WiMAX Network Reference Model
Figure 165 shows the WiMAX network reference model containing links (interfaces or reference points) and functional entities.
The WiMAX network reference model is composed of four logical parts:
- Mobile Stations (MS)—Comprises all user (subscriber) mobile devices, such as cell phones, PDAs, and wireless laptops, and software needed for communication with a wireless telephone network.
- Network Access Provider (NAP)—Provides radio access functionality. Contains the logical representation of the functions of a NAP. Some of the functions included in the NAP are: access service network (ASN), 802.16 interface with network entry and handover, ASN-GW (gateway), base stations (wireless towers), foreign agent (FA), QoS and policy enforcement, and forwarding to a selected CSN. A NAP may have contracts with multiple NSPs.
- Network Service Provider (NSP)—Provides IP connectivity services. Contains the logical representation of the functions of the NSP. Some of the functions included within the NSP are: connectivity service network (CSN), home agent (HA), visited and home AAA servers (VAAA or HAAA), connectivity to the Internet, IP address management, authentication, authorization, and accounting, and mobility and roaming between ASNs. An NSP may have a contract with another NSP and may also have contracts between multiple NAPs.
- Internet—Provides Internet content to a user/subscriber and connectivity to a NSP.
Reference points (for example, R1 or R2) are conceptual links that connect two functional entities. Reference points represent a bundle of protocols between peer entities (similar to an IP network interface). Interoperability is enforced through reference points without dictating how vendors implement the edges of those reference points.
- R1—Represents the interface between the wireless device and the base station.
- R2—Represents the link between the MS (mobile station) and the CSN (connectivity service network). EAP traffic from the mobile station to the AAA server traverses R2 and R3.
- R3—Represents the link between the ASN (access service network) and the CSN. RADIUS traffic between the ASN-GW and the AAA server traverses R3.
- R4—Represents the link between an ASN and another ASN.
- R5—Represents the link between a CSN and another CSN.
- R6—Located within an ASN and represents a link between the BS (base station) and the ASN-GW.
- R7—Located within the ASN-GW and represents internal communication within the gateway.
- R8—Located within an ASN and represents a link between two base stations.
Home Network Communication Flow Example
Figure 166 shows a successful example of a WiMAX home network communication flow.
For initial entry into the network, a mobile station uses a base station to attach itself to the network through the ASN-GW in the access service network (ASN). After the mobile station is attached to the network, the following communication flows occur:
- The ASN-GW acts as the foreign agent and must authenticate the mobile device and its user by using an EAP-specific method (EAP-TTLS, EAP-TLS, or EAP-AKA). The ASN-GW also needs to obtain cryptographic keys. To retrieve the cryptographic keys, it sends a RADIUS Access-Request message to the Steel-Belted Radius Carrier HAAA server in the home CSN (connectivity service network).
- The Steel-Belted Radius Carrier HAAA server receives the Access-Request message from the ASN-GW. Then, the HAAA server sends successful RADIUS Access-Accept and EAP-specific method messages back to the ASN-GW. Additionally, it sends the AAA-session-ID to use for the session (assigning the HA) and the following cryptographic keys: MSK (master session key), MN-HA-MIP4-KEY, and MN-HA-MIP4-SPI. For more details about the EAP methods and cryptographic keys, see EAP Authentication Methods and EAP-Derived Cryptographic Keys375.
- To start the accounting process for the session, the ASN-GW sends an Acct-Start Request message to the HAAA server. The accounting may be IP-session-based or flow-based. For more details about the supported WiMAX accounting methods, see Post-Paid (Offline) Accounting384.
NOTE: Step 3 (Acct-Start Request) and Step 4 (Acct-Start Response) in Figure 166 are meant to show that accounting requests may occur at this stage. The precise ordering of the accounting messages is variable. Step 3 occurs some time after Step 2, and Step 4 must occur sometime after Step 3. However, after Step 2, the ASN-GW can potentially send the Acct-Start Request (Step 3) or may send the MIP4 request (Step 5), or can even send both requests at the same time (Step 3 and Step 5).
- To indicate the type of accounting it will use for the session, the HAAA server sends an Acct-Start Response message back to the ASN-GW to start the accounting session using the cryptographic keys and AAA-session-ID that were sent in the Access-Accept message.
- After the ASN-GW receives the cryptographic keys from the HAAA server, it must send a separate mobile IP registration (MIP4) request message to the HA in the home CSN (connectivity service network).
- The HA performs an authentication check by sending the HAAA server an Access-Request message requesting its cryptographic keys for the mobile IP session. The Access-Request message contains the HA's cryptographic keys (MN-HA-MIP4-SPI and HA-RK-SPI)
. - The HAAA server responds to the Access-Request message by sending the HA an Access-Accept message containing its cryptographic keys: MN-HA-MIP4-KEY, MN-HA-MIP4-SPI, HA-RK-KEY, HA-RK-SPI, and HA-RK-Lifetime. For more details about these cryptographic keys, see EAP Authentication Methods and EAP-Derived Cryptographic Keys375.
- After receiving the cryptographic keys from the HAAA server, the HA sends the ASN-GW a MIP4 registration response message creating a mobile IP binding used to set up a router path/connection to the Internet.
For this example, the router path/connection for the user/subscriber on a wireless laptop, cell phone, or PDA is now secure and complete. The connection follows this path: mobile station -> base station -> ASN-GW -> HA -> Internet.
