Professional Documents
Culture Documents
WMF T33 103 R015v02 - OTA General 1
Uploaded by
Levin L. BongOriginal Title
Copyright
Available Formats
Share this document
Did you find this document useful?
Is this content inappropriate?
Report this DocumentCopyright:
Available Formats
WMF T33 103 R015v02 - OTA General 1
Uploaded by
Levin L. BongCopyright:
Available Formats
WiMAX Forum Network Architecture
Architecture, detailed Protocols and Procedures WiMAX Over-The-Air General Provisioning System Specification WMF-T33-103-R015v02 WiMAX Forum Approved (2009-11-21)
WiMAX Forum Proprietary
Copyright 2007-2009 WiMAX Forum. All Rights Reserved.
WiMAXFORUMPROPRIETARYANDCONFIDENTIALSUBJECTTOCHANGEWITHOUTNOTICE
WiMAXForumNetworkArchitecture OTAGeneral 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 CopyrightNotice,UseRestrictions,Disclaimer,andLimitationofLiability
WMFT33103R015v02
Copyright20072009WiMAXForum.Allrightsreserved. TheWiMAXForumownsthecopyrightinthisdocumentandreservesallrightsherein.Thisdocumentisavailablefor downloadfromtheWiMAXForumandmaybeduplicatedforinternaluse,providedthatallcopiescontainallproprietarynotices anddisclaimersincludedherein.Exceptfortheforegoing,thisdocumentmaynotbeduplicated,inwholeorinpart,or distributedwithouttheexpresswrittenauthorizationoftheWiMAXForum. Useofthisdocumentissubjecttothedisclaimersandlimitationsdescribedbelow.Useofthisdocumentconstitutesacceptance ofthefollowingtermsandconditions: THISDOCUMENTISPROVIDEDASISANDWITHOUTWARRANTYOFANYKIND.TOTHEGREATEST EXTENTPERMITTEDBYLAW,THEWiMAXFORUMDISCLAIMSALLEXPRESS,IMPLIEDAND STATUTORYWARRANTIES,INCLUDING,WITHOUTLIMITATION,THEIMPLIEDWARRANTIESOFTITLE, NONINFRINGEMENT,MERCHANTABILITYANDFITNESSFORAPARTICULARPURPOSE.THEWiMAX FORUMDOESNOTWARRANTTHATTHISDOCUMENTISCOMPLETEORWITHOUTERRORAND DISCLAIMSANYWARRANTIESTOTHECONTRARY. Anyproductsorservicesprovidedusingtechnologydescribedinorimplementedinconnectionwiththisdocumentmaybe subjecttovariousregulatorycontrolsunderthelawsandregulationsofvariousgovernmentsworldwide.Theuserissolely responsibleforthecomplianceofitsproductsand/orserviceswithanysuchlawsandregulationsandforobtaininganyandall requiredauthorizations,permits,orlicensesforitsproductsand/orservicesasaresultofsuchregulationswithintheapplicable jurisdiction. NOTHINGINTHISDOCUMENTCREATESANYWARRANTIESWHATSOEVERREGARDINGTHE APPLICABILITYORNONAPPLICABILITYOFANYSUCHLAWSORREGULATIONSORTHESUITABILITY ORNONSUITABILITYOFANYSUCHPRODUCTORSERVICEFORUSEINANYJURISDICTION. NOTHINGINTHISDOCUMENTCREATESANYWARRANTIESWHATSOEVERREGARDINGTHE SUITABILITYORNONSUITABILITYOFAPRODUCTORASERVICEFORCERTIFICATIONUNDERANY CERTIFICATIONPROGRAMOFTHEWiMAXFORUMORANYTHIRDPARTY. TheWiMAXForumhasnotinvestigatedormadeanindependentdeterminationregardingtitleornoninfringementofany technologiesthatmaybeincorporated,describedorreferencedinthisdocument.Useofthisdocumentorimplementationofany technologiesdescribedorreferencedhereinmaythereforeinfringeundisclosedthirdpartypatentrightsorotherintellectual propertyrights.Theuserissolelyresponsibleformakingallassessmentsrelatingtotitleandnoninfringementofanytechnology, standard,orspecificationreferencedinthisdocumentandforobtainingappropriateauthorizationtousesuchtechnologies, technologies,standards,andspecifications,includingthroughthepaymentofanyrequiredlicensefees. NOTHINGINTHISDOCUMENTCREATESANYWARRANTIESOFTITLEORNONINFRINGEMENTWITH RESPECTTOANYTECHNOLOGIES,STANDARDSORSPECIFICATIONSREFERENCEDORINCORPORATED INTOTHISDOCUMENT. INNOEVENTSHALLTHEWiMAXFORUMORANYMEMBERBELIABLETOTHEUSERORTOATHIRD PARTYFORANYCLAIMARISINGFROMORRELATINGTOTHEUSEOFTHISDOCUMENT,INCLUDING, WITHOUTLIMITATION,ACLAIMTHATSUCHUSEINFRINGESATHIRDPARTYSINTELLECTUAL PROPERTYRIGHTSORTHATITFAILSTOCOMPLYWITHAPPLICABLELAWSORREGULATIONS.BY USEOFTHISDOCUMENT,THEUSERWAIVESANYSUCHCLAIMAGAINSTTHEWiMAXFORUMANDITS MEMBERSRELATINGTOTHEUSEOFTHISDOCUMENT. TheWiMAXForumreservestherighttomodifyoramendthisdocumentwithoutnoticeandinitssolediscretion.Theuseris solelyresponsiblefordeterminingwhetherthisdocumenthasbeensupersededbyalaterversionoradifferentdocument.
WiMAX,MobileWiMAX,FixedWiMAX,WiMAXForum,WiMAXCertified,WiMAXForum Certified,theWiMAXForumlogoandtheWiMAXForumCertifiedlogoaretrademarksoftheWiMAXForum. Thirdpartytrademarkscontainedinthisdocumentarethepropertyoftheirrespectiveowners.
Pagei WiMAXFORUMPROPRIETARYANDCONFIDENTIALSUBJECTTOCHANGEWITHOUTNOTICE
WiMAXForumNetworkArchitecture OTAGeneral
WMFT33103R015v02
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34
TABLE OF CONTENTS
1 2 3 RevisionHistory............................................................................................................................................ 1 DocumentScope ........................................................................................................................................... . 2 AbbreviationsandDefinitions....................................................................................................................... 3 3.1 Abbreviations.........................................................................................................................................3 3.2 Terms&Definitions...............................................................................................................................5 3.3 Conventions............................................................................................................................................7 4 References..................................................................................................................................................... 8 5 UseCases....................................................................................................................................................... 9 6 OTAProvisioningNetworkReferenceModel............................................................................................ 1 1 6.1 Functionaldescription.........................................................................................................................11 6.1.1 Provisioning Server.......................................................................................................................... 11 6.1.2 Provisioning Client .......................................................................................................................... 11 6.2 BootstrapMessageFormatandEncoding...........................................................................................12 7 WiMAXGeneralOvertheAirProvisioningandActivationOverview..................................................... 3 1 7.1 Overview...............................................................................................................................................13 8 WiMAXInitialBootstrapProcedureOverview.......................................................................................... 7 1 9 Requirements............................................................................................................................................... 8 1 9.1 GeneralRequirements..........................................................................................................................18 9.1.1 Model B (Retail Model) WiMAX Devices and Their Management ................................................ 18 9.2 DeviceRequirements............................................................................................................................18 9.3 ProvisioningServerRequirements.......................................................................................................19 9.4 ASNGWRequirements........................................................................................................................19 9.5 AAARequirements...............................................................................................................................19 . 9.6 HotlineFeatureRequirements.............................................................................................................20 9.7 WIBProcedureRequirements..............................................................................................................21 9.7.1 Bootstrap Message Encoding ........................................................................................................... 22 10 SecurityConsiderations............................................................................................................................... 4 2 10.1 WiMAXBootstrapSecurity...................................................................................................................24 10.1.1 Bootstrap Encryption Key................................................................................................................ 24 10.1.2 Bootstrap Information Protection..................................................................................................... 25 A PP E N D I X A . SE R V I C E M O D ES .................................................................................................................... 26
Pageii WiMAXFORUMPROPRIETARYANDCONFIDENTIALSUBJECTTOCHANGEWITHOUTNOTICE
WiMAXForumNetworkArchitecture OTAGeneral
WMFT33103R015v02
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
LIST OF FIGURES
FIGURE1:PROVISIONING&ACTIVATIONARCHITECTUREOVERVIEW.................................................. 1 1 FIGURE2:PROVISIONING&ACTIVATIONPHASES........................................................................................ 4 1 FIGURE3:WIBPROCEDURE................................................................................................................................. 7 1
LIST OF TABLES
TABLE1MODELBDEVICEDMREQUIREMENT............................................................................................ 8 1 TABLE2VALUESOFPROTOCOL..................................................................................................................... 1 2 TABLE3BOOTSTRAPMESSAGEENCODING................................................................................................. 2 2 TABLE4ENCODINGOFNONCETLV ............................................................................................................... 3 . 2 TABLE5ENCODINGOFCIPHERTEXTTLV..................................................................................................... 3 2 TABLE6NONCECONSTRUCTION(13OCTETS)............................................................................................ 5 2 TABLE7INITIALCCMBLOCKB0..................................................................................................................... 5 2 TABLE8COUNTERBLOCKCTRJ...................................................................................................................... 5 2 TABLE9SERVICEMODEAVPSFORWIMAXDECORATION .................................................................... 6 . 2
Pageiii WiMAXFORUMPROPRIETARYANDCONFIDENTIALSUBJECTTOCHANGEWITHOUTNOTICE
WiMAXForumNetworkArchitecture OTAGeneral
WMFT33103R015v02
1
Date
Revision History
Revision V01 V02 Description InitialversionofRelease1.5. ImplementationofCRs1003and1006.
March26, 2008 November 6,2009 2
Page1 WiMAXFORUMPROPRIETARYANDCONFIDENTIALSUBJECTTOCHANGEWITHOUTNOTICE
WiMAXForumNetworkArchitecture OTAGeneral
WMFT33103R015v02
1 2 3 4 5 6
Document Scope
ManydifferentdevicetypeswillbeenabledbyWiMAXtechnologies,suchasnotebooks,ultramobiledevices (UMD),handsets,andconsumerelectronics.AWiMAXserviceproviderwouldrequireadynamicovertheair provisioningsolutiontoconfigureactivate,enablesubscriptionfor,andmanagethesedevicetypes. This document specifies Stage 2 and Stage 3 for general overtheair provision and activation procedures in WiMAX.
