Mobile Computing: SEM - VI (CSC603)

MOBILE COMPUTING
SEM -VI(CSC603)
CHAPTER 4
By,
1
Prof. Urjashree Patil
SYLLABUS
 Prerequisite: Computer Network
Module
Unit No. Topics Hrs.
No.
4.1 Wireless Local Area Networks : Introduction,
Infrastructure and ad-hoc network
4.2 IEEE 802.11:System architecture , Protocol
architecture , Physical layer, Medium access control
layer, MAC management, 802.11a, 802.11b
4.0 4.3 Wi-Fi security : WEP ,WPA, Wireless LAN Threats , 08
Securing Wireless Networks
4.4 HiperLAN 1 & HiperLAN 2
4.5 Bluetooth: Introduction, User Scenario, Architecture,
protocol stack
 Chapter outcomes: On successful completion of chapter learner

should be able to,
2
 To apply the concepts of WLAN for local as well as remote
applications.
4.1 UNIT OVERVIEW
 Wireless Local Area Networks : Introduction
 Infrastructure WLAN
 Ad-hoc network WLAN
 Expected Question: Write Short note on Wireless 3
LAN?(5M)
WIRELESS LOCAL AREA NETWORKS
 It is also called Wireless LAN or LAWN (Local Area
Wireless Network).
 Using WLAN a mobile user can connect to a Local Area
Network (LAN) through a wireless connection.
 The IEEE 802.11 group of standards defines the technologies
for wireless LANs.
 It is a wireless distribution method for two or more devices
that use high-frequency radio waves and often include an
access point to the Internet.
 A WLAN allows users to move around the coverage area,
often a home or small office, while maintaining a network
connection.
 Wireless LANs provide high speed data communication in
small areas such as building or an office.
4
 It is used to save costs and avoid laying cable.
 It provides high-speed internet access to the public.
COMPONENTS OF WLANS
 Wireless LANs (WLANs) are wireless computer networks that use
high-frequency radio waves instead of cables for connecting the
devices within a limited area forming LAN.
 Users connected by wireless LANs can move around within this
limited area such as home, school, campus, office building, railway
platform, etc.
Fig. Components of WLANs

COMPONENTS OF WLANS
 The components of WLAN architecture are −
 Stations (STA) − Stations comprises of all devices and
equipment that are connected to the wireless LAN. Each station
has a wireless network interface controller. A station can be of
two types −
 Wireless Access Point (WAP or AP)
 Client
 Basic Service Set (BSS) − A basic service set is a group of
stations communicating at the physical layer level. BSS can be of
two categories −
 Infrastructure BSS
 Independent BSS
 Extended Service Set (ESS) − It is a set of all connected BSS.
 Distribution System (DS) − It connects access points in ESS. 6
TYPES OF WLANS
 WLANs, as standardized by IEEE 802.11, operates in two basic
modes, infrastructure, and ad hoc mode.
 Infrastructure Mode − Mobile devices or clients connect to an
access point (AP) that in turn connects via a bridge to the LAN or
Internet. The client transmits frames to other clients via the AP.
 Ad Hoc Mode − Clients transmit frames directly to each other in a
peer-to-peer fashion.
7
ADVANTAGES OF WLANS
 They provide clutter-free homes, offices and other networked
places.
 The LANs are scalable in nature, i.e. devices may be added or
removed from the network at greater ease than wired LANs.
 The system is portable within the network coverage. Access to
the network is not bounded by the length of the cables.
 Installation and setup are much easier than wired counterparts.
 The equipment and setup costs are reduced
8
DISADVANTAGES OF WLANS
 Since radio waves are used for communications, the signals are noisier
with more interference from nearby systems.
 Greater care is needed for encrypting information. Also, they are more
prone to errors. So, they require greater bandwidth than the wired
LANs.
 WLANs are slower than wired LANs.
9
4.1 UNIT OVERVIEW
 Wireless Local Area Networks : Introduction
 Infrastructure WLAN
 Ad-hoc network WLAN
 Expected Question: Write Short note on Wireless 10
LAN?(5M)
INFRASTRUCTURE WLAN
 Infrastructure mode is when the wireless network requires a
physical structure to support it. This essentially means there should
be a medium handling the network functions, creating an
infrastructure around which the network sustains.
 It performs these typical functions:
 Providing access to other networks
 Forwarding
 Medium access control
Fig. Architecture of Infrastructure WLAN 11

