Literature Review On Wireless Broadband Computer Science Essay

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

Wireless Broadband can be defined as a new technology that provides high-speed wireless internet and data network access over a wide area. According to 802.16-2004 standard, broadband means having instantaneous bandwidth greater than 1 MHz and data rates greater than 1.5 Mbit/s. It means that their features speed is equivalent to wired broadband access, for example Digital Subscriber Line (DSL) and cable modem.

Most broadband wireless access is estimated to have a range of 50 km (approximately 30 miles) from its tower. A wireless broadband connection can be either licensed or unlicensed. Most Wireless Internet Service Providers (WISPs) use unlicensed band which is publicly shared because licensing is usually expensive. These bands are reserved for large companies that want to guarantee private access to spectrum for use in point to point communication.

Figure above shows the technology used in wireless broadband that has been divided into licensed and unlicensed band, and also local area network (LAN) and wide area netwok (WAN). Only Wi-Fi, HSDPA and WiMAX will be discussed in this project since these are the three main technologies that are widely used in Malaysia. The main wireless broadband providers that are related to these technologies are TM for Wi-Fi; Celcom Broadband, Digi Broadband and Maxis Broadband for HSDPA; and P1 WiMAX for WiMAX.

One of the technologies used in wireless broadband is Wi-Fi. Wi-Fi which is also known as Wireless Fidelity belongs to a class of wireless local area network (WLAN) devices based on 802.11 standards [10]. This 802.11 standard covers 802.11a, 802.11b, 802.11g and 802.11n standards. 802.11a transmits at 5 GHz and can move up to 54 megabits of data per second. It also uses orthogonal frequency-division multiplexing (OFDM), a more efficient coding technique that splits that radio signals into several sub-signals before they reach a receiver. This technique can reduce interference. 802.11b is the slowest and least expensive standard. It's becoming less common as nowadays, faster standards become less expensive. 802.11b transmits in the 2.4 GHz frequency band of the radio spectrum. It can handle up to 11 megabits of data per second, and it uses complementary code keying (CCK) modulation to improve speeds. [11]

On the other hand, 802.11g transmits at 2.4 GHz like 802.11b, but it can handle up to 54 megabits of data per second. It is also faster because it uses the same OFDM coding technique as 802.11a. 802.11n is the newest standard that is widely available which significantly improves speed and range. For instance, although 802.11g theoretically moves 54 megabits of data per second, it only achieves real-world speeds of about 24 megabits of data per second because of network congestion. However, 802.11n can achieve speeds as high as 140 megabits per second. [11]

Any Wi-Fi enabled devices, for example a personal computer, mobile phone, MP3 player and others, can connect to the Internet when within range of a wireless network connected to the Internet. The coverage of one or more (interconnected) access points called a hotspot can comprise an area as small as a few rooms or as large as many square miles. Coverage in the larger area may depend on a group of access points with overlapping coverage.

Figure 2.3: A Typical Consumer Wi-Fi Access Point

Wi-Fi also can provide public access at Wi-Fi hotspots provided either free-of-charge or to subscribers to various commercial services. Airports, universities and restaurants usually provide free hotspots to attract or assist clients. Routers that incorporate a digital subscriber line modem or a cable modem and a Wi-Fi access point often set up in homes and other premises, can provide Internet-access and internetworking to all devices connected (wirelessly or by cable) to them. One can also connect Wi-Fi devices in ad-hoc mode for client-to-client connections without a router. Wi-Fi also enables places that would traditionally not have network access to connect, for example bathrooms, kitchens and garden sheds.


