Influences worldwide regulatory agencies to promote WiMAX-friendly, globally
harmonized spectrum allocations.
Service Provider Working Group (SPWG)


Creates higher level networking specifications for fixed, nomadic, portable and
mobile WiMAX systems, beyond what is defined in the scope of 802.16.
Gives service providers a platform for influencing BWA product and spectrum
requirements to ensure that their individual market needs are fulfilled.
Technical Working Group (TWG)

The main goal of the TWG is to develop technical product specifications and
certification test suites for the air interface based on the OFDMA PHY.
Relationship between the scopes
of WiMAX NWG and 802.16

From IEEE 802.16 to WiMAX NWG


build an interoperable broadband wireless
network.
Interoperable networks involve end-to-end service

such as IP connectivity and session management,
security, QoS, and mobility.
Tenets for WiMAX Network
Systems Architecture

Based on ……







a packet-switched framework
IEEE 802.16 standard and IETF RFCs
Decoupling of access architecture from connectivity
IP services
Specifying open, published and accepted standards
SHALL NOT preclude inter-technology handover
SHALL support seamless handovers at up to
vehicular speeds
All-IP Network !
Outline









WiMAX Introduction
WiMAX QoS & Flow
Network Working Group (NWG)
Network Reference Model
Network Entry
Authentication, Authorization, and Key Hierarchy
IP Configuration Setup
Mobility Management
QoS Functional Model
WiMAX Network Reference Model
Decomposed ASN into BS and
ASN GW entities
Entities of the WiMAX Network
Reference Model (1/2)

ASN: Access Serving Network

Logical representation of the functions of a NAP, e.g.






802.16 interface network entry and handover
Radio Resource Management & Admission ctrl.
L2 Session/mobility management
QoS and Policy Enforcement
Foreign Agent (FA)
Forwarding to selected CSN
Entities of the WiMAX Network
Reference Model (2/2)

CSN: Connectivity Serving Network

Logical representation of the functions of a NSP, e.g.





Connectivity to the Internet, ASPs
Authentication, authorization and accounting
IP address management
L3 Mobility and roaming between ASNs
Policy & QoS management based on a SLA
Network Reference point (1/2)

R1:


R2:


Reference point between MS and ASN-GW or CSN: logical interface used
for authentication, authorization, IP host configuration and mobility
management.
R3:


Reference point between MS and BS: implements IEEE 802.16e-2005.
Reference point between ASN and CSN: supports AAA, policy enforcement,
and mobility –management capabilities. Implements tunnel between ASN
and CSN.
R4:

Reference point between ASN and ASN: used for MS mobility across ASNs.
Reference point (2/2)

R5:


R6:


Reference point between BS and ASN: implements intraASN tunnels and used for control plane signaling.
R7:


Reference point between CSN and CSN: used for
internetworking between home and visited network.
Reference point between data and control plane in ASNGW: used for coordination between data and control plane
in ASN-GW.
R8:

Reference point between BS and BS: used for fast and
seamless handover.
WiMAX Network Reference
Model(2/2)
ASN Profile A
Functional View
ASN-GW Reference model
Link model for Profiles A &C
Internetworking with 3GPP
Scope

WiMAX-3GPP Interworking
refers to the integration of a
WiMAX Access Network to an
existing 3GPP core network.
Internet
Billing Server
PDG
Home Agent
WAG
Home AAA
3GPP Core
Network
GCSN
WiMAX Network
Service Provider
Local AAA
SGSN
RNC
3GPP Access
Network
Loosely-Coupled
Internetworking
WiMAX ASN
WiMAX Base Stations
3GPP
Card
WiMAX
Card
UE
Outline









WiMAX Introduction
WiMAX QoS & Flow
Network Working Group (NWG)
Network Reference Model
Network Entry
Authentication, Authorization, and Key Hierarchy
IP Configuration Setup
Mobility Management
QoS Functional Model
802.16e network entry

In a WiMAX network, a
full network entry
includes four stages:
a. Network Discovery and
Selection
b. Access Authentication
c. IP Configuration Setup
d. Data Transfer
IP Configuration Setup
Network entry


A WiMAX subscriber station has to complete the
network entry process, in order to communicate
on the network.
Steps:









