WLAN Building Blocks
Let's examine the building blocks of an 802 WLAN. The 802.11 WLAN consists of a set of services that are defined as architectural artifacts, independent of implementations and layers. The services are achieved by messages between the entities, mainly the STA/client, the APs, and the distribution system. In turn, messages are composed of frames.
Services
As discussed previously, the 802.11 architecture consists of essential services implemented by the STAs, APs, and the distribution system. Table 4-1 shows the essential services, the specification that defined the services, and the entity that implements the services. The services implemented by the APs and STAs are collectively known as station services (SS), and the services implemented by the backend DS are called the distribution system services (DSS). The type of service represents the flexibility that an entity has; a "request" type can be denied, but a "notification" type is final, should be honored, and cannot be refused by either party.
Service | Description | Specification | Group | Type |
|---|---|---|---|---|
Authentication | This service establishes the identity of a client entity to the satisfaction of the server. | 802.11 | SS | Request |
The preauthentication of an already authenticated STA is also part of this service. | ||||
An STA can be authenticated with many APs. | ||||
Deauthentication | This service terminates an existing authentication. | 802.11 | SS | Notification |
Association | This service establishes the STA-AP relationship. An STA would be associated with at most one AP. | 802.11 | Straddles the line between SS and DSS | Request |
With specifications like the 802.11e, association can be conditional based on capabilities; for example, with 802.11e, the required qualtiy of service (QoS) functionality would determine whether an association would be entertained. | ||||
Disassociation | This service terminates an existing STA-AP association. | 802.11 | Straddles the line between SS and DSS | Notification |
Reassociation | This service "moves" an STA from one AP to another (or, effectively, one BSS to another), obviously within an ESS. This service is also used to change the attributes of an STA-AP association (kind of a virtual reassociation). | 802.11 | DSS | Request |
Privacy (802.11i renames this service as confidentiality.) | The confidentiality of messages to achieve the equivalent of wires. The privacy service is invoked only for the data frames. | 802.11 | SS (DSS contributes to key material.) | Request |
Distribution | The delivery of messages between the various entities. The 802.11 describes the message formats and the "what" part. It leaves the "how" to the implementers. | 802.11 | DSS | Request |
Integration | This service is invoked after the distribution and is responsible for the connectivity between the WLAN and the back-end LAN. | 802.11 | DSS | Request |
MSDU delivery | Delivery of data between MAC service access points; consists of functionalities such as asynchronous data service to transfer data and data units reordering. | 802.11 | SS | Request |
Higher-layer timer synchronization | For QoS. | 802.11e | SS and DSS | Request |
QoS traffic scheduling | For QoS. | 802.11e | SS and DSS | Request |
Frames
The 802.11 devices communicate with each other by exchanging frames at the MAC layer. Figure 4-5 shows the frame format.
Figure 4-5. MAC Frames
The MAC frame itself consists of seven fields:
Frame Control.
Duration/ID.
Three Address Fields (Source, Destination, and BSSID).
Sequence Control.
QoS Control. (This field is being added by the 802.11E WG.)
Not all fields are present at all times; the presence and convention (convention as to which field is used for which information) of the fields depends on the type of messages. For example, there is space for four address fields corresponding to the BSSID, destination address (DA), source address (SA), and the receiver address (RA).
Note
The addresses are 48 bytes long and are organized according to clause 5.2 of IEEE 802-1990. Individual addresses are MAC addresses; if the address represents a multicast or broadcast address, it is as defined by the domain convention.
The frame control is of interest because it contains fields that are required for the security mechanisms; therefore, let's examine the frame control in a bit more detail.
Figure 4-6 shows the contents of the frame control field at a bit level.
Figure 4-6. Frame Control Field Bits
The protocol version is 0. It changes only if there is an incompatibility.
The type bits (bits 2 and 3) signify management, control, and data frames.
Note
The management frames include the request and response frames from the association/reassociation service, the authentication, beacon, and probe request/probe response.
The control frames include Clear to Send (CTS), acknowledgement (ACK), and Request to Send (RTS) frames for controlling the transmission at the medium layer.
The data frames include the actual data bits.
The subtype bits signify a more granular description of the type. Some examples include association request (00-0000), association response (00-0001), and data (10-0000).
The WEP bit signifies that the WEP has processed the frame body, so the receiver would apply the WEP unpacking algorithms. The 802.11i standard renames this field to Protected Frame.