Figure 2.4: How HSDPA Works [13]

High Speed Downlink Packet Access (HSDPA) is an enhanced third generation (3G) mobile telephony communications protocol in High Speed Packet Access (HSPA) family. It is designed to speed up network capacity and data transmission rate of cellular phones. It is a packet based technology for Wideband Code Division Multiple Access (W-CDMA) downlink with data transmission rates of 4 to 5 times that of current generation 3G networks of Universal Mobile Telecommunications System (UMTS) and 15 times faster than GPRS. The standard downlink speed range of HSDPA is said to be from 2 Mbps to 14.4 Mbps. However, in real life, the downlink speed range is from 2 to 3 Mbps only. [12]

Currently, there are 100 HSDPA-capable networks operating in 54 countries worldwide. Most of these networks offer 3.6 Mbps downlink speeds. More networks are beginning to switch to faster 7.2 Mbps downlink speeds. However, only a number of networks presently offer a full 14.4 Mbps speed. [13]

HSDPA also provides a smooth evolutionary path for Universal Mobile Telecommunications System (UMTS) networks to higher data rates and higher capacities, in the same way as Enhanced Data rates for GSM Evolution (EDGE) does in the Global System for Mobile communication (GSM) world. The introduction of shared channels for different users will guarantee that channel resources are used efficiently in the packet domain, and will be less expensive for users than dedicated channels. [12]

There are four phase in the roadmap of HSDPA. The first phase is HSDPA was introduced in the Third Generation Partnership Project (3GPP) release 5 standards. The aim of this standard is it will be possible to achieve peak data rates of about 10 Mbit/s where the maximum theoretical rate is 14.4 Mbit/s [13]. Then they introduce High Speed Downlink Shared Channels (HS-DSCH), the adaptive modulation QPSK and 16QAM and the High Speed Medium Access protocol (MAC-hs) in base station [14]. This will result in a six- to seven-fold throughput increase during an average downlink packet session compared with the Downlink Shared CHannel (DSCH) standards of 3GPP release 99 [13].

The second phase is the upcoming of 3GPP release 7 or known as HSPA Evolved. It can achieve data rates up to 42 Mbps. It also introduces antenna array technologies such as beam forming and Multiple-input multiple-output communications (MIMO). Beam forming focuses the transmitted power of an antenna in a beam towards the user's direction. On the other hand, MIMO uses multiple antennas at the sending and receiving side. Deployments are began in the second half of 2008. [14]

The third phase is the release of the dual carrier operation, which is the simultaneous use of two 5 MHz carrier. A peak data rate of 84 Mbit/s can be reached under ideal signal conditions by combining this with MIMO transmission. The final phase is E-UTRA, or previously known as HSOPA, a technology that is specified in 3GPP Release 8. This project is called the Long Term Evolution (LTE) initiative. The first release of LTE offers data rates of over 320 Mbit/s for downlink and over 170 Mbit/s for uplink using OFDMA modulation. [14]

During 2007, an increasing number of telcos worldwide began selling HSDPA USB modems as mobile broadband connections. In addition, HSDPA for data via Ethernet and WiFi has grown. Some are marketed with connection speeds of "up to 7.2 Mbit/s" which is only attained under ideal conditions. As a result these services can be slower than expected, especially when in fringe coverage indoors. However, signal strength can be greatly improved by using commercial solutions that can attach 3G external antennas 14]. In Malaysia, there are three main wireless broadband providers that use HSDPA as their technology, which are Celcom Broadband, Digi Broadband and Maxis Broadband.

2.1.3 WiMAX

Worldwide Interoperability for Microwave Access (WiMAX) is the next generation of wireless technology that is designed for high speed mobile Internet access. This technology is based on standard known as IEEE 802.16. This standard can further be divided into 802.16-2004 which is often called as 802.16d, frequently referred as fixed WiMax and 802.16-2005 which is often called as 802.16e, frequently referred as mobile WiMax [17].

"WiMAX" name has been created by WiMax Forum which has the objective to promote conformity and interoperability of this standard. The forum also describes WiMAX as a standards-based technology to enable the delivery of last mile wireless broadband access as an alternative to cable and DSL. Wimax technology is a telecommunications technology that offers transmission of wireless data via a number of transmission methods such as portable or fully mobile internet access via point to multipoints links [15].