Scan for DL channel and establish synchronization with the BS
Obtain transmit parameters (from UCD message)
Perform initial ranging
Negotiate basic capabilities
Authorize MS and perform key exchange
Establish IP connectivity
Establish time of day
Transfer operational parameters
optional
Set up connections


a)Downlink Channel Synchronization:
When an SS wants to communicate on a WiMAX
network, it first scans for available channels in the
defined frequency list. On finding a DL channel, it tries to
synchronize at the PHY level using the periodic frame
preamble. Information on modulation and other DL and
UL parameters is obtained by observing the DL Channel
Descriptor (DCD) and the UL channel descriptor (UCD)
of the DL channel.



b) Initial Ranging:
An SS starts an Initial ranging process by sending a
ranging request MAC message using the minimum
transmission power. If no response is received from the
BS, the SS resends the message on a subsequent frame
using a higher transmission power. The response either
indicates power and timing corrections that the SS must
make or indicates success.
Purpose:


The process by which the SS and BS maintain the quality of RF
communication link between them.
When ranging finished, the BS would allocate Basic CID and
Primary management CID to SS



c) Exchanging Capabilities:
After successful completion of the initial ranging step, the
SS sends capability request message indicating the
supported modulation level, coding scheme and rates
and duplexing methods.
The MS and ASN also SHALL negotiate the PKM
version, PKMv2 security capabilities and authorization
policy including requirements and support for Device
Authentication.




d) Authentication:
After capability negotiation, the BS authenticates the SS,
determines the ciphering algorithm to be used, and
sends an authentication response to the SS.
e) Registration:
After authentication, the SS sends a registration request
message to the BS and the BS sends a registration
response, with a secondary management CID for IP
configuration


f) IP Connectivity:
After registration, the SS gets the IP address via DHCP.
The SS also downloads other operational parameters
using TFTP.

g) Connection Creation:

After completing the IP connectivity step, transport connections are
created. For preprovisioned service flows, the BS sends a dynamic
service flow addition request message to the SS and SS confirms
the creation of connection. For non-preprovisioned service flows,
connection creation is initiated by the SS by sending a dynamic
service flow addition request message to the BS. The BS responds
with the confirmation.
Network Discovery and Selection




NAP discovery
NSP Access discovery
NSP Enumeration and selection
ASN attachment based on NSP Selection
NAP and NSP Discovery
“1” to indicate one or more NSPs
• As per “6.3.2.3.63 Service Identity Information (SII-ADV) message”, a BS may use the
SII-ADV message to broadcast a list of Network Service Provider (NSP) Identifiers.
• The MS MAY include the Visited NSP ID TLV in the SBC-REQ message to solicit BS
transmittal of the Visited NSP Realm TLV in the SBC-RSP message.
ASN Attachment based on NSP
Selection
MS_1@NSP_1.com
NSP_4!MS_2@NSP_1.com
Outline









WiMAX Introduction
WiMAX QoS & Flow
Network Working Group (NWG)
Network Reference Model
Network Entry
Authentication, Authorization, and Key Hierarchy
IP Configuration Setup
Mobility Management
QoS Functional Model
Why encryption?

Encryption

a mechanism that
protects data confidentiality
and integrity

plaintext to ciphertext
Encryption
•Encryption is always applied to the MAC PDU payload;
the generic MAC header is not encrypted; some
management messages are not encrypted.
Encryption -- WiMAX


WiMAX uses the Advanced Encryption
Standard (AES) to produce ciphertext.
Receiver of the ciphertext simply reverses the
process to recover the plaintext.
Public key infrastructure



The WiMAX 802.16e-2005 standard uses the Privacy and Key
Management Protocol version 2 (PKMv2) for securely
transferring keying material between the base station and the
mobile station.
PKMv2’s components
 X.509 digital certificates
 RSA public-key algorithm
 Strong encryption algorithm to perform key exchanges between
SS to BS.
PKMv2 mechanism
 Validates user identity and establishes an authorization key (AK)
 AK is used to derive the encryption keys, e.g. KEK, CMAC_KEY
 Supports device and user authentication between MS and home
CSN (PKMv1 only for device)
Public key infrastructure

PKMv2 supports the use of the Rivest-Shamir-Adlerman (RSA)
public key cryptography exchange.

