In view of the need for a high level of WiMAX security,
the IEEE 802.16 working groups incorporated security measures
into the standard during the concept stages to counteract
WiMAX security threats. WiMAX security has been embedded
into the standard from the beginning rather than being added
as an extra at a later stage. By adopting this approach,
WiMAX security has been made more effective while being
less intrusive to the user.
WiMAX security elements are included in the standard and
fall under four main headings:
- Authentication of the user device
- Higher-level user authentication
- Advanced over-the-air encryption
- Methods for securing the control and signaling within
an IP scenario
Each of these WiMAX security areas has been addressed within
standards, but even so, it is still necessary for the network
operators to use good practice to ensure that security is not
compromised. It is quite possible to circumvent the best security
technology if the correct operating procedures are not in place.
WiMAX security threats
When developing any security system it is necessary to understand
the means by which security could be compromised and in this
way build in the relevant security measures.
Some of the main threats to WiMAX security are summarized
in the table below:
| Type of security attack |
Description / details of the security attack |
| Man-in-the-middle |
This form of WiMAX security issue occurs when
a base station is set up to impersonate a base station
in the network, either just to a subscriber, or
a two way impersonation between the subscriber and
the base station. |
| Privacy compromise |
This type of security attack takes the form
of the attacker capturing user and / or signaling
traffic being conveyed over the wireless or the
wired elements of the network. These packets can
be analyzed and information extracted at a later
time. |
| Theft of service |
This occurs if users without authorized access
are able to access the network and utilize it without
payment. |
| Denial of service (physical) |
This is achieved by degrading the network performance
by physically disrupting the physical elements of
the network, e.g. by jamming the radio channels
used. |
| Denial of service (protocol) |
This form of denial of service involves overloading
the network or system resources by introducing new
traffic or modifying existing traffic. This happens
when Internet websites are maliciously targeted
by millions of requests to overload their resources. |
| Replay |
This form of WiMAX security issue occurs if
previously valid messages are injected into the
system to exhaust resources or lock out valid users. |
Although these are broad descriptions for the major forms
of WiMAX security issue, they all need to be addressed so that
malicious attempts cannot succeed in disrupting he network,
obtaining user information or data, or gaining unauthorized
access to the network.
WiMAX security measures
The WiMAX standard includes several security protection measures
to address and overcome the various WiMAX security threats that
are posed to the system. These include mutual device / user
authentication techniques, a flexible key management tool, traffic
encryption, and control and management message protection.
