Novel Approaches to Enhance Mobile WiMAX Security
1 Convergence S/W Laboratory, DMC R&D Center, Samsung Electronics, Dong Suwon P.O. Box 105, Maetan-3dong, Suwon-si, Gyeonggi-do, 442-600, Republic of Korea
2 Department of Computer Science and Engineering, Seoul National University of Technology, 172, Gongreung 2-dong, Nowon, Seoul 139-743, Republic of Korea
3 Department of Business Administration, Daejin University, San 11-1, Sundan-Dong, Pocheon-Si, Gyunggi-Do 487-711, Republic of Korea
EURASIP Journal on Wireless Communications and Networking 2010, 2010:926275 doi:10.1155/2010/926275Published: 20 July 2010
The IEEE 802.16 Working Group on Broadband Wireless Access Standards released IEEE 802.16-2004 which is a standardized technology for supporting broadband and wireless communication with fixed and nomadic access. After the IEEE 802.16-2004 standard, a new advanced and revised standard was released as the IEEE 802.16e-2005 amendment which is foundation of Mobile WiMAX network supporting handover and roaming capabilities. In the area of security aspects, compared to IEEE 802.16-2004, IEEE 802.16e, called Mobile WiMAX, adopts improved security architecture—PKMv2 which includes EAP authentication, AES-based authenticated encryption, and CMAC or HMAC message protection. However, there is no guarantee that PKMv2-based Mobile WiMAX network will not have security flaws. In this paper, we investigate the current Mobile WiMAX security architecture focusing mainly on pointing out new security vulnerabilities such as a disclosure of security context in network entry, a lack of secure communication in network domain, and a necessity of efficient handover supporting mutual authentication. Based on the investigation results, we propose a novel Mobile WiMAX security architecture, called RObust and Secure MobilE WiMAX (ROSMEX), to prevent the new security vulnerabilities.