The IEEE 802.16j-2009 amendment describes two security control modes: centralized and distributed. Under centralized security control, an intermediate RS plays no role in any security exchange between the MR-BS and the SS. It is also possible that an SA be established between an MR-BS and RS. Similarly in such cases, intermediate RS do not intervene. However, it is optionally possible to protect non-authenticated PKM messages, such as Authorization Requests and Replies, through utilizing an added HMAC/CMAC between the MR-BS and the access RS.
Under distributed security control, two primary SAs are setup: one between the MR-BS and the access RS, the other between the access RS and the SS or the subordinate SS. In other words, an exclusive SA shall be established between each SS and its serving RS, and between each RS and its serving MR-BS, with each SA having its own SAID. An SS's management message is protected through replacing HMAC/CMAC values at the header. Note that it is possible for an RS to aggregate/deaggregate security messages for its subordinates in a single management tunnel.
The transfer of AK from the MR-BS to an SS or an RS would be made through a PKMv2 AK transfer message that also includes the AK's key material, sequence number and lifetime. The amendment also allows for key pre-distribution to accelerate handoffs.
The amendment defines the management of security zones in MMR networks. In essence, a security zone consists ...