There are some specifications for WiMax. Firstly, it has range of 30 miles (50 km) radius from the base station. Its speed has been said to be 70 Mbps. Line of sight is also not needed between user and base station. WiMax could operate in both licensed and unlicensed band. Thus, the range of frequency for its licensed band is 2 to 11 GHz, while the range of frequency for its unlicensed band is 10 to 66 GHz. [18]

WiMax has the same general principles as Wi-Fi which it sends data from one computer to another via radio signals. A computer that is equipped with WiMax would receive data from the WiMAX transmitting station, using encrypted data keys to prevent unauthorized users from stealing access. The biggest difference between WiMax and Wi-Fi is its distance, not its speed. WiMAX can provide broadband wireless access (BWA) up to 30 miles (50 km) for fixed stations, and 3 - 10 miles (5 - 15 km) for mobile stations. In contrast, Wi-Fi standard is limited to 100 - 300 feet (30 to 100 m) only [16]. The increased range is due to the frequencies used and the power of the transmitter. At that distance, terrain, weather and large buildings will act to reduce the maximum range in some circumstances, but the potential is there to cover huge tracts of land.

Figure 2.6: How WiMax Works

The bandwidth and range of WiMAX make it suitable for the following potential applications such as connecting Wi-Fi hotspots to the Internet. It also could provide a wireless alternative to cable and DSL for "last mile" broadband access, providing data, telecommunications and IPTV services (triple play) providing a source of Internet connectivity as part of a business continuity plan. That is, if a business has both a fixed and a wireless Internet connection, especially from unrelated providers, it is less likely to be affected by the same service outage. It also could provide a portable connectivity.

WiMax operates similar to Wi-Fi but at higher speeds, greater distances and greater number of users. WiMAX could potentially erase the suburban and rural blackout areas that currently have no broadband Internet access because phone and cable companies have not yet run the necessary wires to those remote locations. A WiMAX system consists of two parts, which are WiMAX tower and WiMax receiver. WiMAX tower can provide coverage to a very large area as big as 3000 square miles or approximately 8000 square km. WiMAX receiver which consists of receiver and antenna could be a small box or PCMCIA card, or they could be built into a laptop the way WiFi access is today. A WiMAX tower station can connect directly to the Internet using a high-bandwidth wired connection, for example a T3 line. It can also connect to another WiMAX tower using a line-of-sight, microwave link. This connection to a second tower, that is often referred to as a backhaul, along with the ability of a single tower to cover up to 3000 square miles, is what allows WiMAX to provide coverage to remote rural areas. [18]


2.2.1 Wi-Fi Security

Unguided signals transmitted through air could be intercepted by unauthorized users. Any loopholes can be exploited by hackers who can sneak onto networks to steal bandwidth and data from private computers [2]. As Wi-Fi affords open data access, unless security is enabled, these signals which are radio waves to transport data can be intercepted by nearby receivers easily. Many broadband providers use well known IP addresses. If a hacker knows the range of IP addresses our provider uses, it will be easier for them to find our computer's information.

There are many ways to increase the security of Wi-Fi. One of the ways is by changing configuration page's password. We should change the username and password for built in configuration page that will look like an internal webpage that is accessed from our web browser that comes along wireless router or access point [20]. The second way is by disabling the broadcasting of SSID. Most wireless broadband access point and routers make their SSID public. This feature was designed for businesses and mobile hotspots where Wi-Fi clients may roam in and out of range. However, this roaming feature is unnecessary for home connection, and it increases the chance of someone to log in to your home network. Disabling this broadcasting will actually prevent others from knowing that we are using a wireless network.

