This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
WiMAX is a wireless technology that provides us high speed telecommunication services. WiMAX is the acronym for Worldwide Interoperability for Microwave Access. It is an IP based wireless broadband access technology is based on 802.16 standards with the coverage and QOS (quality of service) of cellular networks. WiMAX is a network standard that is intended for Metropolitan area networks (MANs). The WiMAX system provides a wireless alternative to DSL and internet cable. WiMAX can offer broadband wireless access (BWA) up to 30 miles (50 km) for fixed stations, and 3 - 10 miles (5 - 15 km) for mobile stations in contrast to the Wi-Fi wireless local area network standard that is limited in most cases to only 100 - 300 feet (30 - 100m). WiMAX technology provides higher speed connection up to 70 Mbps over the area of 30 miles. WiMAX provides portable mobile broadband connectivity across cities and countries and also provides data, telecommunications (VoIP) and IPTV services. There is no need of line of sight between the base station and the receivers in the case of WiMAX and WiMAX supports a large number of subscribers from a base station.There are three licensed spectrum profiles for WiMAX, they are 2.3 GHz, 2.5 GHz and 3.5 GHz. The IEEE standard 802.16d is known as fixed WiMAX and IEEE standard 802.16e is known as mobile WiMAX. In this paper the performance of WiMAX is compared over Wi-Fi and current solutions for security problems in WiMAX network is evaluated.
PERFORMANCE ANALYSIS OF WIMAX AS COMPARED TO WIFI
The performance analysis of WiMAX compared to Wi-Fi can be studied by analyzing the various parameters of both system. The WiMAX and Wi-Fi standards can be compared on the basis of the following parameters.
The primary application of Wi-Fi is to provide wireless LAN. WiMAX provides wireless broadband access over a large area. It is intended for metropolitan area networks.
All the Wi-Fi applications use unlicensed frequency bands of 2.4 GHz ISM, whereas in WiMAX there are both licensed and unlicensed frequency spectrum. The frequency band of WiMAX ranges from 2 to 11 GHz which has four bands. They are:
a. Licensed 2.5 GHz MMDS: the FCC has allocated 200 MHz of licensed radio spectrum within the range of 2.5 to 2.7 GHz which is used for multichannel multipoint distribution service (MMDS)
b. Licensed 3.5 GHz band
c. Unlicensed 5 GHz U-N II Band : 555 MHz of unlicensed frequency has allocated between 5.15 and 5.35 GHz and 5.47 and 5.825 GHz band.
The Wi-Fi has a fixed bandwidth of 25 MHz for 802.11b and 20 MHz for 802.11a and g networks. In WiMAX the bandwidth is not fixed, its adjustable from1.25 MHz to 20 MHz.
Half duplex / Full duplex
The Wi-Fi system is a half duplex system whereas WiMAX technology is full duplex. The request/grant protocols in WiMAX were designed with an idea that the network will use different channels for transmission and reception.
Wi-Fi system uses two radio transmission techniques. The 802.11b radio link uses a direct sequence spread spectrum technique called complementary coded keying. The bit stream is modulated using quadrature phase shift keying (QPSK). The 802.11a and 802.11g uses a 64 channel orthogonal frequency division multiplexing (OFDM). The available radio band is divided into a number of sub channels, some bits are sent on each sub channel. The transmitter encodes the bi5t streams on the sub channels using binary phase shift keying (BPSK), quadrature phase shift keying (QPSK) or by one or two levels of quadrature amplitude modulation (QAM).
WiMAX has got three types of radio transmission link like single carrier channel (SC-A), 256 subcarrier orthogonal frequency division multiplexing (OFDM) and 2048 sub carrier orthogonal frequency division multiplexing (OFDM-A).