Page2 WiMAXFORUMPROPRIETARYANDCONFIDENTIALSUBJECTTOCHANGEWITHOUTNOTICE
WiMAXForumNetworkArchitecture OTAGeneral
WMFT33103R015v02
1 2 3
3 3.1
AAA ACL AES ASN
Abbreviations and Definitions
Abbreviations
Authentication,AuthorizationandAccounting AccessControlList AdvancedEncryptionStandard AccessServiceNetwork ASNGateway AnalogTerminalAdapter BootstrapEncryptionKey BaseStation BandWidth ContractualAgreementPreferenceList CertificateAuthority CounterwithCipherBlockChaining ConsumerElectronics ClientMobileIP CustomerPremisesEquipment CertificateRevocationList CustomerServiceCenter ConnectivityServiceNetwork Database DeviceDescriptionFramework DynamicHostConfigurationProtocol DeviceManagement DomainNameSystem DeepPacketInspection DocumentTypeDefinition ExtensibleAuthenticationProtocol EAPTransportLayerSecurity EAPTunneledTransportLayerSecurity ExtendedMasterSessionKey FastFourierTransform FirmwareUpdateManagementObject GlobalUniqueIdentifier
ASNGW ATA BEK BS BW CAPL CA CCM CE CMIP CPE CRL CSC CSN DB DDF DHCP DM DNS DPI DTD EAP EAPTLS EAPTTLS EMSK FFT FUMO GUID
Page3 WiMAXFORUMPROPRIETARYANDCONFIDENTIALSUBJECTTOCHANGEWITHOUTNOTICE
WiMAXForumNetworkArchitecture OTAGeneral GW HAAA HA HTTP HNSP HNSPID IMSI IP IPv4 IPv6 ISF LDAP LSB MAC MIP MO MS MSB MSID NAI NAP NAPID NAPMO NAT ND&S NSP NSPID NWG OAM&P OMADM OTA PC PKI PMP PMIP POA Gateway HomeAuthentication,AuthorizationandAccounting HomeAgent HypertextTransferProtocol(HTTP) HomeNetworkServiceProvider HomeNetworkServiceProvideIdentifier InternationalMobileSubscriberIdentity InternetProtocol InternetProtocolVersion4 InternetProtocolVersion6 InitialServiceFlow LightweightDirectoryAccessProtocol LeastSignificantBit/Byte MessageAuthenticationCode MediumAccessControl MobileIP ManagementObject MobileStation(alsoreferredtoasdeviceinthisdocument) MostSignificantBit/Byte MobileStationIdentifier NetworkAccessIdentifier NetworkAccessProvider NetworkAccessProviderIdentifier NetworkAccessPointManagementObject NetworkAddressTranslation NetworkDiscovery&Selection NetworkServiceProvider NetworkServiceProviderIdentifier NetworkWorkingGroup Operation,Administration,Maintenance,andProvisioning OpenMobileAllianceDeviceManagement OverTheAir PersonalComputer PublicKeyInfrastructure PortableMediaPlayer ProxyMobileIP PointofActivation
WMFT33103R015v02
Page4 WiMAXFORUMPROPRIETARYANDCONFIDENTIALSUBJECTTOCHANGEWITHOUTNOTICE
WiMAXForumNetworkArchitecture OTAGeneral POM POS RADIUS RAPL RDF SKU SPI STB TLV UDP UMD URI URL VNSP VNSPID WIB WiMAX XML 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 PointofManufacturing PointofSale RemoteAuthenticationDialInUserService RoamingAgreementPreferenceList ResourceDescriptionFramework StockKeepingUnit SecurityParameterIndex SetTopBox TypeLengthValue UserDatagramProtocol UltraMobileDevice UniformResourceIdentifier UniformResourceLocator VisitedNetworkServiceProvider VisitednNetworkServiceProviderIdentifier WiMAXInitialBootstrap WorldwideInteroperabilityforMicrowaveAccess ExtensibleMarkupLanguage
WMFT33103R015v02
3.2
Terms & Definitions
Thefollowingterms&definitionsareapplicabletoboththeOMADM[OTAOMADM]andTR069[OTATR069] basedWiMAXOTAProvisioning&ActivationSpecifications. ActivationProvisioning:Theprocesswhereadevicethatisnotprovisionedforauseraccountcurrentlyassociated withanactive subscriptionwitha serviceproviderisupdatedwithdata,parameters,and/orapplications,typically forthefirsttime,associatingthedevicewithaaccount(payingcustomer)andsupplyingservicetothedevice. Activation/ProvisioningPoints: o o o POMPointofmanufacturingwhereatleastinitialinformationMUSTbeprovisioned. POSPointofsalewhereactivationandprovisioninginformationMAYbeadded(dependsifthe POSiscooperatingwiththeoperatorornot). POAPointofactivationwhereallneededinformationisprovisionedandDeviceLockMAY beactivated(insomescenariosthePOSisthePOAandinotherPOAisOTA).
Bootstrap:Aproceduretotransferinformationofdevicemanagementservere.g.theaddressofdevicemanagement server,usernameandpasswordtothedevicetoenablethedevicetoconnecttothedevicemanagementserverand establishasessionwithit. Certificate:Adigitallysignedstatementthatcontainsinformationaboutanentityandtheentity'spublickey,thus bindingthesetwopiecesofinformationtogether.ACertificateisissuedbyatrustedorganization(orentity)calleda CertificationAuthority(CA)aftertheCAhasverifiedthattheentityiswhoitsaysitis.Certificatescancontain differenttypesofdata.Forexample,anX.509CertificateincludestheformatoftheCertificate,theserialnumberof theCertificate,thealgorithmusedtosigntheCertificate,thenameoftheCAthatissuedtheCertificate,thename andpublickeyoftheentityrequestingtheCertificate,andtheCA'ssignature.
Page5 WiMAXFORUMPROPRIETARYANDCONFIDENTIALSUBJECTTOCHANGEWITHOUTNOTICE
WiMAXForumNetworkArchitecture OTAGeneral 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44
WMFT33103R015v02
CertificateAuthority(CA):AnentityentrustedtoissueCertificatesthatassertthattherecipientindividual, computer,ororganizationrequestingtheCertificatefulfillstheconditionsofanestablishedpolicy. CertificateRevocationList(CRL):AdocumentmaintainedandpublishedbyaCAthatlistsCertificatesissuedby theCAthatarenolongervalid. ChannelPlan:AChannelPlanisusedbythedevicetospeedupNAPdiscoverprocess.Itcontainsphysical informationsuchaschannelbandwidth,centerfrequency,andPHYprofile. ContinuousProvisioning:Theprocesswhereadevicethatisalreadyprovisionedwithauseraccountassociated withanactivesubscriptionwithaserviceproviderisupdatedwithnewdata,parameters,and/orapplicationsthat MAYreplacepreexistingvaluesorversions.TheContinuousProvisioningprocessisbasedonthedefinitionin [DMRD]andincludestheconfigurationmaintenance/managementusecasedescribedinthesamespecification. ContractualAgreementPreferenceList(CAPL):AlistconsistingofNetworkAccessProviderspreferredtobe connectedtothehomenetworkdirectly CustomerServiceCenter(CSC):Anentityinawirelesscarriersnetworkthatreceivesservicerequestsfromthe endusersandactsonsuchrequests. DeviceLock:BlockingtheWiMAXhostdevicefromgettingactivatedonnewoperatorsandenforcingthedevice toworkonlywiththeoperator,whichislocked,asaHNSP. DeviceManagement(DM):Processofremotelymanagingdevicesettingsandapplications.DMprovidesa mechanismfortheuserstoeasilysubscribetonewservicesandmakechangestotheirexistingservices.Forthe operatorsthisenablesafastandeasywaytointroducenewservicesandmanageprovisionedservices,by dynamicallyadjustingtochangesandensuringacertainlevelofqualityofservice. DeviceManagementSystem purposeofDeviceManagement. Abackgroundsystemcapabletointeractwitha(setof)Device(s)forthe
DeviceProfile:Settingsthatestablishtheconfigurationofaparticulardevice,includingnetworksettings, applications,etc. DeviceUnlock:ProcessofallowingthedevicetogetactivatedonotherServiceProvidersnetworks. HostDevice:ReferstoastandalonedeviceorasubmoduleinwhichWiMAXmodem(chipset)isembedded.This isthedevicethatistobemanagedasthisspecificationdefines,associatedwithMACID,andSHOULDappearin DevInfoandDevDetailMOs.Examplesofhostdeviceare:1)RemovableModem(e.g.,PCCard,USBModem, etc.)withembeddedWiMAXchipset2)WiMAXsubmodulephysicallyattachedtoaWiMAXCPEGateway3) WiMAXsubmoduletemporarilyorpermanentlybuiltintoalaptop4)WiMAXenabledconsumerelectronics(e.g., DigitalCamera,PMP,etc.)thathastheembeddedWiMAXchipset. ManagementObject:Adatamodelforinformation,e.g.,aconfigurationparameter,animage,orafile,whichisa logicalpartoftheinterfacesexposedbyDMcomponentsandmanagedthroughtheuseofOAM&P. ModelA:Operator/serviceprovidersubsidizeddevice,similartothecurrentcellular,cablemodem,orDSL servicesprovisioningmodels.DifferentSKUprovidedforeachdeviceatPOMtoconnecttooneWiMAXnetwork orgroupofWiMAXnetworks.ModelAMaysupportselfsubscriptionOTAorviaawebportal. ModelB:GenericSKUretaildevices.SHALLsupportovertheairselfsubscriptionandprovisioning. ModelB1:Nonoperator/serviceprovidersubsidizeddevice. ModelB2:Operator/serviceprovidersubsidizeddevice.Devicecontainsoperator/serviceproviderspecific configuration. MultimodeDevice:Devicesupportingtwoormorewirelessaccesstechnologies. NAPBasedChannelPlan:AChannelPlanwhichisasubsetofRootChannelPlanandisassociatedwithaNAP. OMADM:ReferstothesetofspecificationsdevelopedbyOpenMobileAllianceforDM. PriorConnectInfo:Specifiedin[NWGSTG3].
Page6 WiMAXFORUMPROPRIETARYANDCONFIDENTIALSUBJECTTOCHANGEWITHOUTNOTICE
WiMAXForumNetworkArchitecture OTAGeneral 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44
WMFT33103R015v02
Provisioning:Populatingthedeviceandthenetworkmanagementwithdataandsoftwareneededfortheoperation ontheoperatornetworkandforimprovingtheuserexperience(valueaddedservicesandapplications).Provisioned informationSHOULDbedividedinto3groups: o o o Informationthatcanbeprovisionedonlyduringactivation. Informationthatcanbeprovisionedduringnormaloperationbutonlywhenconnectedtohomeoperator. Informationthatcanbeprovisionedduringnormaloperationbyanyoperator.