Besides, changing the default IP number of the wireless access point or router also can increase the security of Wi-Fi. We need to change the default IP number to something different. By doing this hackers will not easily find the configuration menu. We also should place our wireless router as close as we can to the centre of our home or office. Other than ensuring the signal will be stronger, this also could reduce the chance that our wireless signal will leak outside and attract attention to other users such as hackers and piggy-backers. [20]

Next, enabling Wired Equivalent Privacy (WEP) or Wi-Fi Protected Access (WPA) also can increase the security of Wi-Fi. WEP involves simple encryption only that is useful for home networking and is inadequate for protecting confidential data. This is due to the fact that WEP uses a single and static shared key [21]. This option encrypts data we send over the network and can only be read by someone who has the pass key which is set by the user that consists of a number of hexadecimal values. The router then encrypts this chosen key by using 'bit encryption'. It can be set as 64 bit, 128 bit or 256 bit encryption. It will be harder to crack and gain access to our network if the key is longer. [22]

On the other hand, WPA is a security enhancement that increases the level of encryption and authentication for existing and future WLAN systems. WPA is actually similar to WEP but it is more secure because when the user sets a key, the router will change the 'key' at preset times. We are also able to choose our own unique and memorable password without any restrictions. This is one of the benefits of using WPA as WEP only allows hexadecimal values [22]. It already solved all of WEP's vulnerabilities. Limited Range

Wi-Fi networks have limited range. A typical wireless router using 802.11b or 802.11g with a stock antenna might have a range of 32 m (120 ft) indoors and 95 m (300 ft) outdoors. The new IEEE 802.11n however, can exceed that range by more than two times. Range also varies with frequency band. Wi-Fi in the 2.4 GHz frequency block has slightly better range than Wi-Fi in the 5 GHz frequency block. Outdoor ranges - through use of directional antennas - can be improved with antennas located several kilometres or more from their base. In general, the maximum amount of power that a Wi-Fi device can transmit is limited by local regulations, such as FCC Part 15 in USA. [9]

Wi-Fi performance decreases roughly quadratically as distance increases at constant radiation levels. Due to reach requirements for wireless LAN applications, Wi-Fi has as fairly high power-consumption compared to some other standards. Technologies such as Bluetooth provides a much shorter propagation range of less than 10m and so in general have a lower power-consumption. Other low-power technologies such as ZigBee have fairly long range, but much lower data rate. The high power-consumption of Wi-Fi makes battery life in mobile devices a concern. [9]

Due to the complex nature of radio propagation at typical Wi-Fi frequencies, particularly the effects of signal reflection off trees and buildings, algorithms can only be predict Wi-Fi signal strength generally for any given area in relation to a transmitter. This effect does not apply equally to long-range Wi-Fi, since longer links typically operate from towers that broadcast above the surrounding foliage. [9] Bandwidth Crunch

The two key resources of wireless commons are Wi-Fi hot spots and backhaul bandwidth. Wi-Fi hot spots are location-centric. One hot spot can be more actively used than another hot spot depends on their locations. If a wireless common has a very low ratio of active to not-so-active hot spots, the active hot spots are likely to take on unduly high burden of supporting the common. This burden creates bandwidth crunch in the short run and makes the common unsustainable in the long run. [8]

Some hot spots have dedicated T1 line connections, cable modem connections. or DSL connections to provide backhaul bandwidth. These connections differ significantly in terms of transmission speed. If active hot spots are connected to the Internet through slower bandwidth connections, they can support only a limited number of users at a time and the common will experience bandwidth crunch. However, many technology companies are working to expand the range of hot spots and to increase the transmission speed in Wi-Fi networks. If the current trend continues and the rate of such technological innovations outpaces the rate at which bandwidth is used, wireless commons can survive by continuously upgrade technologies. [8] Channel Pollution