In Wi-Fi the 802.11b delivers bandwidth efficiency between 0.04 and 0.44 bps/hertz for a 25 MHz channel. 802,11a and 802.11g delivers bandwidth efficiency between .24 and 2.7 bps/ hertz for a transmission rate of 6 to 54 Mbps. In WiMAX the bandwidth efficiency is up to 5 bits/hertz on a 20 MHz channel for a transmission rate of 100 Mbps.
Both Wi-Fi and WiMAX uses adaptive modulation schemes. WiMAX have about 9 different modulation systems using BPSK, QPSK,16-,64-,256- QAM modulations. In Wi-Fi 802.11b uses Quadrature phase shift keying and 802.11a/g uses BPSK, QPSK, 16-, 64- QAM.
Forward Error Correction
WiMAX uses convolutional code and Reed Solomon code for error correction and the Wi-Fi uses convolutional code.
The WiMAX network was designed for public network applications, so all the data transmitted will be encrypted. The encryption standard used is 168-bit digital encryption standard. In Wi-Fi encryption is optional. Three techniques are used for encryption, they are Wired equivalent privacy( WEP), Wi-Fi protected access(WPA), IEEE802.11/WPA2.
10. Access Protocol
In WiMAX access to the channel is controlled by the base station. Users wishing to transmit first send request to the base station to access a channel. The base station allocates the channel by using transmission grants. Wi-Fi uses media access protocol called carrier sense multiple access with collision avoidance (CSMA/CA protocol)
Mobile WiMAX is a rapidly growing broadband wireless access technology based on IEEE 802.16-2004 and IEEE 802.16e-2005 air-interface standards. Wi-Fi is also mobile but the range is limited
SECURITY ISSUES IN WiMAX
In order to have a better understanding of various security concerns affecting WiMAX it is important to know the WiMAX architecture.
The 802.16 architecture mainly has two layers Medium access control layer and Physical layer.
The medium access control (MAC) layer consists of three sub layers.
Service specific convergence sub layer: maps higher level data services to MAC layer service flow and connections.
Common part sublayer: it deals with the rules and mechanisms for various processes such as bandwidth allocation, system access and also connection management. This layer is incorporated to the security sub layer. The data units for MAC protocols are made in this layer.
Security sub layer: this layer is the last layer of MAC protocol. It deals with addressing the authentication, establishment and exchange of key and encryption and decryption of data which is exchanged between MAC layer and physical layer.
The physical layer deals with providing a mapping between MAC protocol data units and the frames of physical layer which are transmitted and received through encoding and modulation of the radio signals. In WiMAX most of the security issues are handled in MAC security sub layer. The following figure shows the protection methods in its MAC layer.
Security Association Control:
The security includes a set of information parameters shared by the base station (BS) and its client SSs. Each SA has its own security association identifier (SAID), cryptographic suite identifier, traffic encryption keys (TEKs) and initialization vectors.
Public key infrastructure:
The WiMAX uses privacy and key management protocol (PKM) for authenticating an SS to BS, secure management of key, transfer and exchange between mobile stations. The PKM protocol uses X.509 digital certificates, RSA (Rivest-Shamir-Adleman) public-key algorithm and Advanced Encryption Standard algorithm (AES).
WiMAX supports three types of authentication
RSA-based authentication which applies X.509 certificates together with RSA encryption
Extensive Authentication Protocol (EAP) based authentication in which the SS is authenticated by an X.509 certificate or by a SIM, USIM or even by user-name/password.
A RSA-based authentication followed by EAP authentication.
The authorization process follows after user authentication in which SS requests for an (Authorization key) AK and a SAID from BS by sending an Authorization Request message. This message contains SS's X.509 certificate, cryptographic ID and encryption algorithms. The BS communicates with Authentication, Authorization and Accounting (AAA) server to validate the request from the SS, and sends back an Authorization Reply which contains the AK encrypted with the SSâ€™s public key, an SAID and a lifetime key.
Data privacy and integrity:
Advanced Encryption Standard (AES) algorithm is used in WiMAX for encryption. Even though WiMAX has been designed carefully to minimise security concerns it still have vulnerabilities towards attacks. The following section deals with security threats in wimax.