ProvisioningServer:Referstoaserverthatcommunicateswiththedeviceusingtheprovisioningprotocolinthe provisioningprocess. RoamingAgreementPreferenceList(RAPL):AlistdeliveredtothedeviceconsistingofNetworkService Providerspreferredtobeconnectedtowhenroaming. RootChannelPlan:AChannelPlanwhichcontainsallChannelPlanEntries. SmartCard:Asmartcard(orchipcard,orintegratedcircuitcard)isaminiaturizedelectroniccardwithembedded integratedcircuitswhichcanprocessinformation.Thisimpliesthatitcanreceiveinputfromtrustedsourceand processtheinformationinastandardizedmanneranddeliverprocessedinformationasanoutputtotrustedentitiesit interactswith.Therearetwobroadcategoriesofsmartcards.Thefirstcategoryismemorycards(orflashmemory card)usedinhandhelddevices,digitalcameras,laptops,etc.,containingonlynonvolatilememorystorage components,andperhapssomespecificsecuritylogic.Thesecondcategoryismicroprocessorcardsthatcontain volatilememoryandmicroprocessorcomponents. ServiceCredential:Credentialusedtoallowtheusertoaccessthecarrierservices. TerminalEquipment:Referstothedeviceinwhichhostdeviceistemporarily(throughPCcardslot,USBport etc.)orpermanently(forexample,embeddedlaptop)insertedtogetWiMAXconnectivity.Examplesofterminal equipmentare:1)PCwhichhasaPCcardslotforperipheraldevices,andPCCard(hostdevice)isinsertedinPCto getWiMAXconnectivity2)WiMAXCPEGatewaywhichhasaWiMAXsubmodule3)Embeddedlaptopwhich hasWiMAXsubmodulepermanentlybuiltin4)ConsumerelectronicsthathasaWiMAXsubmodule. UserProfile:TheUserProfileisacollectionofcomponents(personaldata,preferences/policiesonservices, networksanddevices,etc.)thatindicatethepreferencesandcurrentconfigurationofauser'saccount.Userprofiles enableseveraluserstousethesamedevicewiththeirownsetup.TheUserProfileistightlycoupledwiththeusers identityandviceversa. WiMAXRadioModule:ReferstoWiMAXradiochipsetandsubsystempresentinthehostdeviceandthatenables WiMAXradioconnectivityforthehostdevice. WiMAXCPEGateway:NetworkequipmentthroughwhichasubscribercanconnectoneormorePCs,laptops,or othernetworkeddevices(e.g.,STB)viaoneormoreLANports(e.g.,Ethernet,GigabitEthernetWiFi,Cable Connection).TheWiMAXCPEGatewayprovidesservices,suchasvoiceandmultimediacontentviaaWiMAX Network.ItMAYincludeananalogtelephoneadapter(ATA),andcansupportconnectivitytoananalogue telephoneoranexternalanalogTerminalAdapter.AWiMAXCPEGatewayconformstotheNWGmobility specification[NWGSTG3],andIEEE802.16e2005.AWiMAXCPEGatewayMAYalsofunctionasalayer2 bridgeorlayer3router.ItMAYsupportotherIPstackfunctionslikeNAT(P/T)DNS/DHCPsecurepassthrough, NATTraversal,firewalling,parentalcontrol/DPI,securityfeatures,OAMfeatures,and/ornetworkdiagnostics agents. X.509:DigitalCertificateDefinitionX.509[RFC3280]
3.3
Conventions
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119].
Page7 WiMAXFORUMPROPRIETARYANDCONFIDENTIALSUBJECTTOCHANGEWITHOUTNOTICE
WiMAXForumNetworkArchitecture OTAGeneral
WMFT33103R015v02
References
OMADeviceManagementRequirementsDocument,Version1.2.OpenMobileAlliance. OMARDDMV1_2.URL:http://www.openmobilealliance.org "EnablerReleaseDefinitionforOMADeviceManagement,v1.2,"OpenMobileAlliance, OMAERELDDMV1_2,URL:http://www.openmobilealliance.org. DSL Forum TR-069, CPE WAN Management Protocol, May 2004, and Amendment 1, November 2006 URL: http://www.dslforum.org NISTSpecialPublication80038CRecommendationforBlockCipherModesofOperation: TheCCMModeforAuthenticationandConfidentiality,May2004 WiMAXForum,T33001R015v01,DetailedProtocolsandProcedures,Base Specification",Release1.5 WiMAXForumT33104R015v04,"Architecture,detailedProtocolsandProcedures, WiMAXOverTheAirProvisioning&ActivationProtocolbasedonOMADM Specifications",Release1.5 WiMAXForumT33105R015v01,"Architecture,detailedProtocolsandProcedures,Over TheAirProvisioning&ActivationProtocolbasedonTR069Specification",Release1.5 KeywordsforuseinRFCstoIndicateRequirementLevels,S.Bradner,March1997, http://www.ietf.org/rfc/rfc2119.txt TheTLSProtocolVersion1.0,T.Dierks,C.Allen,January1999, http://www.ietf.org/rfc/rfc2246.txt HypertextTransferProtocolHTTP/1.1,R.Fieldingetal,June1999, http://www.ietf.org/rfc/rfc2616.txt HTTPOverTLS,E.Rescorla,May2000, http://www.ietf.org/rfc/rfc2818.txt "ADNSRRforspecifyingthelocationofservices(DNSSRV)",A.Gulbrandsen,P.Vixie, L.Esibov,February2000, http://www.ietf.org/rfc/rfc2782.txt AdvancedEncryptionStandard(AES)CiphersuitesforTransportLayerSecurity(TLS),P. Chown,June2002,http://www.ietf.org/rfc/rfc3268.txt InternetX.509PublicKeyInfrastructureCertificateandCertificateRevocationList(CRL) Profile,R.Housleyet.al.,April2002,http://www.ietf.org/rfc/rfc3280.txt?number=3280 TheNetworkAccessIdentifier,B.Aboba,M.Beadles,J.Arkko,P.Eronen,December 2005,http://www.ietf.org/rfc/rfc4282.txt
[DMRD] [DMERELD] [DSLTR069] [NIST80038C] [NWGSTG3] [OTAOMADM]
[OTATR069] [RFC2119] [RFC2246] [RFC2616] [RFC2618] [RFC2782]
[RFC3268] [RFC3280] [RFC4282]
Page8 WiMAXFORUMPROPRIETARYANDCONFIDENTIALSUBJECTTOCHANGEWITHOUTNOTICE
WiMAXForumNetworkArchitecture OTAGeneral
WMFT33103R015v02
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46
Use Cases
TheusecasesforOTAactivationprovisioningofgenericSKUretailModelB1devicesare: Note:SmartCardsupportsisoutofscopeofthisspecification. 1) Outofbandsubscriptionestablishment:Userestablishesatemporary,newpermanent,orpreviously cancelled/expiredsubscriptionwithaserviceproviderwithouttheuseofanetworkconnectionfromthe devicetobeprovisioned(e.g.,receivingupdatedconfiguration,networkIDlistsandauthentication information,asrequired,viaasecurewebportal).Thentoactivatethedevice,eithertheserviceprovider triggersanetworkinitiatedprovisioningsessionorthedevicetriggersaclientinitiatedprovisioningsession whenthedeviceattachestothenetwork. 2) Inbandsubscriptionestablishment:Userestablishesatemporary,newpermanent,orpreviously cancelled/expiredsubscriptionwithaserviceproviderthroughtheuseofanetworkconnectionfromthe devicetobeprovisionedwhichtheneithertriggersanetworkinitiatedprovisioningsessionorthedevice triggersaclientinitiatedprovisioningsessionwhilethedeviceisattachedtothenetwork. 3) Thesubscribedusereitheradds(temporarilyorpermanently)anewdevicetotheactiveusersubscription accountormodifiestheusersubscriptiontoreplaceanactivelysubscribeddevicewithadifferentdevice, eitherthroughinbandoroutofbandsubscriptionestablishmentmethods.Afterwhich,thenewly subscribeddeviceisactivatedthroughtheuseofanetworkinitiatedorclientinitiatedprovisioningsession whilethenewlysubscribeddeviceisattachedtothenetwork. TheusecasesforOTAactivationprovisioningofpartiallyprovisionedServiceProvidersubsidizedModelAandB2 typedevicesare: 4) ThedevicehasbeenpartiallyprovisionedwithdataspecifictoagivenserviceproviderXbeforeitis acquiredbytheuser.ThedevicecanonlybeprovisionedforservicewithserviceproviderX.OTA provisioningcompletestheconfigurationofthedevice. a. b. c. Usersubscriptionisperformedoutofbandanddeviceisactivatedovertheairinservice providersXnetworkasincase1. UsersubscriptionisperformedinbandinserviceprovidersXnetworkanddeviceisactivated overtheairinserviceprovidersXnetworkasinusecase2. UsersubscriptionwithserviceproviderXalreadyexists.Usersubscriptionismodifiedinbandor outofband.Thesubscribedusereitheradds(temporarilyorpermanently)anewdevicetothe activeusersubscriptionaccountormodifiestheusersubscriptiontoreplaceanactivelysubscribed deviceasinusecase3.
TheusecasesforOTAcontinuousprovisioningforModelAandModelBtypedevicesare: 5) Whenthedeviceisattachedtothenetwork,theserviceprovidertriggersanetworkinitiatedupdatetothe configurationinformationstoredinthedevice(e.g.,usersubscriptiondata,ND&Sconfiguration information,changethedevicelock/unlockstate,etc.)whentheserviceproviderdeterminesitisneededto updateorchangethebehaviorofthedevice. 6) Whenthedeviceisattachedtothenetwork,theuserorsupportpersonneltriggersaclientinitiatedupdate totheconfigurationinformationstoredinthedevice(e.g.,usersubscriptiondata,ND&Sconfiguration information,changethedevicelock/unlockstate,etc.)whenitisdeterminedthatimprovementsinthe devicebehaviorareneeded. TheusecasesforOTAreprovisioningforModelAandModelBtypedevicesare: 7) Asubscribedandactivateddeviceisattachedtothenetwork,thedeviceusesthedeviceauthenticationand theinitialprovisioningandactivationdecorationsincethedevicewishestobefullyreprovisionedbythe server.Thenetworkperformsfullinitialprovisioningandactivationflowwiththedeviceasitisaninitial activationwithOutOfband(OOB)subscription. TheusecaseforOTAdeferredprovisioningforModelBtypedeviceis:
Page9 WiMAXFORUMPROPRIETARYANDCONFIDENTIALSUBJECTTOCHANGEWITHOUTNOTICE
WiMAXForumNetworkArchitecture OTAGeneral 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
WMFT33103R015v02
8) Userestablishesasubscriptionwithaserviceprovider.Thesubscriptionisobtainedoutofbandorinband. Aftersubscription,thedeviceisconsideredactivatedbytheNWbuttheNWdoesnothavetheabilityto initiallyprovisiontheMSwithanyparameterhencethedeviceisnotawareoftheactivation.However,the nonactivatedawaredeviceisstillcapableofcompletingnetworkentryasanunprovisioneddeviceand receivesomelevelofservice.Atalaterdate,oncethenetworkdeploysaDMserveritcanperforminitial provisioningofthedeviceduringthenextnetworkentry. TheusecasesforOTAactivationprovisioningbasedonsmartcardare: 1) Asmartcardisinsertedintothedeviceforthefirsttime.Thesmartcardcontainsinformationthatprovides contactinformationfortheprovisioningserverintheServiceProvidernetworkaswellasasetofshared secretswiththeprovisioningservertodefineatrustrelationship.Thesmartcardallowsthedeviceto connecttoacorrectnetworkandgetprovisioned.Itcanbeusedbyalldevicetypemodels(AandB). 2) Asmartcardisinsertedintoauseddevicethatmightcontainerroneousprovisioningparametersfroma previousconfiguration.Thedevicewillusetheinformationinthesmartcardtoobtainapropersetof parametersandthengetsprovisionedusingtheseparameters.