Wi-Fi channel pollution can be defined as interference of a closed or encrypted access point with other open access points in the area, especially on the same or neighboring channel. It can prevent access and interfere with other devices' use of other access points, caused by overlapping channels in the 802.11g/b spectrum, as well as with decreased signal-to-noise ratio (SNR) between access points. This could lead to a problem in high-density areas, such as large apartment complexes or office buildings with many Wi-Fi access points. In addition, other devices that use the 2.4 GHz band, for example microwave ovens, security cameras, and Bluetooth devices can also cause significant additional interference. [9]

2.2.2 HSDPA Complexity

HSDPA is not a simple software upgrade to 3G systems. The change from Release 99 to HSDPA is dramatic just like the change from GSM to EDGE in terms of changing both modulation and the way packets are processed. There are parts of the HSDPA standard that are simple to implement by using existing hardware. However, HSDPA will simply break many deployed architectures and will require new hardware. Most base stations will need significant upgrades to cope with the increased data throughput and the consequences of moving to a more complex protocol. [1]

HSDPA also increases the downlink data rate to a theoretical maximum of 14 Mbit/s and uplink data rate of 2 Mbit/s within a cell. However, it is not about delivering Ethernet bandwidth to one fortunate user. The important things are the ability to deliver, reliability, many sessions of high-speed and bursty data to a large number of users within that cell. The changes that HSDPA made include better quality, more reliable and more robust data services. In other words, while realistic data rates may only be a few megabits per second, the actual quality and number of users achieved will improve significantly. [1]

Complexity will be increase by the improved performance and processor power provided by HSDPA. There are many high-speed feedback loops needed to implement HSDPA powerfully and provide users with the best data rates. For example, the TTI used for modulation and coding selection for individual frames in the HS-DSCH is just 2 ms compared with a typical time of 10 ms (and up to 80 ms) for the TTI used for power control in the existing Release 99 shared channel. The algorithms needed to make good use of the possibilities provided by fast scheduling will be more complex than those implemented by existing radio network controller (RNC) software. However, those decisions have to be made within a millisecond. [1]

Data packets can be retransmitted quickly at the request of the mobile terminal when link error occurs. In existing W-CDMA networks, these requests are processed by the RNC. As with fast scheduling, better responsiveness is provided by HSDPA by processing the request in the base station. The hybrid automatic repeat request (HARQ) protocol developed for HSDPA allows efficient retransmission of dropped or corrupted packets. The protocol has been designed to allow the average delivered bandwidth of HSDPA to be higher than would be possible if more extensive forward error correction were to be used. However, it puts significant demands on the basestation as support for HARQ calls for low latency. The latency demanded for efficient HARQ support calls for retransmissions to be processed within 2 to 7 ms. But the feedback loop that allows HARQ to be implemented is not one that exists in Release 99 basestations, as that function sits in the RNC for existing DCH and DSCH transmissions. So, not only must things work faster, many functions are new, adding to the capabilities and intelligence of the Node B. [1]

In addition to fast retransmissions, a number of techniques are used to provide the mobile terminal with a better chance of receiving the data correctly. For users with a high coding rate, simple chase combining may be used, which simply repeats the packet. For users with a low coding rate, incremental redundancy can be used. In this scheme, parity bits are sent to allow the mobile terminal to combine the information from the first transmission with subsequent retransmissions. [1]

The consequence of these design decisions is that the scheduler and re-transmission manager require large buffers to hold all the packets that might need to be resent. This function was not present in earlier functions, and the hardware to support it needs to have been designed in readiness for it for existing implementations to support HSDPA at sufficiently high data rates. [1] Burst Problem

IP is a bursty protocol that demands changes to the wideband CDMA (W-CDMA) protocol stack to support IP efficiently. It provides a poor fit with the dedicated channel (DCH) that is used in existing W-CDMA networks. Although the DCH can support many different types of traffic, the utilization of the channel for bursty traffic is quite low. This is because the process of channel reconfiguration that can be used to tune the DCH for a change in traffic mix traffic is a slow process, taking on the order of 500 ms. These issues have been addressed in Release 5 of the 3G Partnership Project (3GPP) standards, which radically changes the network to make it far better suited to data traffic. Support for IPv6 has been incorporated into the core network together with a key enhancement to provide high-bandwidth support for bursty IP traffic for the mobile user.