INFRASTRUCTURE WLAN
 In infrastructure-based wireless networks, the communication takes
place between the wireless nodes (i.e., endpoints in the network
such as your computer, your phone, etc.) and the access points (i.e.,
the router) only.
 There can be more than one access point on the same network
handling different wireless nodes.
 A typical example of an infrastructure network would be cellular
phone networks. They have to have a set infrastructure (i.e., network
towers) to function.
 When to use an infrastructure network:
 If you can easily add more access points to boost the range
 If you want to set up a more permanent network
 If you will need to bridge to other types of networks (e.g., you
can connect to a wired network if required)
12
AD-HOC NETWORK WLAN
 Ad-hoc wireless networks, on the other hand, do not require a set
infrastructure to work. In ad-hoc networks, each node can communicate
with other nodes, so no access point that provides access control is required.
 Whereas the routing in infrastructure networks is taken care of by the access
point, in ad-hoc networks the nodes in the network take care of routing.
 Routing is to find the best possible path between the source and destination
nodes to transfer data.
Fig. Architecture of Ad-hoc network WLAN 13

AD-HOC NETWORK WLAN
 All the individual nodes in an ad-hoc network maintain a routing
table, which contains the information about the other nodes. As the
nature of the ad-hoc network is dynamic, this results in ever-
changing router tables. One important thing to note is that an ad-
hoc network is asymmetric by nature, meaning the path of data
upload and download between two nodes in the network may be
different.
 A typical example of an ad-hoc network is connecting two or more
laptops (or other supported devices) to each other directly without
any central access point, either wirelessly or using a cable.
 When to use an ad-hoc network:
 If you want to quickly set up a peer-to-peer (P2P) network between

two devices
 When creating a quick temporary network
 If there is no network infrastructure set up in the area (ad-hoc is the

14
only network mode that can be used in areas like this)
COMPARISON OF AD-HOC NETWORK AND
INFRASTRUCTURE NETWORK
Parameters Infrastructure mode Ad-hoc mode
What is it? In infrastructure mode, the In ad-hoc mode, each node communicates
communication occurs only between the directly with other nodes, so no access point
wireless nodes and access points (AP) , control is needed.
but not directly between wireless nodes
External Access points acts as,a bridge to other Nodes in Ad-hoc can communicate if they are
Communication wireless/wired network within the same range.
Physical needs Physical infrastructure is needed No physical infrastructure is needed.
Complexity Designing is simple as most of the As no central co-ordination exists, we need to
network functionality lies within AP and use decentralized MAC protocols such as
client is just a simple machine. CSMA/CA, with all nodes having same
functionality. This shoots up the complexity and
cost.
When it can’t be It can’t be used in critical situations like It is not always fully connected as two mobile
used: disaster relief where no infrastructure is nodes may temporarily be out of range.
left.
Applications IEEE 802.11 & HIPERLAN2 are based Bluetooth is a typical ad-hoc network.
on infrastructure mode.
Channel Access Most infrastructure based WLAN uses Most Ad-hoc based WLAN uses contention
TDMA-based protocols MAC protocols (e.g. CSMA)
Topology Based on topology, one main advantage is Ad-hoc WLANs are easier to set-up and require
the ability of infrastructure WLANs to no infrastructure
provide wired network applications and 15
services
4.2 UNIT OVERVIEW
IEEE 802.11:System architecture
 Protocol architecture
 Physical layer
 Medium access control layer
 MAC management
 802.11a
 802.11b
16
 Expected Question: Write Short note on IEEE 802.11?(5M)
IEEE 802.11:SYSTEM
ARCHITECTURE
 IEEE is basically used for WLAN i.e wireless local area
network.
 It provides time bounded and asynchronous services for
different downloading and uploading speed with time limitation.
 This is the standard protocol used all over the world.
 802.11 comes under the most popular IEEE specification for

wireless LAN.
 It covers the physical and data link layers.
 802.x belongs to different families of IEEE protocol where x

denotes types of services.
 Different protocols used for different services are:
 802.11 is used for Wi-Fi. Standards for WLAN