Page10 WiMAXFORUMPROPRIETARYANDCONFIDENTIALSUBJECTTOCHANGEWITHOUTNOTICE
WiMAXForumNetworkArchitecture OTAGeneral
WMFT33103R015v02
1 2
OTA Provisioning Network Reference Model
TheOTAProvisioningarchitectureisbasedonWiMAXRelease1NetworkReferenceModel.
3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 Figure 1: Provisioning & Activation Architecture Overview
6.1
6.1.1
Functional description
Provisioning Server
Theprovisioningserverisamanagementauthoritythathastherighttoperformaspecificdevicemanagement functiononadeviceortomanipulateagivendataelementorparameter. FornetworksthatsupportOMADMbasedactivationandprovisioning,theprovisioningserverSHALLsupportthe WiMAXOTAProvisioning&ActivationbasedonOMADM[OTAOMADM]. FornetworksthatsupportDSLTR069basedactivationandprovisioning,theprovisioningserverSHALLsupport theWiMAXOTAProvisioning&ActivationbasedonTR069protocol,asspecifiedin[OTATR069]. 6.1.2 Provisioning Client
TheprovisioningclientisanagentinthedevicethatisanextensionoftheprovisioningprotocoltosupportWiMAX requirementsasspecifiedinthisdocument. FordevicesthatsupportOMADMbasedactivationandprovisioning,theprovisioningclientSHALLsupportthe WiMAXOTAProvisioning&ActivationbasedonOMADM,asspecifiedin[OTAOMADM]. FordevicesthatsupportDSLTR069basedactivationandprovisioning,theprovisioningclientSHALLsupportthe WiMAXOTAProvisioning&ActivationbasedonTR069,asspecifiedin[OTATR069].
Page11 WiMAXFORUMPROPRIETARYANDCONFIDENTIALSUBJECTTOCHANGEWITHOUTNOTICE
WiMAXForumNetworkArchitecture OTAGeneral
WMFT33103R015v02
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20
6.2
Bootstrap Message Format and Encoding
TheOMADMBootstrapspecification[DMBOOT]definestwoformatsfortheinnercontentofthebootstrap message,calledbootstrapprofiles. OMAClientProvisioningThisprofilespecifiesalignmentoftwoexistingenablersOMAClient Provisioning[ERELDCP]andOMADeviceManagement[ERELDDM].Theprofiledefineshowthe informationprovisionedusingOMAClientProvisioningcanbetransferredtothemanagementtree specifiedintheOMADeviceManagement. OMADeviceManagementThisprofiledefineshowtheOMADeviceManagement[ERELDDM]can beusedforbootstrapping. WiMAXdevicesMUSTsupporttheOMADeviceManagementprofileforthebootstrapmessage.Thismeansthe UDPpayloadofthebootstrapmessageMUSTbeformattedinaccordancewith[ERELDDM],andthenencryptedas describedin[OTAGEN]SecurityConsiderationsection. SupportforOMAClientProvisioningoverWiMAXisnotprohibited,butisnotrecommendedeither. TheencryptedbootstrapmessageandthenoncevalueSHALLbetransmittedtotheclientinaTLVencoded messageasdescribedintheBootstrapMessageEncodingsectionoftheOTAGeneralSpecification[OTAGEN].
Page12 WiMAXFORUMPROPRIETARYANDCONFIDENTIALSUBJECTTOCHANGEWITHOUTNOTICE
WiMAXForumNetworkArchitecture OTAGeneral
WMFT33103R015v02
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27
7 7.1
WiMAX General Over-the-Air Provisioning and Activation Overview
Overview
TheFigure2illustratestheoverviewoftheactivation&provisioningprocedure.Thisprocedureconsistsof followingthreephases: 1) PreProvisioning. 2) SubscriptionandProvisioning. 3) PostProvisioning. TheFigure2coversthefollowingusecases: 1) Userhasestablishedbusinessrelationship(existingsubscription)withserviceprovider.Provisioninganun provisioneddevicewhenthedeviceisattachedtothenetwork. 2) Userestablishesbusinessrelationshipwithserviceproviderwhileattachedtothenetworkwithanun provisioneddeviceandthedevicereceivesprovisiondata. 3) Thesubscribedusereitheraddsanewdevicetotheusersubscriptionaccountorreplacesanexistingdevice withanewdevice. 4) Serviceproviderupdatestheinformationstoredinanalreadyactivateddevice(e.g.,usersubscriptiondata,etc.) whenitisneeded(i.e.,continuousprovisioning).Referbacktosection5fordetaileddescriptionoftheseuse cases. 5) Userhasestablishedbusinessrelationshipwithserviceprovider,devicelostprovisioneddata.Reprovisioning analreadyprovisioneddevice(accordingtoserverinformation)whenthedeviceisattachedtothenetwork. WorkingAssumption: 1) Oneormorespecificprovisioningprotocolclientsareinstalledinthedevice. 2) ThedefaultsubscriberpolicyandhotlinerulesareinstalledattheHAAAbythenetworkserviceprovider.The procedureforinstallingtheserulesareoutsidethescopeofthespecification. 3) ThehotlinefunctionisRECOMMENDED.
Page13 WiMAXFORUMPROPRIETARYANDCONFIDENTIALSUBJECTTOCHANGEWITHOUTNOTICE
WiMAXForumNetworkArchitecture OTAGeneral
WMFT33103R015v02
1 2 3 4 5 6 7 8 9 10 Figure 2: Provisioning & Activation Phases TheModelA,B1,andB2devicesSHALLperformallofthesephases.ThereMAYbeaslightvariationwithineach phaseforeachdevicemodelorusecase.Thedetailedprocedureisspecifiedinthefollowingsectionsandthe [OTAOMADM]orthe[OTADSLTR069]specification.Thefollowingparagraphdescribessomeofthemain procedureswithineachofthephases. PreProvisioningPhase(Steps110): 1. Thedeviceperformschannelacquisitionandranging. 2. ThedevicedetectsoneormoreavailableWiMAXNAPsanddiscoversavailableNSPsassociatedwithone ormoreNAPs.
Page14 WiMAXFORUMPROPRIETARYANDCONFIDENTIALSUBJECTTOCHANGEWITHOUTNOTICE
WiMAXForumNetworkArchitecture OTAGeneral 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 3.
WMFT33103R015v02
ThedevicediscoversavailableNSPsassociatedwithoneormoreNAPsandanNSPbasedonsome preferencecriteria(ifavailable). 4. ThedeviceidentifiesaccessibleNSPsandselectsanNAPandanNSPbasedonsomepreferencecriteria(if available).Or,theuserperformsNSPmanualselection. 5. ThedeviceperformsNetworkentryprocedureswithaspecialdecoratedNAIforenteringtheprovisioning mode.TheNetworkentryproceduresSHALLbebasedon[NWGSTG3]. 6. TheNSPMAYdecidetoauthorizelimitedaccesstothedeviceforthepurposeofcreatingabusiness relationshipwiththeuser.ThelimitedaccessiscontrolledbyusingtheHotlineprocedure[NWGSTG3], wheretheHAAAwillnotifytheASNGWthatthedeviceistobehotlined,viatheISFauthorization,i.e., AccessAccept. 7. TheHAAAMAYactivatehotliningifdecidedbytheNetworkServiceProvider.IftheNetworkService Providerhasdecidedthatunprovisioneddeviceshavetobeputinthehotlinedstate,thehotliningcanin activatedeitherintheASNGWorintheHA(itdependsontheASNGWandtheHAcapabilities).TheH AAAprovidesthehotlineattributes.Intheexample,thehotlineattributesareprovidedtotheASNGW. ThehotliningMAYbeassimpleasblockingallIPtrafficbetweenthedeviceandotherhosts,detailof hotliningrule,seesection8.6. 8. ThedeviceperformstheDHCPproceduretoobtainapointofattachmentaddressBasedontheISFdata, theASNGWinitiatesthedatapathsetupwithaproperclassifierinstalled. 9. ASNGWsendsaccountingstartinformationtoHAAA. 10. Uponreceivingaccountingstartinformation,theHAAAinformstheprovisioningserverofthedevice status. SubscriptionandProvisioningPhase(Steps1115): TheactualorderofthesestepsMAYvarydependingontheimplementationofthesubscriptionportal subsystem,andthedevicemodel.DuringtheentireSubscriptionandActivationphasethesubscriptionportal shouldbeusedasthemeantointeractwiththeuseranddelivermessagestohim(suchasactivationin process,yourdevicewassuccessfullyactivatedetc). Thekeystepsinthisphasearethefollowing: 11. Thebootstrapprocedureisperformed.Accordingtothedevicetype,oneofthefollowingtwostepsorboth areperformed. a. ThedeviceandtheprovisioningserverperformaWIBprocedure.TheWIBprocedureisamethod toallowtheclienttoadvertisetheDMOTAprotocolitsupports,thenetworktoselecttheDM OTAprotocoltobeused,andtodeliverDMOTAprotocolspecificbootstrapinformation.This isanoptionalstepforsometypeofdevices. b. ThedeviceandtheprovisioningserverperformaBootstrapping&Devicecapabilitiesprocedure. TheBootstrappingprocedureisamethodfortheprovisioningservertodeliverthebootstrap informationtothedevice.ThebootstrapinformationMAYcontaintheprovisioningserver contactinformationandcredentials.ThebootstrappingprocedureMAYbepartoftheWIB procedure.ThedevicecapabilitiesinformationMAYbedeliveredtotheprovisioningserver throughDMsessionfollowingthebootstrappingprocedure. 12. TheprovisioningserverMAYsubscribedevicestatustotheHAAAserverifnecessary.Thenifthestatus ofthedeviceischangedtheHAAAserversendsanotificationmessagetotheprovisioningserver. A. Thedevicecapabilitiesinformationisdeliveredtosubscriptionportal. 13. TheusercreatesabusinessrelationshipenablingaccessviatheselectedNSPtothesubscriptionportal. Basedontheuserinputanddevicecapabilities,thesubscriptionportalcreatesauseraccount. B. TheuseraccountinformationisdeliveredtoadatabasewheretheHAAAandtheprovisioningserver haveaccesstotheinformation. 14. Theuseraccountinformationisstoredinthedatabase. C. Thesubscriptionportalrequeststheprovisioningservertoinitiatetheprovisioningprocess. 15. Amanagementsessionisestablishedbetweentheprovisioningclientandtheservertodeliverthe provisioningdata.Theprovisioningprocedureisamethodforthedevicetoacquireandstorethe provisioningdata,i.e.,managedobjects.EithertheprovisioningclientortheserverMAYinitiatethe managementsession. D.Theprovisioningserverresponsestheprovisioningresultstothesubscriptionportal. PostProvisioningPhase(Steps1617):
Page15 WiMAXFORUMPROPRIETARYANDCONFIDENTIALSUBJECTTOCHANGEWITHOUTNOTICE
WiMAXForumNetworkArchitecture OTAGeneral 1 2 3 4 5 6 7 8 9 10 11 12
WMFT33103R015v02
16. Uponcompletionoftheprovisioningphase,theHAAAwillrequesttheASNGWtoinitiatethenetwork exitprocedure[NWGSTG3]. 17. IftheNWExitprocedurewasinitiatedwithin90secondsfromthetimeofprovisioningcompletion,the devicewilltreatthisNWExitasthelastphaseofOTAactivationandthenperformthenetworkexitand reentryprocedureusingthenewcredentialstoensurethenetworkaccesskeysareproperlyinstalledand used. IfNWExithappenedpastthattime,thedeviceusesitsnormalND&Salgorithm. Notethatduringcontinuousprovisioning,theserviceproviderupdatestheinformationstoredinthedevicealready associatedandprovisionedwithanactiveuseraccount.Thecontinuousprovisioningoperationonlyrequiresthestep 15ataminimum.