Instead of sending data using individual DCHs, HSDPA extends the downlink shared channel (DSCH), allowing packets destined for many users to be shared on one, higher-bandwidth channel called the high-speed DSCH (HS-DSCH). As with wired networks such as Ethernet, this allows for the more efficient utilization of the available bandwidth. On top of that, a faster channel configuration process allows the base station to control the channel more effectively, further improving efficiency as shown in Figure 2.7 below.

Figure 2.7: HSDPA's air interface channels. Too Many Options

In this technology, there are too many options available to base station designers and operators. This could complicates the provision of HSDPA as the network is upgraded but intelligent choices over base station implementation can result in higher throughput for high-revenue services that could lead to improving operators' margins. The maximum bandwidth that can be achieved with HSDPA depends on cell size. The maximum achievable bit rate tends to fall away for users at the edge of the cell in order to limit the power needed to send each bit of information. The peak aggregate data rate is in the range of 1 to 1.5 Mbps for a large cell with a diverse range of users. This can increase to 4 to 6 Mbps and beyond as the cell size decreases to the micro cell level and beyond. In principle, a picocell could have data rates of 8 Mbit/s or more. [1]

HSDPA uses higher-level modulation schemes such as 16-point quadrature amplitude modulation (16QAM), together with an adaptive coding scheme based on turbo codes at the PHY layer in order to achieve higher data rates. The modulation scheme is adaptive and is changed on a per-user basis. The spreading factor used for the HS-DSCH remains xed at 16, but the coding rate can be vary and on a per-user basis, between 1/4 and 3/4. Theoretically, the protocol allows an uncoded link of 4/4 but this is only useful for lab tests to achieve the theoretical maximum of 14 Mbps by using 16QAM modulation. [1]

The modulation can vary under poor reception conditions. This is possible by reverting to QPSK from the higher-order modulation of 16QAM. Link adaptation ensures the highest possible data rate could be achieved by both users with good signal quality who are typically close to the base station, and also for more distant users at the cell edge who may receive data with a lower coding rate. The link adaptation is performed on each transmission timing interval (TTI), with the user equipment sending an estimate of the channel quality to the Node B that is then used to select the modulation and coding rate for that user on the next transmission. [1] Scheduling

It is simple to devise a scheduling algorithm that will work well for a few users in the laboratory with artificially generated constructive fading conditions. However, it is much harder to develop one that works robustly in the field for many users all with different, complicated and changing situations. There are many circumstances that will affect real-world systems. The latency demands of HSDPA mean that designs will react differently to changing fading conditions and packet delivery speeds. [1]

If a scheduler is not designed to react to these problems, operators may see some users with terminals that are able to handle high-speed transfers starved of bandwidth, while other users with less capable systems use up too much of the HS-DSCH bandwidth. This situation will create much lower data utilization than expected. An intelligent scheduler that watches for changes to channel, terminal conditions, and schedules packets for terminals that are able to receive at higher data rates will improve the overall revenue that can be derived. [1]

However, the need to support different quality-of-service (QoS) contracts with each terminal will complicate the situation for the scheduler. This is because it cannot simply deny bandwidth to a terminal with a high QoS setting as it happens to be in a poor reception area or unable to react quickly enough to the data it receives from the base station. It will be desirable to have different scheduling policies in action at different times of the day or tuned for certain types of location. Future Proofing

HSDPA is an unbalanced system, as its maximum downlink rate is 14 Mbps while its uplink rate is 2 Mbps on the uplink. This could lead to a problem as TCP can easily be "uplink choked" if acknowledgments are slow, thus reducing the downlink rate [1].