SECURITY ISSUES IN WiMAX AND THEIR SOLUTION
Security issues in WiMAX can be considered over the physical layer and MAC layer.
Threats in physical layer
The main threats in physical layer include jamming attack, scrambling attack, water torture attacks.
In jamming attack the capacity of the channel is reduced considerably by the introduction of a strong noise source. The jamming attack is easy to perform since the resources are easily available.
Solution for jamming attack:
Spread spectrum techniques like frequency spread spectrum (FHSS) and direct sequence spread spectrum (DSS) can be used to prevent jamming attack. These techniques increase the bandwidth and power of signals by spreading. The jammers can be also prevented by various detection tools.
Scrambling attack is similar to jamming attack. Scrambling attack is targeted to specific frames and it is for a short period of time. What the attacker does is that they select specific frames and scramble causing them to be retransmitted thus affecting the normal performance of the network. The attacker can interpret control information in this type of attack.
Solution for scrambling attack:
We can use special tools to detect scrambling and scramblers.
Water torture attacks
In this type of attack the attacker sends a series of fake frames thus consuming the resources and the battery of the SS is drained.
Solution to water torture attack:
Special mechanisms to discard fake frames and save battery life are being implemented.
The WiMAX is also susceptible to attacks like forgery attacks and replay attacks. In forgery attack the attacker can write to a wireless channel. In replay attack the attacker resends the valid frames which the attacker has intercepted during the relaying process. WiMAX has fixed the security flaw to defend such attacks. The above issues are mainly dealing with the physical layer.
Threats in MAC layer
The issues in MAC layer is discussed below.
Threats to MAC management message:
To connect to a mobile WiMAX network, there are several steps like initial Ranging process, SS Basic Capability (SSBC), negotiation, PKM authentication and registration process.
The mechanism is illustrated in the figure.
Security issues in Ranging Request-Response messages:
This message is used to initiate the ranging process. The RNG-REQ message is sent by a SS trying to join a network to offer a request for transmission timing, power, and frequency and burst profile information. The BS Responds to this message by sending a RNG-RSP message to fine-tune the setting of transmission link. The RNG-RSP can be then used to change the uplink and downlink channel of the SS. These messages are highly susceptible to threats. An attacker can intercept the RNG-REQ and change the most preferred burst profile of SS to the least effective burst profile, so the quality of the service can be decreased An attacker can also spoof or modify ranging messages disturb normal network activities. This openness makes the network open to attacks like denial of service attacks. Also during the initiation process, many important physical parameters, performance factors, and security between SS and BS are also considered.
The security schemes offered WiMAX include a message authentication scheme using HMAC/CMAC codes and traffic encryption scheme using AES based on PKMv2, but the problem is that these schemes are applied only to normal data traffic after initial network entry process. So, the parameters exchanged during this initial network entry process are not strongly protected, bringing a possible exposure to attackers to attack.
A solution to this issue can be anticipated by using Diffie-Hellman key agreement. The method uses Diffie-Hellman key agreement scheme for SS and BS to create a shared common key called â€œpre-TEKâ€ separately and set up a undisclosed communication channels in the initial network entry process, by using this the SBC security parameters and PKM security contexts can be exchanged safely.
Masquerading threat is a threat arising from WiMAX authentication scheme. In this attack one system takes the identity of another system. WiMAX supports RSA/X.509 certificate based authentication. The manufacturer can program the certificate in a device. The technique by which this attack is possible is by identity theft and rogue BS attack. In identity theft a device is programmed with the hardware address of another device. The attacker intercepts the management message to steal the address.
In Rogue BS attack a forged BS imitates a legitimate BS. SS believes that it is connected to the legitimate BS and the fake BS will intercept the SSs whole information. However, it is difficult to successfully perform rogue BS of attack in WiMAX which supports mutual authentication by using PKMv2.