Page16 WiMAXFORUMPROPRIETARYANDCONFIDENTIALSUBJECTTOCHANGEWITHOUTNOTICE
WiMAXForumNetworkArchitecture OTAGeneral
WMFT33103R015v02
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19
WiMAX Initial Bootstrap Procedure Overview
TheWiMAXInitialBootstrap(WIB)procedureenablesthediscoveryandnegotiationofthedevicemanagement (DM)OTAprotocoltobeusedbetweenthedeviceandthenetwork.TheprocedureconsistsofWIBserver discoveryusingDNSSRVrecords[RFC2782],andWIBOTAprotocolnegotiationusingsimpleHTTPbetweenthe deviceandtheWIBserver. ThedeviceinitiatestheWIBserverdiscoveryandprotocolnegotiationuponobtainingapointofattachmentIP addressusingDHCP,andprovidesinformationabouttheOTAprotocolsitsupportstotheWIBserverusingthe HTTPGETmethod.TheWIBserverusestheinformationprovidedbytheclient,selectsanappropriateOTA protocol,andprovidesOTAprotocolspecificbootstrapinformationabouttheselectedprotocolintheHTTP response.IfamutuallysupportedOTAprotocolcannotbeselected,theWIBserverrespondswithanHTTPerror, andtheOTAprovisioningcannotproceed.Withthesuccessfulexecutionofthebootstrappingprocess,asecurepath betweenthedevicesDMclientandtheDMprovisioningservercanbeestablishedandtheprotocolspecific provisioningprocessforthedevicecanbegin. WIBserverisafunctionalentitythatenforcesOTADMprotocolforaparticulardomain,andMAYstorethe configurationbootstrapinformation,MAYactasaproxytodeliverthebootstrapinformation,orMAYredirectthe devicetoanotherserverthatcandeliverthebootstrapinformation.ThefigurebelowillustratestheWIBprocedure.
Device DNS H-AAA WIB Server (50.40.30.20) Provisioning Server
1a. DNS-SRVquery_wimax-bootstrap._tcp.operator.com 1b. DNS-SRVrespwib.operator.com
1c. DNS-Aquerywib.operator.com 1d. DNS-Aresp50.40.30.20
2a. HTTPGET/bootstrap.wib?version=0&msid=MAC&protocol={OMA-DM, TR069} 2b. Based on local policy: may http redirect, request bootstrap info 2c. HTTP OK <application/vnd.wmf.bootstrap: protocol=OMA-DM or TR069; DM-specific bootstrap information>
20 21 22 Figure 3: WIB procedure
Page17 WiMAXFORUMPROPRIETARYANDCONFIDENTIALSUBJECTTOCHANGEWITHOUTNOTICE
WiMAXForumNetworkArchitecture OTAGeneral
WMFT33103R015v02
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27
Requirements
B1andB2devicesSHALLbeabletosupportallthefunctionsspecifiedinthissection.However,duringtheactual OTA provisioning operation, A and B2 type devices with sufficient preconfigured information SHALL NOT be requiredtofollowallthestepsspecifiedhere.
9.1
1. 2.
General Requirements
OMA DM SHALL be mandatory for provisioning all Model B (retail) WiMAX devices, i.e., for all WiMAXretaildevicesOMADMisthedefaultOTAprovisioningmechanism. In addition to OMA DM, TR-069 SHALL be also mandatory for provisioning Model B (retail) WiMAX devices classified as CPE gateway, and this option is selectable by the service provider at initial DM protocol discovery phase. WIB procedure MUST be run on devices supporting a provisioning protocol other than OMA DM. WIB procedure MUST be run on devices supporting only OMA DM if they cannot support OMA DM server initiated bootstrap, i.e., the UDP Push bootstrap. All networks supporting OTA provisioning MUST support WIB procedure. Networks supporting OMA DM MUST start the OMA DM server initiated bootstrap immediately after notification from AAA (i.e., UDP Push). The device MUST use the first bootstrap message it successfully received (either WIB or UDP Push) and silently discard all subsequently received bootstrap messages. In the case of WIB, after initial DM protocol discovery the device SHALL be provisioned using the negotiated protocol. Network MUST respond to device provisioning request {sm=1} even if device is considered provisioned by the network. The network SHALL initiate a provisioning flow with the device.
3. 4. 5. 6. 7. 8. 9.
[Note:InR1.5,OMADMwillnotsupportalltheCPEparameters.Thesewillbeworkedinfuturereleases.] 9.1.1 Model B (Retail Model) WiMAX Devices and Their Management
ThefollowingTable1providestheclassificationofModelBWiMAXdevicesandtheirDeviceManagement protocol. Table 1 - Model B device DM requirement Typeofdevice WiMAXCPEGateway otherWiMAXdevices DMRequirementsatdevice OMADMMandatory TR069Mandatory OMADMMandatory
28 29 30 31 32 33 34 35 36
9.2
Device Requirements
Inordertoacquireprovisioningdata,thedeviceSHALLperformthefollowingsteps: 1) ThedeviceSHALLperformdeviceauthenticationasapartofthenetworkentryprocedureasdefinedin [NWGSTG3]Section4.3(NetworkEntryandExit),withthefollowingsubclauses: a. When the device responds with an EAP Response/Identity message providing the NAI, the device SHALLincludetheWiMAXOTAprovisioningservicemodeattributevaluepair(avp),i.e.sm=1,in theWiMAXdecorationoftheNAItoindicatethatthedeviceisenteringthenetworktoperformOTA provisioningandactivation.TheNAIformatMUSTconformto[NWGSTG3].
Page18 WiMAXFORUMPROPRIETARYANDCONFIDENTIALSUBJECTTOCHANGEWITHOUTNOTICE
WiMAXForumNetworkArchitecture OTAGeneral 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 b.
WMFT33103R015v02
TheWiMAXdecorationMUSTbeusedtoindicatetotheAAAserverthatthedevicewishesto performOTAprovisioningandactivation.TheWiMAXdecorationoftheNAISHALLbe{sm=1} fortheWiMAXOTAprovisioningandactivation.Forexample,acorrectlydecoratedNAIforOTA provisioningis{sm=1}msid@realm.ThedeviceSHALLusetheproceduresdefinedin [NWGSTG3]todeterminetherealmandtoconstructtheNAI. FormodelBdevices,theMSSHALLfollowtheprocedureofcomparingtheextracteddomainname fromtheservercertificatewiththerealmusedintheNAIasdefinedin[NWGSTG3]butSHALLskip theprocedureofcomparisonofrealmsbetweenextracteddomainnamefromservercertificateagainst configuredlistofrealms.
c.
2) ThedeviceSHALLobtainapointofattachmentaddress,asdefinedin[NWGSTG3]. 3) ThedeviceSHALLsupportthenetworkexitprocedurespecifiedinthe[NWGSTG3]. 4) Whenprovisioningdataisupdatedtothedeviceviacontinuousmanagement,thedeviceSHALLtakeall authenticationrelatedparametersintouseinthenextauthenticationorreauthenticationandallother parametersatlatestduringthenextinitialnetworkentry. Allauthenticationrelatederrorcaseproceduresdefinedin[NWGSTG3]SHALLbefollowed.
9.3
Provisioning Server Requirements
InthecaseofOMADMactivationandprovisioningsolution,theprovisioningserverSHALLsupporttheOMA DMProtocol[DMERELD]andthe[OTAOMADM]specification. InthecaseofDSLTR069activationandprovisioningsolution,theprovisioningserverSHALLsupporttheTR069 Protocol[DSLTR069]andthe[OTATR069]specification. TheprovisioningserverMAYsubscribetothedeviceeventstatuswiththeHAAAwhenreceivingthe bootstrappingorprovisioningrequest.Whensubscribingtothedeviceeventstatus,thesubscriptionmessage SHALLincludeatleasttheMACaddressofthedeviceasanMSID. Iftheprovisioningserverreceivesamessagewhichcontainsinvalidattributesorthemessageformatisnotvalidor themessagedoesnotcontainallthemandatoryattributestheprovisioningserverSHALLignorethereceived messageandrespondtothesenderwithanappropriateresponsemessageifitisavailable.
9.4
1. 2. 3. 4.
ASN-GW Requirements
UponreceivingtheEAPResponse/IdentityfromthedevicetheASNGW(NAS)SHALLperformthe networkentryprocedureasspecifiedinthe[NWGSTG3]specification. TheASNGWSHALLprocesstheAccessAcceptmessageasspecifiedinthe[NWGSTG3]specification. UponsuccessfulestablishmentofanIPsessionwiththedevice,theASNGWSHALLsendthe AccountingRequestStartmessage. TheASNGWSHALLsupportthenetworkexitprocedurebasedontheNetworkTrigger,asspecifiedin [NWGSTG3]Section4.5.2.1.2.(NetworkTrigger).
TheASNGWSHALLconformto[NWGSTG3]withthefollowingsubclauses:
9.5
AAA Requirements
TheHAAAreceivesaRADIUSAccessRequestcontaininganEAPmessageattributesettotheNAIvaluereceived inanEAPResponseIdentityfromthedevice.TheHAAASHALLprocesstheAccessRequest,AccessAccept, andAcceptRejectmessagesasspecifiedinthe[NWGSTG3]specificationinSection4.4(Authentication, AuthorizationandAccounting). Uponsuccessfuldeviceauthenticationusingtheprovisioningmode(i.e.,{sm=1}),theHAAASHALLsendan AccessAcceptmessageasdefinedinthe[NWGSTG3]specificationinSection4.4andSHALLperformthe followingsteps: 1) TheHAAAMAYsetthehotlineattributefornetworkaccesscontrol.