 802.15 is used for bluetooth.
 802.16 is used for Wi-Max. 17
IEEE 802.11:SYSTEM
ARCHITECTURE
 IEEE 802.11 defines two types of services which are
1) Basic Service Set (BSS)
2) Extended Service Set (ESS)
18
IEEE 802.11:SYSTEM
ARCHITECTURE
 Basic Service Set (BSS):
 IEEE 802.11 has defined the BSS as the basic building block
of wireless LAN.
 A BSS is made of stationary or moving wireless stations and a
central base station called as the access point (AP).
 BSS can exist with and without AP. BSS without access point
cannot send data to another BSS.
 So, it is known as a stand alone network or ad hoc
architecture.
 In this type of architecture stations can form a network
without using AP.
19
IEEE 802.11:SYSTEM
ARCHITECTURE
 Extended Service Set (ESS):
20
IEEE 802.11:SYSTEM
ARCHITECTURE
 Extended Service Set (ESS):
 An extended service set consists of two or more BSSs with access points.
 The BSS in this system are connected to each other via a distribution
system which is generally a wired LAN.
 The distribution system connects the access points to each other. The
distribution system can be any type LAN such as Ethernet. thus ESS
contains two types of station:
 Mobile Stations
 Stationary of non-moving stations
 Out of these, the non-moving stations are the access points which are a part
of the wired LAN whereas the mobile stations are those contained in the
BSS. The BSSs are connected to each other to form a network called
infrastructure network. In such networks the station close to each other can
communicate taking help of access points.
 But if two stations are located in two different BSS wish to communicate
with each other, than they have to do do through access points. This type of
communication is very similar to that in the cellular communication. The 21
BSS acts as a cell and AP as base station.
IEEE 802.11:SYSTEM
ARCHITECTURE
 Types of Stations in ESS are as follow:
 There are three types of stations are defined by IEEE 802.11 depending
on their mobility in the wireless LAN as
1) No transition Mobility : It is defined as a station which is non-
moving (stationary) or moving only inside a BSS.
2) BSS Transition Mobility : A station having BSS transition
mobility is the one which can move from BSS to another but does not
move outside one ESS.
3) ESS transition Mobility : A station having ESS transition mobility
is the one which can move from one ESS to another. But IEEE 802.11
does not guarantee communication when the station is moving. 22
4.2 UNIT OVERVIEW
 IEEE 802.11:System architecture
 Physicallayer
 MAC management
 802.11a
 802.11b
23
 University Question: Explain protocol architecture of
802.11(10M)
IEEE 802.11: PROTOCOL ARCHITECTURE
 An IEEE 802.11 wireless LAN connected to a switched IEEE
802.3 Ethernet via a bridge shown in fig.
24
Fig. IEEE 802.11 wireless local area network (WLAN): protocol stack.
25
 The higher layers (application, TCP, IP) look the same for wireless
nodes as for wired nodes.
 The upper part of the data link control layer, the logical link control
(LLC), covers the differences of the medium access control layers
needed for the different media.
 The IEEE 802.11 standard only covers the physical layer
PHY and medium access layer MAC.
 The physical layer is subdivided into:
 physical layer convergence protocol (PLCP)
 the physical medium dependent sub layer (PMD)
 The basic tasks of the MAC layer comprise medium access,
fragmentation of user data, and encryption.
 The PLCP sub layer provides a carrier sense signal, called clear
channel assessment (CCA), and provides a common PHY service
access point (SAP) independent of the transmission technology. 26
 PMD sub layer handles modulation and encoding/decoding of
signals.
 The MAC management supports the association and re-
association of a station to an access point and roaming
between different access points.
 MAC management: supports the association and re-
association of a station to an access point and roaming
between Different access points.
 Controls authentication mechanisms, encryption
synchronization of a station.
 PHY management: Include channel tuning and PHY MIB
maintenance.
 Station management: Interacts with both management layers
and is responsible for additional higher layer functions. 27
4.2 UNIT OVERVIEW
 Physical layer
 MAC management
 802.11a
 802.11b
 University Question: Discuss the PHY frame format of an IEEE