This problem could be solved by Release 6 of the 3GPP. This specification introduces high-speed uplink packet access (HSUPA). This would allow users to take advantage of faster uplinks with lower latency when sending large files or emails. It would also improve the efficiency of the link and increase effective throughput even though the modulation has not changed. Indeed, without the improved efficiency of HSUPA, it is highly likely that HSDPA will be impaired in applications that have more balanced bandwidth needs.

HSUPA puts more challenging demands on the base station design. It means that the processing electronics need to deal with a much more complex environment in the same way that HSDPA demands more of the terminals in terms of decoding. HSUPA means moving control functions from the RNC to the Node B. As for HSDPA, these will break many installed architectures. A flexible and upgradable platform is necessary as these changes are arriving. [1]

2.2.3 WiMax Security

Security has become a big issue with WiMAX and other technologies as well. In Wi-Fi, security was added later after the implementation of the technology. In WiMAX, security is the main consideration during the design of this protocol [17]. However, its security issues are still being discussed. Ken Dulaney, VP of mobile computing at Gartner Inc. said that, "I don't think WiMAX is any less secure than WiFi or cellular. You will probably see some attacks, but I warn everyone who claims it's a WiMAX failure to see whether the problem results from other areas". He also added, "WiMAX and WiFi are both borne of the same orthogonal frequency-division multiplexing (OFDM) technique". [6]

From end user's point of view, its primary security concerns are privacy and data integrity. Users need assurance that no one can eavesdrop on their sessions and the data sent across the communication link is not tampered. This could be achieved through the use of WiMAX network encryption. From the service provider's point of view, its primary security concern is preventing unauthorized use of the network services. This is usually done using strong authentication and access control methods. Authentication and access control can be implemented at various levels of the network such as the physical layer and the privacy sub layer. [4]

WiMAX should support all of these requirements. One of the requirements is privacy which means they need to provide protection from eavesdropping as the user data traverses the network from source to destination. They also should support data integrity. It means that they need to ensure that user data and control or management messages are protected from being tampered with while in transit. The third requirement is authentication which means have a mechanism to ensure that a given user/device is the one it claims to be. Conversely, the user or device should also be able to verify the authenticity of the network that it is connecting to. Together, the two are referred to as mutual authentication. Next, authorization which means have a mechanism in place to verify that a given user is authorized to receive a particular service. The final requirement is access control which is to ensure that only authorized users are allowed to get access to the offered services. [7]

There are four main threats to WiMAX technology. The first type is Base Station Attacks. A rogue base station is an attacker station that duplicates a legitimate base station. The rogue base station puzzles a set of subscribers trying to get service through what they believe to be a legitimate base station. It may result in long disturbance of service. This vulnerability allows an attacker to craft a malicious request which can allow administrative access to the base station. Although it is typically found and patched rapidly, the challenge is not all consumers will monitor their equipment and even when the vulnerabilities are published, they will not patch them. [7]

The second type is Denial of Service Attacks. As we already know, WiMAX is suffering from MAC-layer vulnerabilities and also PHY-layer vulnerabilities as well. WiMAX uses management frames that are similar to Wi-Fi but it implements cryptographic protections to prevent the majority of spoofing attacks. However, WiMAX is vulnerable to replay-based attacks to flood a network with rogue management frames and creates a denial of service. [7]

The third type is Man in the Middle Attacks. WiMAX implements a unidirectional authentication scheme using X.509 certificates from subscribers to base station, not from base station to subscribers. Thus, it opens a potential vulnerability for rogue base stations to attempt the impersonation of legitimate devices. Attackers can intercept subscriber initiation requests, make spoof responses and authorize them to use the rogue access point. One of the solutions to mitigate this risk is by using strong mutual authentication via IEEE 802.1x and a RADIUS server. [7]