Page19 WiMAXFORUMPROPRIETARYANDCONFIDENTIALSUBJECTTOCHANGEWITHOUTNOTICE
WiMAXForumNetworkArchitecture OTAGeneral 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43
WMFT33103R015v02
2) TheHAAASHALLusetheaccesspolicyoftheprovisioningmodetocreatetheInitialServiceFlow (ISF). IftheNWhasprovisioningcapabilities,Itisrecommendedthat,fornonsubscribedMSs,theaccesspolicy oftheprovisioningmodeSHOULDlimitaccesstoonlythesubscriptionportal,theWIBserverandthe provisioningserver(ifavailable),aswellaslimitthenumberofpreprovisionedserviceflows. (TheNWmayhaveadifferentpolicyforsubscribeddevicesthatentersintheprovisioningmodei.e.re provisioning). IftheNWdoesnothaveprovisioningcapabilitiestheuseoftheprovisioningaccesspolicybytheHAAA isexpectedonlyinthecasethattheMSdoesnothaveasubscription.AfterSubscriptionhasbeenobtained, itisuptotheoperatortodecidethelevelofaccesstheHAAAallowsforthisMS. UponthereceptionoftheAccountingStartmessage,theHAAASHALLsendanotificationtotheWIBand provisioningservers(iftheyareavailable)containingthecomputedBEK,theMSID,theIPaddressofthedevice, andthevalueoftheSessionTimeoutAttribute[NWGSTG3].Thenotificationprotocolisoutofthescopeofthis document. Inthecasewheretheprovisioningserversubscribestotheeventstatusofaspecificdevice,theHAAAserver SHALLnotifytheeventstatustotheprovisioningserverbydeliveringthecomputedBEK,theMSID,theIP addressofthedevice,andthevalueofSessionTimeoutAttribute,uponreceivingtheAccountingStartmessage. Theprotocolofsubscriptionandnotificationoftheeventstatusmethodisoutofthescopeofthisdocument. Uponcompletionoftheprovisioningphase,theHAAASHALLinitiatethenetworkexitprocedure,asspecifiedin the[NWGSTG3]specificationinSection4.5.2.1.2.Themethodofdetectingthecompletionoftheprovisioning phaseisoutofthescopeofthisdocument. Whenprovisioningdataisupdatedtothedeviceviacontinuousmanagement,HAAASHALLtakeall authenticationrelatedparametersintouseinthenextauthenticationorreauthentication. AllAAArelatederrorcaseproceduresdefinedin[NWGSTG3]SHALLbefollowed.
9.6
Hotline Feature Requirements
TheHotlinefeatureasdefinedinthe[NWGSTG3]specificationMAYbeusedwiththeWiMAXOverTheAir provisioningandactivationproceduretoenhancetheuserexperienceandtoprovidenetworkaccesscontrol. TheHAAAMAYactivatehotlining,dependingonthepolicyoftheNetworkServiceProvider,i.e.,Network ServiceProviderMAYdecidethatunprovisionedornonactivateddevice(s)enteringthenetworkhavetobehot lined.HowtheHAAAisawareofthisdecisionisoutofthescopeofthisdocument. TheHotliningfunctionoftheHotLiningDevice(HLD)MAYbeimplementedintheASNGWortheHA dependingontheircapabilities.TheHotlineSessionTimerandHotLiningRulesareprovidedbytheHAAA.As analternativetotheHotLiningRules,theHotlineProfileIDMAYbeprovidedbytheHAAA,andthenasetof rulespereachdifferentHotlineProfileIDSHALLbeconfiguredintheASNGWortheHA. Ifthehotliningisactivated,theHotlineProfileortheHotLiningRulesSHALLbeconfiguredinthewaythat: TheHotlineProfileandHotlineRulesSHALLNOTaffectCMIPandDHCPtraffic. TrafficbetweenthedeviceandtheDNSserverSHALLbepassed. TrafficbetweenthedeviceandtheprovisioningserverSHALLbepassed. HTTPtrafficbetweenthedeviceandthesubscriptionportalSHALLbepassed. AdditionalotherspecialtrafficMAYbealloweddependingonthepolicyoftheNetworkServiceProvider. (e.g.,HTTPtraffictosomeotherspecialservers) OtherHTTPtrafficMAYberedirectedtoanOperatorPortal. AdditionalothertrafficMAYbealloweddependingonthepolicyoftheNetworkServiceProvider.
Page20 WiMAXFORUMPROPRIETARYANDCONFIDENTIALSUBJECTTOCHANGEWITHOUTNOTICE
WiMAXForumNetworkArchitecture OTAGeneral
WMFT33103R015v02
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20
9.7
WIB Procedure Requirements
AdevicethatdoesnotsupportOMADMorTR069serverinitiatedbootstrapSHALLusetheWIBprocedure (Section8)basedonDNSandHTTP.ThedeviceSHALLperformaDNSSRVquery[RFC2782]toresolvethe locationoftheWIBserveruponIPsessionestablishment.TheServiceintheSRVquerySHALLbewimax bootstrap.TheprotocolintheSRVquerySHALLbetcp,IfthetargetNSPrealmisavailabletheNameinthe SRVquerySHALLbethedomainofthetargetNSPrealm.IfthetargetNSPrealmisnotavailablefromthe802.16 SBCRSP,theNameintheSRVquerySHALLbetheDomainNameobtainedfromDHCPprocedure(DHCP option15[RFC2132].TheDNSserverSHALLresolvethisdomainnametotheFQDNoftheWIBserverofthe NSP. DNSrelatederrorcasesaredefinedin[RFC2782]specification.Ifthedeviceisnotabletounderstandthereceived DNSSRVresponsemessageorthedevicedidnotreceivethemessageitMAYsendanewDNSSRVquerytothe networkuntilthemaximumretrycountisexhausted.IftheWIBserveraddressresolutionissuccessful,thedevice SHALLopenaHTTPsession[RFC2616]totheWIBservertoinformtheWIBserverofthesupportedDMOTA protocol(s),andretrievethebootstrapinformation.ThedeviceSHALLusetheHTTPGETmethodwiththe RequestURI/bootstrap.wib?version=VERSION&msid=MAC&protocol={PROTOCOL}.ThedeviceSHALL providetheMACaddressintheURIusingtheMSIDqueryparameterandSHALLindicatetheWIBHTTPprotocol versionintheURIusingtheversionparameter(seeTable3forsupportedversions).ThedeviceSHALLprovidea commaseparatedlistofthesupportedprovisioningprotocolsintheprotocolparameterthevaluesarespecifiedin Table2. Table 2 - Values of PROTOCOL PROTOCOL OMADM TR069 Reserved Value 0 1 265535
21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38
Forexample,whenassumingthefollowingparameters VERSION=0 MAC=001122334455 PROTOCOL=OMADM WIBServerDomain=wibserver.foo.com TheURIwillbehttp://wibserver.foo.com/bootstrap.wib?version=0&msid=001122334455&protocol={0} WhenassumingthefollowingparametersforadevicethatsupportsbothOMADMandTR069 VERSION=0 MAC=001122334455 PROTOCOL=OMADMorTR069 WIBServerDomain=wibserver.bar.com TheURIwillbe"http://wibserver.bar.com./bootstrap.wib?version=0&msid=001122334455&protocol={0,1}"
Page21 WiMAXFORUMPROPRIETARYANDCONFIDENTIALSUBJECTTOCHANGEWITHOUTNOTICE
WiMAXForumNetworkArchitecture OTAGeneral 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 Field NumberofOctets Version 2
WMFT33103R015v02
Iftheprotocolparameterisnotpresent,theserverSHALLbehaveasifOMADMwasspecified.Thedevice MAYprovideadditionaloptionalparametersintheRequestURI.Thefollowingoptionalparametersaredefined: vendorandmodel.Theseparameterscanbeusedbythedevicetonotifythenetworkofthevendornameand modelIDofthedeviceitself.ThenetworkMAYusethisinformationtoselecttheDMprotocoltobeusedandto determinethebootstrapinformation.ThedeviceSHALLprovideanAcceptHeader[RFC2616]containingthe mediatypedefinedforthebootstrap(application/vnd.wmf.bootstrap). WIBserverSHALLrespondtothedevicewithoneofthefollowingHTTPresponses: 1. 200OK.IftheWIBservercanprovidethebootstrapinformationforthedeviceidentifiedwiththeMAC address,theWIBserverSHALLreplywithanHTTP200OKmessagecontainingthebootstrap informationintheresponsebodyencodedasspecifiedinsection10.1.TheContentTypeofthereply SHALLbeapplication/vnd.wmf.bootstrap. 302Found.IftheWIBserverdoesnotsupportbootstrapinformationdeliverybutcanredirectthedeviceto anotherserverthatcanprovidethebootstrapinformation,theWIBserverSHALLreplywithanHTTP302 FoundmessagecontainingtheURItothelocationofthebootstrapinformation.Uponreceivingtheredirect thedeviceSHALLopenanHTTPsessiontotheindicatedURLandSHALLusetheHTTPGETmethod withthenewserver.ThenewserverSHALLsupporttheWIBHTTPquerywiththeparametersand responsesspecifiedinthischapter. 400BadRequest.IftheWIBserverdoesnotunderstandtherequestduetomalformedsyntax,corrupted packet,decodeerror,unsupportedWIBprotocolrevision,etc.,itSHALLreplywithan400BadRequest messagewhichindicatesthefailureoftheOTAprovisioningprocedure. 403Forbidden.IftheHTTPGETmessagecontainsanOTAProvisioningprotocolwhichisnotsupported bytheassociatedWiMAXnetworkoftheWIBserverorisnotallowedfortherequestedandknowndevice (e.g.nonCPEdeviceidentifiedviaMACaddressrequestingonlyTR069protocol).InthiscasetheWIB serverSHALLreplywithanHTTP403ForbiddenmessagewhichindicatesthefailureoftheOTA provisioningprocedure. 404NotFound.Iftheservercannotprovidethebootstrapinformationorredirectthedevicetoanother server,itSHALLreplywithanHTTP404NotFoundmessagewhichindicatesthefailureoftheOTA provisioningprocedure.
2.
3.
4.
5.