RSA public key exchange
 requires that the mobile station establish identity using either a
manufacturer-issued X.509 digital certificate (Device Credential,
called Device-Cert) or an operator-issued credential such as a
subscriber identity module (SIM) card (Subscriber Credential,
called Subscriber Root Key, SUBC).
 X.509 digital certificate contains the mobile station's Public-Key
(PK) and its MAC address.
X.509
版本號碼
版本號碼
序列號碼
簽章演算法
加密資料 (public key)
發行者
開始使用日期
有效期限
結束使用日期
使用者名稱
使用者的
public key
數位簽章
Certificate
解密資料 (private key)
Authentication, Authorization and
Accounting

The WiMAX AAA framework is based on IETF specifications.
The term AAA is used to refer to the AAA protocols, Radius or
Diameter.

The AAA framework provides the following services to WiMAX:
 Authentication Services


Authorization Services


These include MS, user, or combined MS and user authentication.
These include the delivery of information to configure the session for
access, mobility, QoS and other applications.
Accounting Services

These include the delivery of information for the purpose of billing
(both prepaid and post paid billing) and information that can be used
to audit session activity by both the home NSP and visited NSP.
ASN security architecture (1/2)

The mobile station transfers the X.509 digital certificate to the
WiMAX network, which then forwards the certificate to a
certificate authority. The certificate authority validates the
certificate, thus validating the user identity.
ASN security architecture (2/2)
User/Device Authentication
Protocol layering
Keys in 802.16 PKMv2

Master Session Key (MSK)







Traffic Encryption Key (TEK)





128 bits, derived from AK, SS MAC,
BS ID
distributed by the BS
refreshed periodically
encrypted by KEK
Traffic is encrypted / decrypted by
TEK

issued by operator
Extended Master Session Key
(EMSK)

160 bits, derived from PMK(1+2), SS
MAC, BS ID
issued by manufacturer
Subscriber credential

Key Encryption Key (KEK)


160 bits, derived from MSK
Known by authenticator and AAA
peer
Device credential

Authorization Key (AK)



Pairwise Master Key (PMK)


512 bits, generated in EAP process
Known by AAA peer, AAA server,
and authenticator
512 bits, generated in EAP
known by AAA peer and server
for generating Mobile IP Root
Key in CSN
CMAC_*KEY_*


128 bits, derived from AK, SS
MAC, BS ID
For Message Integrity Check
WiMAX Key Hierarchy and Distribution
for ASN
for CSN
PKMv2 Procedures
Link activation triggers EAP
Routing based on NAI realm
PKMv2 three-way handshake
for mutual authentication
CMAC for MAC management
messages protection
KEK for encryption of TEK
Pairwise Key Management
Outline









WiMAX Introduction
WiMAX QoS & Flow
Network Working Group (NWG)
Network Reference Model
Network Entry
Authentication, Authorization, and Key Hierarchy
IP Configuration Setup
Mobility Management
QoS Functional Model
IP Configuration Setup

Point of Attachment (PoA) address



Fixed and nomadic access scenarios


has to be routable in the CSN and ASN, and
SHALL be assigned from the CSN address space
For portable and mobile access, the PoA SHALL
be assigned from either Home NSP or Visited
NSP, corresponding to the Home address (HoA)
DHCP
Mobile access scenarios

PMIP4 / CMIP4 / PMIP6 / CMIP6
H-AAA
HA
H-AAA
HA
IP Configuration Setup Procedure
(Proxy Mobile IP)
Proxy Mobile IP
IP Configuration Setup Procedure
(Client Mobile IPv4, CMIPv4 )
Mobile IPv4 (MIP)
Binding Update
Data Transmission
Corresponded
Node (CN)
Foreign
Agent (FA)
Home Agent
(HA)
Mobile Node
(MN)
Home
Network
Foreign
Network
IP Configuration Setup Procedure
(Client Mobile IPv6 ,CMIP6 )
Outline









WiMAX Introduction
WiMAX QoS & Flow
Network Working Group (NWG)
Network Reference Model
Network Entry
Authentication, Authorization, and Key Hierarchy
IP Configuration Setup
Mobility Management
QoS Functional Model
Mobility Management

MAC layer handover procedures




Intra-ASN mobility


Handoff process
Three levels of association
Two optional modes of HO decision and initiation
ASN Anchored Mobility
inter-ASN mobility


ASN Anchored Mobility (Profile A & C)
CSN Anchored Mobility
Mobility scenario
Stages of Handoff Process

Cell reselection


HO Decision and Initiation


A handover begins with a decision for an MS to handover
from a serving BS to a target BS. The decision may
originate either at the MS, the serving BS, or on the
network.
Termination with the Serving BS