The fourth type is Application Layer Attacks. It is possible to deploy a solution to make WiMAX to run securely, without enabling either DES or AES. When data is transmitted, it is vulnerable to sniffing as well as attacks against applications just like Wi-Fi. To prevent these attacks, administrators need to take advantage of WiMAX's built in encryption capabilities. However, DES is not advised because the current standards only support 56-bit DES only. On the other hand, AES is much secure and stronger than WPA2. [7]

Security threats in WiMAX could attack both PHY and MAC layers. Attacks in PHY layer include jamming of radio spectrum, denial of service and flooding a station with frames to drain its battery. Currently, the focus of WiMAX security is at the MAC layer as there are no techniques to prevent the attacks at PHY layer. At PHY layer, jamming and scrambling is one of the type of attacks. Jamming is caused by a strong source of noise that could reduce the capacity of WiMAX channel. Scrambling is quite similar to jamming but it is for short time period and also for specific WiMAX frames or parts of frames. Another attack is water torture attacks that drains the battery of a subscriber station (SS) and send bogus frames to consume computing resources. This type of attack is actually more critical than Denial of Service Attack as the author has discussed earlier. There are several ways to prevent these problems. One of the ways is to increase the power of signals that could prevent jamming. A sophisticate mechanism also could be use to discard bogus frames to avoid water torture attack. [17]

Encryption is one of the solutions in order to prevent these security problems. It is the method used to protect the confidentiality of data flowing between a transmitter and a receiver. It involves taking a stream or block of data to be protected, called plain text, and using another stream or block of data, called the encryption key, to perform a reversible mathematical operation to generate a ciphertext. The ciphertext is unintelligible and hence can be sent across the network without fear of being eavesdropped. The receiver does an operation called decryption to extract the plaintext from the ciphertext, using the same or different key. When the same key is used for encryption and decryption, the process is called symmetric key encryption. This key is typically derived from a shared secret between the transmitter and the receiver and for strong encryption typically should be at least 64 bytes long. When different keys are used for encryption and decryption, the process is called asymmetric key encryption. Both symmetric and asymmetric key encryptions are typically used in broadband wireless communication systems, each serving different needs. [5] Spectrum Allocation

As we know, Wi-Fi is operated in unlicensed band, thus it doesn't have any issue with spectrum allocation problem. Unlike Wi-Fi, WiMax is operated in fixed licensed bands for its operation by the FCC. Much of the radio spectrum needed to deploy WiMax has already been distributed by governments, for example for military purposes. WiMax implementation has to be done on unused higher frequencies of allocated spectrum for better performance. However, the cost of deploying wireless technology will be higher when the service is offered at higher radio frequencies because the line-of-sight requirements necessitate the installation of additional antennas to cover the same service area. [2]

When higher frequencies are used, range will decrease, losses from diffraction and refraction increase, and the ability of waves to pass through object diminishes. The doubling frequencies will halve the range. Since 1950, frequencies that were thought to be the highest frequencies for mobile radio communication continued to increase year by year. [19]

Spectrum availability has been one of the key issues in WiMax. This could be a limiting factor in number of customers the provider can serve, cost of the system, and its bit rate. International Telecommunication Union (ITU) has developed a model for spectrum requirement through 2010 based on inputs from wireless operators and manufacturers. Based on the model, there is need for an additional 160 MHz of spectrum for cellular applications. They also have generated an estimation of an increase of spectrum allocation to support 10X (20 Mbps) and 100X (200 Mbps) increase of peak throughput. Based on this analysis, an additional of 250 MHz of spectrum will be needed for a 100X increase. [19]

Originally, WiMAX was allocated to the frequency band in the range of 10 to 66 GHz (802.16a). However, in 2004, it was further updated to 2 to 11 GHz (802.16d). 802.16e is the current standard that they are worked upon. It uses scalable OFDMA that allows multiple channels of different bandwidths and hence different number of sub carriers. However, OFDMA is highly sensitive to time and frequency synchronization errors. Slight frequency offset or little delay in timing will also result in a high bit error rate after demodulation. [3]