IfthedevicedoesnotreceivetheWIBHTTPresponsemessageorthedevice isnotabletounderstanditthe deviceMAYsendanewWIBHTTPGETmessagetothenetworkuntilthemaximumretrycountisexhausted. Itisnotinthescopeofthisdocumenttodefinethevalueformaxretries. InordertoensurerobustnessofWIBprotocolindependentoftheexactNWprovisioningimplementation,itis recommended that the device will retry WIB procedure several times spread over a minimum period of 10 minutesbeforedecidingthattheretrycounterisexhausted(forexample10retries,1everyminute). In all WIB procedure error cases occurring during initial provisioning the device SHOULD perform network exitprocedureasdescribedin[NWGSTG3]afterthemaximumretrycountisexhausted. 9.7.1 Bootstrap Message Encoding
ThebootstrapinformationSHALLbeprovidedtothedeviceusingtheformatdefinedforthebootstrap,i.e., application/vnd.wmf.bootstrap.Thebootstrapinformationconsistsofafixedsizeheaderfollowedbyavariablesize dataasdescribedbelow. Table 3 - Bootstrap Message Encoding Header Protocol 2 Length 4 Data Data Variable(02169)
Page22 WiMAXFORUMPROPRIETARYANDCONFIDENTIALSUBJECTTOCHANGEWITHOUTNOTICE
WiMAXForumNetworkArchitecture OTAGeneral OctetSignificance Value MSB 0 165535= Reserved 1 2 3 4 5 6 7 8 9 10 11 12 Field NumberofOctets OctetSignificance Contents 13 Field NumberofOctets OctetSignificance Contents MSB Type 2 LSB MSB MSB Type 2 LSB MSB 13 LSB MSB LSB MSB LSB
WMFT33103R015v02
DMprotocolspecific DMprotocolspecific
Protocol Valuedefined inTable1
Datalengthasa numberofoctets
TheversionfieldSHALLcontainthevalue0forthisversionoftheprotocol.TheprotocolfieldSHALLbeavalue takenfromtheTable1.ThedataportionSHALLcontainDMspecificbootstrapinformationencryptedand authenticatedusingAESCCMasdescribedinSection10.1WiMAXBootstrapSecurity.Theencryptedbootstrap documentandthenoncevalueMAYbetransmittedtotheclientinaTypeLengthValue(TLV)encodedmessageas describedinTable5andTable6.TheexacttypeandnumberofTLVsusedintheWIBresponseisspecifiedinthe relevantdocuments[OTAOMADM]and[OTATR69]. ThesizeofthetypefieldSHALLbetwooctets,thesizeofthelengthfieldSHALLbefouroctets,andthesizeof thevaluefieldSHALLbe13octetsforthenoncevalueand021634octetsfortheciphertextvalue.TheTLVsthat SHALLbeusedaredescribedinTable5andTable6. Table 4 - Encoding of Nonce TLV Length 4 LSB Value 13 MSB LSB
0=Nonce
Thenoncevalueselectedbytheserver.
Table 5 - Encoding of Ciphertext TLV Length 4 LSB Value Variable(021634) MSB LSB
1=Ciphertext
Valuefield lengthasa numberofoctets
Encryptedbootstrap
14 15 16 17 18 19 20 21 22 23 24 25
AdditionalTLVsMAYbeusedbyWiMAXOMADMorWiMAXTR069protocolstocarryprotocolspecific bootstrapinformation.However,thetotallengthoftheentirebootstrapinformationpayloadSHALLNOTexceed 65535octets.TheformatoftheseadditionalTLVsisspecifiedintherelevantdocuments[OTAOMADM] [OTATR069]. ThedeviceSHALLdiscardthebootstrapmessageandSHOULDperformnetworkexitproceduresasdescribedin [NWGSTG3]ifthedevicereceivesabootstrapmessagewhichismalformed,containsinvalidattributesorvaluesof attributeswhichthedevicedoesnotsupport,orthereissomeothererrorinparsingthebootstrapmessage. IfthebootstrapmessagecontainsduplicateTLVs,includingthevaluefield,thefirstTLVSHALLbeacceptedand theotheronesSHALLbeignored.ThedeviceSHALLignoretheunrecognizedTLVsinthebootstrapmessage.
Page23 WiMAXFORUMPROPRIETARYANDCONFIDENTIALSUBJECTTOCHANGEWITHOUTNOTICE
WiMAXForumNetworkArchitecture OTAGeneral
WMFT33103R015v02
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49
10
Security Considerations
Inordertoensuresecurecommunicationbetweenthedeviceandserverthefollowingdescribestheminimumsetof ciphersuitesthatSHALLbesupportedbythedeviceandserver. TheOMADMandTR069serversSHALLsupportasubsetoftheciphersuitesdefinedin[RFC3268].Theservers SHALLimplementthefollowingsetofciphersuiteslistedinpriorityorderfromthehighesttothelowest. TLS_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_3DES_EDE_CBC_SHA TheOMADMandTR069deviceSHALLsupportatleastoneoftheseciphersuites.Thedeviceandserver SHALLnegotiatethestrongestciphersuiteavailabletobothendpointsasapartoftheestablishmentoftheTLS connection. ItisrecommendationthatthedeviceSHOULDbeconfiguredtosupport TLS_RSA_WITH_3DES_EDE_CBC_SHA. TheimplicationsofthisarethattheOMADMserverandTR069serverhavetouseRSAbasedcertificatesand supportatleastoneof3DES,AES128,andAES256fortheTLSbasedcommunicationwiththedevice.The deviceandserverarefreetoaddanyotherciphersuitewhichisconsideredtohavesimilarorstrongercryptographic propertiestotheircapabilitylists,butthedefinitionshereSHOULDserveastheminimumandthereforecommon baseline. TheproceduresdescribedheredefineamethodforprotectingtheOTAtransportoftheOMADMorTR069 bootstrapinformationwhichcontainsconfigurationdataaswellascredentialsnecessaryforsubsequentOMADM orTR069transactions.Themethoddescribedhereisgenericinthatthekeyandtheencryptionmethodare independentoftheprovisioningprotocol. Thisspecificationdoesnotaddressthestorageorsecureusageofthisbootstrapinformationonceithasbeen deliveredtothedevice.Thisspecificationdealssolelywiththemethodinwhichthebootstrapinformationissecured fordeliverytothemobilestation.Itistheresponsibilityofimplementationstoensurethatthekeys,credentialsand allotherrelatedcontentisappropriatelysecuredduringprocessingwithinthedevice.
10.1
WiMAX Bootstrap Security
Thebootstrappingprocedureisintendedtoenablethesecuredeliveryofbootstrapdatatothedevice.Thebootstrap processutilizestemporarykeysderivedfromtheExtendedMasterSessionKey(EMSK)toauthenticateandprotect thebootstrapinformation.ToperformthisfunctionanewkeyiscomputedatthedeviceandtheAAA. 10.1.1 Bootstrap Encryption Key
TheBootstrapEncryptionKey(BEK)isderivedfromtheEMSKasfollows. BEK=the16mostsignificant(leftmost)octetsofHMACSHA256(EMSK,bek@wimaxforum.org).The bek@wimaxforum.orgisasciiandisnotnullterminated. ThelifetimeoftheBEKissettothelifetimeoftheEMSK. TheBEKisboundtotheEMSKwhichisalreadyboundtothedevicesonoadditionalkeybindingisnecessaryin theBEKkeyderivationprocedure. TheAAAdeliverstheBEK,MSIDandthedevicesIPaddresstotheentitywhichisdeliveringthebootstrap informationtothedevice.ThemethodtheAAAserverusestodelivertheBEKtotheWIBand/orProvisioning Serverisoutofscopeofthisdocument,butsecuritycontrolsareassumedtobeinplaceforit.TheBEKkeyisthen usedtoauthenticateandencryptthebootstrapdocumentforsecuredeliverytothedeviceperthedetaileddescription inthefollowingsection.
Page24 WiMAXFORUMPROPRIETARYANDCONFIDENTIALSUBJECTTOCHANGEWITHOUTNOTICE
WiMAXForumNetworkArchitecture OTAGeneral 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 Field Value 17 18 19 20 21 22 OctetNumber OctetSignificance NumberofOctets Field Value 23 24 OctetNumber OctetSignificance NumberofOctets Field Value
WMFT33103R015v02
10.1.2
Bootstrap Information Protection
ThebootstrapinformationSHALLbeprotectedutilizingAESintheCCMmode[NIST80038C].TlenSHALLbe 64andtSHALLbe8.ThenumberoftheoctetsinthemessageauthenticationcodefieldSHALLbesetto8. ConsistentwiththeCCMspecificationthe3bitbinaryencoding[(t2)/2]ofbits5,4,and3oftheFlagsoctetin B0SHALLbe011. ThesizeqofthelengthfieldQSHALLbesetto2.ConsistentwiththeCCMspecification,the3bitbinary encoding[q1]oftheqfieldinbits2,1and0oftheFlagsoctetinB0SHALLbe001. ThelengthaoftheassociateddatastringASHALLbesetto0. ThenoncevalueSHALLbe13octetslong(15q)asshowninTable6.Theoctets0through7SHALLbesettoa 64bitcryptographicqualityrandomnumber(RAND).Theoctets8through12arereservedandsettozero. Note:ThesetofnoncevaluesusedwithagivenBEKMUSTnotcontainduplicatevaluessinceusingthesame noncemorethanoncecompromisesthesecuritypropertiesofAESCCM.Theuseofasufficientlylargerandom numberalongwiththeexpectationthatthebootstrapinformationwillbeencryptedandtransmittedasmallnumber oftimesrelativetothesizeoftherandomnumberisexpectedtomaintainthesecurityofAESCCMforthis application. Table 6 - Nonce Construction (13 Octets) Octet 0 1 2 3 4 5 6 7 8 9 10 11 12 RAND RandomValue Reserved 0x0000000000
Theprovisioningservergeneratesacryptographicqualityrandomnumber,populatestheRANDfieldofthenonce andprocessesthebootstrapinformationwithAESCCM.Theprovisioningserverthentransmitstheprotected documenttothedevice.Uponthereceptionofaprotectedbootstrapmessagethedevicedecryptsandauthenticates thedocument. ConsistentwiththeAESCCMspecification,theinitialblockB0isformattedasshowninTable7. Table 7 - Initial CCM Block B0 0 1 Flags 0x19 113 MSBLSB 13 Nonce AsspecifiedinTable2 1415 MSBLSB 2 Length O
ConsistentwiththeAESCCMspecification,thecounterblocksCtrjareformattedasshownin Table 8 - Counter block Ctrj 0 1 Flags 0x1 113 MSBLSB 13 Nonce AsspecifiedinTable2 1415 MSBLSB 2 Counter j
Page25 WiMAXFORUMPROPRIETARYANDCONFIDENTIALSUBJECTTOCHANGEWITHOUTNOTICE
WiMAXForumNetworkArchitecture OTAGeneral
WMFT33103R015v02
1 2 3 4 5 6 7 8
APPENDIX A. Service Modes
