IEEE 802.21a 2012
$52.00
IEEE Standard for Local and Metropolitan Area Networks: Media Independent Handover Services – Amendment for Security Extensions to Media Independent Handover Services and Protocol
| Published By | Publication Date | Number of Pages |
| IEEE | 2012 | 92 |
Amendment Standard – Active. Amendment to IEEE Std 802.21-2008. Extensions to IEEE Std 802.21-2008 are provided for security mechanisms to protect media independent handover services and mechanisms to use MIH to assist proactive authentication to reduce the latency due to media access authentication and key establishment with the target network. The PDF of this standard is available at no charge compliments of the IEEEGET802 program located at http://standards.ieee.org/about/get/802/support.html
PDF Catalog
| PDF Pages | PDF Title |
|---|---|
| 1 | IEEE Std 802.21a™-2012(Amendment toIEEE Std 802.21™-2008), front cover |
| 3 | Title page |
| 6 | Notice to users Laws and regulations Copyrights Updating of IEEE documents Errata |
| 7 | Patents |
| 8 | Participants |
| 10 | Introduction |
| 11 | Contents |
| 15 | IMPORTANT NOTICE |
| 16 | 1. Overview 1.3 General 2. Normative references |
| 17 | 3. Definitions |
| 19 | 4. Abbreviations and acronyms 5. General architecture 5.1 Introduction 5.1.9 Proactive authentication and key establishment |
| 20 | 6. MIH service 6.2 Service management 6.2.1 General 6.2.2 Service management primitives 6.5 Media independent event service 6.5.4 Information elements |
| 21 | 7. Service access point (SAP) and primitives 7.4 MIH_SAP primitives 7.4.1 MIH_Capability_Discover 7.4.1.1 MIH_Capability_Discover.request 7.4.1.1.2 Semantics of service primitives 7.4.1.2 MIH_Capability_Discover.indication 7.4.1.2.2 Semantics of service primitive |
| 22 | 7.4.1.3 MIH_Capability_Discover.response 7.4.1.3.2 Semantics of service primitive 7.4.1.4 MIH_Capability_Discover.confirm 7.4.1.4.2 Semantics of service primitive |
| 23 | 7.4.17 MIH_Net_HO_Candidate_Query 7.4.17.2 MIH_Net_HO_Candidate_Query.request 7.4.17.2.2 Semantics of service primitive 7.4.17.3 MIH_Net_HO_Candidate_Query.indication 7.4.17.3.2 Semantics of service primitive |
| 24 | 7.4.17.4 MIH_Net_HO_Candidate_Query.response 7.4.17.4.1 Function 7.4.17.4.2 Semantics of service primitive 7.4.17.5 MIH_Net_HO_Candidate_Query.confirm 7.4.17.5.2 Semantics of service primitive |
| 25 | 7.4.18 MIH_MN_HO_Candidate_Query 7.4.18.1 MIH_MN_HO_Candidate_Query.request 7.4.18.1.2 Semantics of service primitive 7.4.18.2 MIH_MN_HO_Candidate_Query.indication 7.4.18.2.2 Semantics of service primitive |
| 26 | 7.4.18.3 MIH_MN_HO_Candidate_Query.response 7.4.18.3.2 Semantics of service primitive 7.4.18.4 MIH_MN_HO_Candidate_Query.confirm 7.4.18.4.2 Semantics of service primitive |
| 27 | 7.4.27 MIH_Push_Key 7.4.27.1 MIH_Push_key.request 7.4.27.1.1 Function 7.4.27.1.2 Semantics of service primitive 7.4.27.1.3 When generated 7.4.27.1.4 Effect on receipt 7.4.27.2 MIH_Push_key.indication 7.4.27.2.1 Function |
| 28 | 7.4.27.2.2 Semantics of service primitive 7.4.27.2.3 When generated 7.4.27.2.4 Effect on receipt 7.4.27.3 MIH_Push_key.response 7.4.27.3.1 Function 7.4.27.3.2 Semantics of service primitive |
| 29 | 7.4.27.3.3 When generated 7.4.27.3.4 Effect on receipt 7.4.27.4 MIH_Push_Key.confirm 7.4.27.4.1 Function 7.4.27.4.2 Semantics of service primitive 7.4.27.4.3 When generated 7.4.27.4.4 Effect on receipt 7.4.28 MIH_LL_Auth 7.4.28.1 MIH_LL_Auth.request 7.4.28.1.1 Function |
| 30 | 7.4.28.1.2 Semantics of service primitive 7.4.28.1.3 When generated 7.4.28.1.4 Effect on receipt 7.4.28.2 MIH_LL_Auth.indication 7.4.28.2.1 Function 7.4.28.2.2 Semantics of service primitive |
| 31 | 7.4.28.2.3 When generated 7.4.28.2.4 Effect on receipt 7.4.28.3 MIH_LL_Auth.response 7.4.28.3.1 Function 7.4.28.3.2 Semantics of service primitive 7.4.28.3.3 When generated 7.4.28.3.4 Effect on receipt 7.4.28.4 MIH_LL_Auth.confirm 7.4.28.4.1 Function |
| 32 | 7.4.28.4.2 Semantics of service primitive 7.4.28.4.3 When generated 7.4.28.4.4 Effect on receipt |
