Improving Security in the IEEE 802.16 Standards

The IEEE 802.16 standard was proposed to provide Broadband Wireless Access for fixed and nomadic subscribers. However, Shon et al identified three vulnerabilities in the existing 802.16 standards. The vulnerabilities are 1) important messages sent during the initial network entry process are not secured in the existing 802.16 standard, 2) there are some Access Network vulnerabilities (the IEEE 802.16 standard does not cover the security of intra-Access Service Network (intra-ASN) and ASN-to-Connectivity Service Network (ASN-to-CSN) communications) and 3) the Hand Over (HO) optimization flags are able to allow malicious users to cause critical security vulnerabilities during the handover process. Shon et al then proposed countermeasures for the above-mentioned vulnerabilities. In this paper, we review Shon et al´s countermeasures to initial network entry and Access Network vulnerabilities and show that their proposed countermeasures are ineffective in preventing attacks to initial network entry and access network communications. We then proposed improved countermeasures that are able to protect against initial network entry and access network communications vulnerabilities.