MS may use Neighbor BS information in MOB_NBR-ADV
or scan Neighbor BS for handing over to potential target
BS.
After the handover request/response handshake has
completed, the MS may begin the actual HO. During the
HO process, the MS terminates service with the serving BS
by sending a MOB_HO-IND message.
Network entry/re-entry
Three levels of association

Association
 an optional initial ranging procedure in scanning interval
 enables the MS to acquire service information for proper
selection of HO target and/or expediting a potential future
handover to a target BS.
 Level 0: Scan / Association without coordination


Level 1: Association with coordination


The Serving BS allocates periodic intervals where the MS may range
neighboring BSs; the Target BS provides only contention-based
ranging allocations.
The Serving BS coordinates association between the MS and
neighboring BSs, with unique code and transmission opportunity to
prevent collision.
Level 2: Network assisted association reporting

The MS is required only to transmit the CDMA ranging code at the
neighbor BS. The Serving BS may aggregate all ranging related
information (e.g. PHY offsets and CIDs from BSs) into a single
MOB_ASC_REPORT message.
Two optional modes of HO
decision and initiation

Diversity Set


Macro Diversity Handover (MDHO)


A list of BSs that are involved in handoff process with MS
MS may transmit to and receive from BSs in Diversity Set
at the same time
Fast BS Switching (FBSS)



An Anchor BS is defined among the BSs in Diversity Set
MS only communicates with the Anchor BS for UL and DL
messages including management and traffic connections.
Transition from one Anchor BS to another (“switching”) in
Diversity Set is performed without invocating HO procedure
Two Mobility Levels in WiMAX

ASN anchored mobility or micro mobility
 The MS moves between Data Path Functions while maintaining
the same anchor FA sitting at the northbound edge of the ASN
network
 The data flow between CSN and Data Path Functions pivots at
the anchor FA.
 CSN is unaware of any mobility that occurs between ASN Data
Plane Functions

CSN Anchored Mobility Management or macro mobility
 The MS changes to a new anchor FA
 The new FA and CSN exchange signaling messages to establish
data forwarding path
ASN Anchored Mobility
Management(1/3)

ASN Anchored Mobility Management is
defined as mobility of an MS not involving a
CoA update (MIP re-registration)
ASN anchor Mobility (2/3)
ASN anchored mobility (3/3)
CSN Anchored mobility

For CSN Anchored Mobility Management two
variants of the MIP protocols are supported:


Client MIP (CMIP)
 CMIP is an IETF compliant MIP solution based on a Mobile
IP enabled MS.
 CSN Anchored Mobility Management will cover CMIP
based mobility schemes for IPv4 and IPv6.
Proxy MIP (PMIP)
 Proxy MIP is an embodiment of the standard Mobile IP
framework in which an MN is transparently instanced in the
access network on behalf of a client that is not MIP-aware
or MIP-capable.
CSN Anchor mobility
( R3-mobility )

Re-anchoring of the current FA to a new FA
and the consequent binding updates to
update the upstream and downstream data
forwarding paths.
CSN to ASN Anchored Mobility
Management Relationship (1/2)
CSN to ASN Anchored Mobility
Management Relationship (2/2)
Outline









WiMAX Introduction
WiMAX QoS & Flow
Network Working Group (NWG)
Network Reference Model
Network Entry
Authentication, Authorization, and Key Hierarchy
IP Configuration Setup
Mobility Management
QoS Functional Model
QoS Functional Elements





Service Flow Management
(SFM)

responsible for the creation,
admission, activation,
modification and deletion of
802.16 service flows.
Service Flow Authorization
(SFA)

Evaluate any service request
against user QoS profile.
AF: Application Function

e.g., SIP Proxy
PF: Policy Function

Maintained information
includes H-NSP's general
policy rules
LPF: Local Policy Function

enforce admission control
based on available
resources
Pre-provisioned service flow
References

Applications for 802.16-2004 and 802.16e WiMAX Networks, WiMAX
Forum.

Air Interface for Fixed Broadband Wireless Access Systems, IEEE
Standard. (IEEE 802.16-2004)

Air Interface for Fixed and Mobile Broadband Wireless Access
Systems, IEEE Standard. (IEEE 802.16e-2005)

Wimax forum WiMAX End-to-End Network Systems Architecture (Stage
2), Release 1, Version 1.3.0, September 21, 2008

Wimax forum WiMAX End-to-End Network Systems Architecture (Stage
3: Detailed Protocols and Procedures), Release 1, Version 1.3.0
September 21, 2008