| 33 | 8. Media independent handover protocol 8.4 MIH protocol frame format 8.4.1 General frame format |
| 34 | 8.4.1a Protected MIH protocol frame format 8.4.1a.1 MIH PDU protected by (D)TLS |
| 35 | 8.4.1a.2 MIH PDU protected through EAP-generated MIH SA 8.4.1a.3 Protected MIH PDU upon transport address change |
| 36 | 8.4.2 Fragmentation and reassembly 8.4.2.1 General |
| 37 | 8.4.2.2 Fragmentation 8.4.2.3 Reassembly |
| 38 | 8.6 MIH protocol messages 8.6.1 MIH messages for service management 8.6.1.1 MIH_Capability_Discover request 8.6.1.2 MIH_Capability_Discover response |
| 39 | 8.6.1.11 MIH_Auth indication 8.6.1.12 MIH_Auth request |
| 40 | 8.6.1.13 MIH_Auth response 8.6.1.14 MIH_Termination_Auth request |
| 41 | 8.6.1.15 MIH_Termination_Auth response 8.6.1.16 MIH_Push_key request 8.6.1.17 MIH_Push_key response 8.6.1.18 MIH_LL_Auth request |
| 42 | 8.6.1.19 MIH_LL_Auth response 8.6.3 MIH messages for command service 8.6.3.7 MIH_Net_HO_Candidate_Query request |
| 43 | 8.6.3.8 MIH_Net_HO_Candidate_Query response 8.6.3.9 MIH_MN_HO_Candidate_Query request |
| 44 | 8.6.3.10 MIH_MN_HO_Candidate_Query response |
| 45 | 9. MIH protocol protection 9.1 Protection established through MIH (D)TLS 9.2 Key establishment through an MIH service access authentication |
| 46 | 9.2.1 MIH service access authentication |
| 52 | 9.2.2 Key derivation and key hierarchy |
| 54 | 9.2.3 EAP-generated MIH security association |
| 55 | 9.2.4 Termination 9.3 MIH message protection mechanisms for EAP-generated SAs 9.3.1 MIH_Auth message protection |
| 56 | 9.3.2 MIH PDU protection procedure |
| 57 | 9.3.3 MIH PDU protection by AES-CCM |
| 58 | 9.3.3.1 AES-CCM Parameters 9.3.3.2 Construct AES-CCM Nonce 9.3.3.3 Operational procedures in AES-CCM 9.3.3.3.1 Encapsulation |
| 59 | 9.3.3.3.2 Decapsulation 9.3.3.4 Format of security TLV |
| 60 | 9.3.4 MIH PDU protection by AES in CBC mode and HMAC-SHA1-96 9.3.4.1 Initialization vector for AES in CBC mode 9.3.4.2 Operational procedures in applying AES CBC and HMAC-SHA1-96 9.3.4.2.1 Encapsulation 9.3.4.2.2 Decapsulation |
| 61 | 9.3.4.3 Format of security TLV 9.3.5 MIH PDU protection by HMAC-SHA1-96 9.3.5.1 MIC generation and verification 9.3.5.1.1 MIC generation 9.3.5.1.2 MIC verification 9.3.5.2 Format of security TLV |
| 62 | 9.3.6 MIH PDU protection by AES-CMAC 9.3.6.1 MIC generation and verification 9.3.6.1.1 MIC generation 9.3.6.1.2 MIC verification 9.3.6.2 Format of security TLV |
| 63 | 9.4 Common procedures 9.4.1 Sending 9.4.2 Receiving |
| 64 | 10. Proactive authentication 10.1 Media specific proactive authentication |
| 65 | 10.1.1 Procedures in a media specific proactive authentication 10.1.1.1 PoS and candidate media specific authenticator discovery 10.1.1.2 Proactive authentication through EAP or ERP 10.1.1.3 Media specific association handshake 10.1.2 Proactive authentication message format 10.2 Bundling media access authentication with MIH service access authentication 10.2.1 Media specific key derivation 10.2.1.1 Derivation of media specific root key (MSRK) |
| 66 | 10.2.1.2 Derivation of media specific pairwise master keys (MSPMKs) |
| 67 | 10.2.2 Media specific key distribution 10.2.2.1 Push key distribution 10.2.2.2 Reactive pull key distribution 10.2.2.3 Optimized proactive pull key distribution |
| 69 | Annex A (informative) Bibliography |
| 70 | Annex D (normative) Mapping MIH messages to reference points |
| 71 | Annex F (normative) Data type definition |
| 74 | Annex G (normative) Information element identifiers |
| 75 | Annex H (normative) MIIS basic schema |
| 77 | Annex J (informative) IEEE 802.21 MIB |
| 79 | Annex K (informative) Example MIH message fragmentation |
| 82 | Annex L (normative) MIH protocol message code assignment |
| 83 | Annex M (normative ) Protocol implementation conformance statement (PICS) proforma |
| 85 | Annex N (informative) Authentication and key distribution procedures |
| 91 | Annex O (informative) Protection through transport protocol |
Related products
-
IEEE 802.21a-2012
IEEE Standard for Local and Metropolitan Area Networks: Media Independent Handover Services – Amendment for…