Theservicemodeattributevaluepairs(avp)thatcanbeusedintheWiMAXNAIdecorationarelistedinTable1. ThedevicecanusetheseavpsintheWiMAXdecorationoftheNAItoindicateaspecialintentinitsnetworkentry. ThedeviceSHALLonlyusetheservicemodeavpsintheWiMAXdecorationoftheEAPouteridentity [NWGSTG3]Section4.4.1.3.1(OuterIdentity).ThenetworkMAYhavespecialaccesspoliciesforthedifferent servicemodes.WiMAXDecorationSHALLcontainonlyoneServiceModeattime.IfseveralServiceMode decorationsareused,thefirstServiceModeisappliedandalltherestareignored. Table 9 - Service mode avps for WiMAX decoration Service mode avp sm=0 sm=1 sm=2 Reserved OTAprovisioning EmergencyServicesupport Description
9 10
Page26 WiMAXFORUMPROPRIETARYANDCONFIDENTIALSUBJECTTOCHANGEWITHOUTNOTICE
You might also like
- The Subtle Art of Not Giving a F*ck: A Counterintuitive Approach to Living a Good LifeFrom EverandThe Subtle Art of Not Giving a F*ck: A Counterintuitive Approach to Living a Good LifeRating: 4 out of 5 stars4/5 (5794)
- Wimax Forum Certification of Broadband Wireless SystemsDocument5 pagesWimax Forum Certification of Broadband Wireless SystemsLevin L. BongNo ratings yet
- The Yellow House: A Memoir (2019 National Book Award Winner)From EverandThe Yellow House: A Memoir (2019 National Book Award Winner)Rating: 4 out of 5 stars4/5 (98)
- WMF T33 116 R020v01 - DRMDDocument45 pagesWMF T33 116 R020v01 - DRMDLevin L. BongNo ratings yet
- A Heartbreaking Work Of Staggering Genius: A Memoir Based on a True StoryFrom EverandA Heartbreaking Work Of Staggering Genius: A Memoir Based on a True StoryRating: 3.5 out of 5 stars3.5/5 (231)
- Simulators & Tools: TechmDocument10 pagesSimulators & Tools: TechmLevin L. BongNo ratings yet
- Hidden Figures: The American Dream and the Untold Story of the Black Women Mathematicians Who Helped Win the Space RaceFrom EverandHidden Figures: The American Dream and the Untold Story of the Black Women Mathematicians Who Helped Win the Space RaceRating: 4 out of 5 stars4/5 (895)
- FSDDocument15 pagesFSDLevin L. BongNo ratings yet
- The Little Book of Hygge: Danish Secrets to Happy LivingFrom EverandThe Little Book of Hygge: Danish Secrets to Happy LivingRating: 3.5 out of 5 stars3.5/5 (400)
- The Strategic Plan For Technology & Telecommunications For Illinois LibrariesDocument21 pagesThe Strategic Plan For Technology & Telecommunications For Illinois LibrariesLevin L. BongNo ratings yet
- Shoe Dog: A Memoir by the Creator of NikeFrom EverandShoe Dog: A Memoir by the Creator of NikeRating: 4.5 out of 5 stars4.5/5 (537)
- JackieDocument42 pagesJackieLevin L. BongNo ratings yet
- Never Split the Difference: Negotiating As If Your Life Depended On ItFrom EverandNever Split the Difference: Negotiating As If Your Life Depended On ItRating: 4.5 out of 5 stars4.5/5 (838)
- Basic Electronics Test Study GuideDocument26 pagesBasic Electronics Test Study GuideClark CabansagNo ratings yet
- Elon Musk: Tesla, SpaceX, and the Quest for a Fantastic FutureFrom EverandElon Musk: Tesla, SpaceX, and the Quest for a Fantastic FutureRating: 4.5 out of 5 stars4.5/5 (474)
- 3gpp LTE OverviewDocument53 pages3gpp LTE OverviewAmit Chakradeo100% (20)
- Grit: The Power of Passion and PerseveranceFrom EverandGrit: The Power of Passion and PerseveranceRating: 4 out of 5 stars4/5 (588)
- Ts 132240v110500pDocument47 pagesTs 132240v110500pLevin L. BongNo ratings yet
- Deploying In-Building Wireless SolutionsDocument12 pagesDeploying In-Building Wireless SolutionsLevin L. Bong100% (1)
- The Emperor of All Maladies: A Biography of CancerFrom EverandThe Emperor of All Maladies: A Biography of CancerRating: 4.5 out of 5 stars4.5/5 (271)
- IXIA LTE Testing White PaperDocument18 pagesIXIA LTE Testing White PaperjiumenNo ratings yet
- On Fire: The (Burning) Case for a Green New DealFrom EverandOn Fire: The (Burning) Case for a Green New DealRating: 4 out of 5 stars4/5 (74)
- LTE UE Test FrameworkDocument2 pagesLTE UE Test FrameworkLevin L. BongNo ratings yet
- Team of Rivals: The Political Genius of Abraham LincolnFrom EverandTeam of Rivals: The Political Genius of Abraham LincolnRating: 4.5 out of 5 stars4.5/5 (234)
- MB86K23 FSDocument2 pagesMB86K23 FSLevin L. BongNo ratings yet
- Devil in the Grove: Thurgood Marshall, the Groveland Boys, and the Dawn of a New AmericaFrom EverandDevil in the Grove: Thurgood Marshall, the Groveland Boys, and the Dawn of a New AmericaRating: 4.5 out of 5 stars4.5/5 (266)
- LTE UE Test FrameworkDocument2 pagesLTE UE Test FrameworkLevin L. BongNo ratings yet
- The Hard Thing About Hard Things: Building a Business When There Are No Easy AnswersFrom EverandThe Hard Thing About Hard Things: Building a Business When There Are No Easy AnswersRating: 4.5 out of 5 stars4.5/5 (344)
- 3gpp LTE OverviewDocument53 pages3gpp LTE OverviewAmit Chakradeo100% (20)
- Assignment - 1 AcousticsDocument14 pagesAssignment - 1 AcousticsSyeda SumayyaNo ratings yet
- The World Is Flat 3.0: A Brief History of the Twenty-first CenturyFrom EverandThe World Is Flat 3.0: A Brief History of the Twenty-first CenturyRating: 3.5 out of 5 stars3.5/5 (2259)
- Polyether Polyol Production AssignmentDocument9 pagesPolyether Polyol Production AssignmentanurdiaNo ratings yet
- Transactions List: Marilena Constantin RO75BRDE445SV93146784450 RON Marilena ConstantinDocument12 pagesTransactions List: Marilena Constantin RO75BRDE445SV93146784450 RON Marilena ConstantinConstantin MarilenaNo ratings yet
- The Gifts of Imperfection: Let Go of Who You Think You're Supposed to Be and Embrace Who You AreFrom EverandThe Gifts of Imperfection: Let Go of Who You Think You're Supposed to Be and Embrace Who You AreRating: 4 out of 5 stars4/5 (1090)
- Advanced Herd Health Management, Sanitation and HygieneDocument28 pagesAdvanced Herd Health Management, Sanitation and Hygienejane entunaNo ratings yet
- Writ Petition 21992 of 2019 FinalDocument22 pagesWrit Petition 21992 of 2019 FinalNANDANI kumariNo ratings yet
- Fashion DatasetDocument2,644 pagesFashion DatasetBhawesh DeepakNo ratings yet
- The Unwinding: An Inner History of the New AmericaFrom EverandThe Unwinding: An Inner History of the New AmericaRating: 4 out of 5 stars4/5 (45)
- An Analysis of Students' Error in Using Possesive Adjective in Their Online Writing TasksDocument19 pagesAn Analysis of Students' Error in Using Possesive Adjective in Their Online Writing TasksKartika Dwi NurandaniNo ratings yet
- The Future of FinanceDocument30 pagesThe Future of FinanceRenuka SharmaNo ratings yet
- Ford Focus MK2 Headlight Switch Wiring DiagramDocument1 pageFord Focus MK2 Headlight Switch Wiring DiagramAdam TNo ratings yet
- Not CE 2015 Version R Series 1t-3.5t Operating Manua 2015-08Document151 pagesNot CE 2015 Version R Series 1t-3.5t Operating Manua 2015-08hocine gherbiNo ratings yet
- Gobekli TepeDocument2 pagesGobekli TepeCarl Feagans100% (1)
- E-CRM Analytics The Role of Data Integra PDFDocument310 pagesE-CRM Analytics The Role of Data Integra PDFJohn JiménezNo ratings yet
- Our Story Needs No Filter by Nagarkar SudeepDocument153 pagesOur Story Needs No Filter by Nagarkar SudeepKavya SunderNo ratings yet
- The Sympathizer: A Novel (Pulitzer Prize for Fiction)From EverandThe Sympathizer: A Novel (Pulitzer Prize for Fiction)Rating: 4.5 out of 5 stars4.5/5 (121)
- Tec066 6700 PDFDocument2 pagesTec066 6700 PDFExclusivo VIPNo ratings yet
- Power System Protection (Vol 3 - Application) PDFDocument479 pagesPower System Protection (Vol 3 - Application) PDFAdetunji TaiwoNo ratings yet
- Electronics 11 02566Document13 pagesElectronics 11 02566卓七越No ratings yet
- Standard BMW PDFDocument19 pagesStandard BMW PDFIna IoanaNo ratings yet
- Quotation - 1Document4 pagesQuotation - 1haszirul ameerNo ratings yet
- Docket - CDB Batu GajahDocument1 pageDocket - CDB Batu Gajahfatin rabiatul adawiyahNo ratings yet
- Reaction PaperDocument3 pagesReaction PaperLois DolorNo ratings yet
- Lesson Plan For DemoDocument9 pagesLesson Plan For DemoJulius LabadisosNo ratings yet
- Art Integrated ProjectDocument14 pagesArt Integrated ProjectSreeti GangulyNo ratings yet
- Chapter1 Intro To Basic FinanceDocument28 pagesChapter1 Intro To Basic FinanceRazel GopezNo ratings yet
- Sheetal PatilDocument4 pagesSheetal PatilsheetalNo ratings yet
- Her Body and Other Parties: StoriesFrom EverandHer Body and Other Parties: StoriesRating: 4 out of 5 stars4/5 (821)
- Initial Police Report: Calamba City Police Station Brgy Real, Calamba City, Laguna E-Mail: 545-1694/545-6789 Loc 8071Document1 pageInitial Police Report: Calamba City Police Station Brgy Real, Calamba City, Laguna E-Mail: 545-1694/545-6789 Loc 8071Jurish BunggoNo ratings yet
- Clinical Skills TrainingDocument12 pagesClinical Skills TrainingSri Wahyuni SahirNo ratings yet
- Equilibrium of A Rigid BodyDocument30 pagesEquilibrium of A Rigid BodyChristine Torrepenida RasimoNo ratings yet
- Acceptable Use Policy 08 19 13 Tia HadleyDocument2 pagesAcceptable Use Policy 08 19 13 Tia Hadleyapi-238178689No ratings yet
- Parrot Mk6100 Userguide Zone1Document100 pagesParrot Mk6100 Userguide Zone1Maria MartinNo ratings yet
- PathologyDocument31 pagesPathologyStudy Usmle100% (1)
- The Digital Marketing Handbook: A Step-By-Step Guide to Creating Websites That SellFrom EverandThe Digital Marketing Handbook: A Step-By-Step Guide to Creating Websites That SellRating: 5 out of 5 stars5/5 (6)
