IEEE 802.16 WG Meeting Report + NIST Guidelines for Securing WiMAX networks against threats
1. Excerpts of IEEE 802.16 WG Session 70 meeting report
Task Group m (TGm): Advanced Air Interface
Task Group m (TGm) met and completed resolution of comments in Sponsor Ballot of draft P802.16m/D9. P802.16m/D10 will be prepared for recirculation prior to Session #71 in January. The existing IEEE 802.16m Work Plan from 18 March remains accurate. The IEEE 802 Executive Committee granted conditional approval to forward P802.16m to RevCom. The Working Group anticipates that the conditions will be met in early 2011. The TG issued a closing report, with minutes to follow.
Maintenance Task Group
The Maintenance Task Group addressed change requests and updated its database. It also drafted a response to a liaison statement from the WiMAX Forum. The TG issued a closing report and minutes.
GRIDMAN Task Group
The Working Group’s GRIDMAN Task Group met to discuss activity under the P802.16n project. The project is amending IEEE Std 802.16 to provide for “Higher Reliability Networks.” The WG agreed to adopt the TG’s 802.16n System Requirements Document IEEE 802.16gman-10/0038r4 as a baseline. The TG issued a closing report, with minutes to follow.
Machine-to-Machine Task Group
The WG initiated activity under the P802.16p project, which was authorized by the IEEE-SA Standards board of 30 September. The project is amending IEEE Std 802.16 to provide “Enhancements to Support Machine-to-Machine Applications.” The WG agreed to adopt the 802.16p System Requirements Document IEEE 802.16p-10/0004r1 as a baseline. A closing report and minutes were issued. The P802.16p PAR was assigned to a new Machine-to-Machine (M2M) Task Group, chaired by Ron Murias.
WG Project Planning Committee
The WG Project Planning Committee met, reviewed contributions, and prepared a report.
Comment: We wonder if IEEE 802.16m- the ITU-R approved 4G technology AKA WiMAX 2.0- will ever be deployed. One reason for skepticism is mobile operators endorsement of TDD-LTE. Terry Norman of Analysys Mason expresses his opinion at:
2. NIST Special Report 800-127, Guide to Securing WiMAX Wireless Communications
NIST says, WiMAX technology continues to adapt to market demands and provide enhanced user mobility. SP 800-127 discusses WiMAX wireless communication topologies, components, certifications, security features and related security concerns.
This report.recommends that organizations that have adopted WiMAX:
- Develop a robust wireless metropolitan area network security policy and enforce it;
- Assess WiMAX technical countermeasures before implementing a vendor’s WiMAX technology;
- Require mutual authentication for WiMAX devices; and
- Implement FIPS-validated encryption algorithms employing FIPS-validated cryptographic modules to protect data communications.
More at: http://www.govinfosecurity.com/articles.php?art_id=3116
The NIST document covers the security of the WiMAX air interface and user subscriber devices, including security services for device and user authentication; data confidentiality; data integrity; and replay protection. It does not address WiMAX network system specifications, which covers core network infrastructure and are primarily employed by commercial network operators.
“Like other networking technologies, all WiMAX systems must address threats arising from denial-of-service attacks, eavesdropping, man-in-the-middle attacks, message modification and resource misappropriation,” the guidelines say.
The publication explains the basics of WiMAX, detailing the security differences among the major versions of the IEEE 802.16 standard, along with information on the security capabilities and recommendations on securing WiMax technologies.
WiMax threats consist primarily of compromises to the radio links between WiMAX nodes. These radio links can be both line-of-sight and non-line-of-sight. Line-of-sight links generally are harder to attack than non-line-of-sight links because an adversary would have to physically locate equipment between the nodes to compromise the link.
Non-line-of-sight systems provide coverage over large geographic regions, which expands the potential staging areas both for clients and adversaries.
More at: http://gcn.com/Articles/2010/11/19/WiMAX-security-guidelines-released.aspx?p=1