28
802.11 using the spread spectrum technique, which separates by
code. (10M)
PHYSICAL LAYER
 The IEEE 802.11 standard provides three alternative physical
medium implementations:
1. Frequency hopping spread spectrum radio PHYsical layer
(FH-PHY)
2. Direct sequence spread spectrum radio PHYsical layer (DS-
PHY)
3. Infrared PHYsical layer (IR-PHY)
29
1. FREQUENCY HOPPING SPREAD SPECTRUM
RADIO PHYSICAL LAYER (FH-PHY)
Fig. IEEE 802.11 frequency hopping spread spectrum radio

physical layer (FH-PHY): PLCP (physical layer convergence 30
protocol) frame format.
 The frequency hopping spread spectrum radio physical layer
(FH-PHY) of IEEE 802.11 provides for either 1 Mbit/s, or
(optionally) for 2 Mbit/s operation.
 The 1 Mbit/s version uses 2-level Gaussian frequency shift
keying (GFSK) modulation and the 2 Mbit/s version uses 4-level
GFSK.
 The exact number and frequency of radio channels (i.e the
precise physical medium) which should be used depend upon
local government radio regulations and related radio technical
31
standards.
 The preamble part of the frame (which comes at the start of
each frame sent) is used to synchronize the radio transmission.
 During this period, radio receivers have to ‘notice’ that a signal
is being sent, adjust their radio frequency circuitry to the exact
frequency of the signal being sent by the transmitter and adjust
their signal automatic gain control (AGC) to ensure that the
signal is amplified appropriately. (Each received signal will
have a different strength, depending upon how far away the
remote transmitter is— but there is an optimum signal level
32
which should be sent to the detector circuitry.)
 The start of frame delimiter (SFD) for FH-PHY is always set
at the hexadecimal value ‘0CBD’.
 A process called CCA (clear channel assessment) (one of the
functions of the PLCP signalling field) performs the function
of collision detection on behalf of the MAC layer.
 CCA initiates frame reception and forces back-off of
transmission if the radio channel turn out to be busy. Since
radio transmission is very prone to errors (and in particular to
burst errors1), data is scrambled2 to reduce the problems of
errors caused by interference.
 A 16-bit cyclic redundancy check (CRC) code3 is used as a
header error check code for the PLCP (physical layer
convergence protocol) header (i.e. the fields PLW and PSF). 33
2. DIRECT SEQUENCE SPREAD SPECTRUM
RADIO PHYSICAL LAYER (DS-PHY)
Fig. IEEE 802.11 direct sequence spread spectrum radio physical

layer (DS-PHY): PLCP (physical layer convergence protocol)
frame format. 34
 Like the frequency hopping spread spectrum radio physical
layer (FH-PHY), the direct sequence (DS) spread spectrum
(DSSS) physical layer (DS-PHY) of IEEE 802.11 provides for
either 1 Mbit/s, or (optionally) for 2 Mbit/s operation in the
2.4 GHz (2400 MHz) ISM (industrial scientific medical) radio
band.
 But unlike FH-PHY, the 1 Mbit/s version of the DS-PHY uses
differential binary phase shift keying (DBPSK) modulation
and the 2 Mbit/s version uses differential quadrature phase
shift keying (DQPSK).
 The radio multiple access scheme used in DS-PHY is CDMA
(code division multiple access)— employing an 11 MHz chip
rate and an 11-chip Barker sequence. 35
 As with FH-PHY, the synchronization preamble sequence of DS-PHY
provides for a period during which the radio receiver can undertake signal
energy detection (within 15 microsecs), antenna selection, frequency
adjustment and signal gain settings.
 The various frames have the following meanings and codings:
• the start of frame delimiter (SFD) for DS-PHY is always set at the
hexadecimal value ‘F3A0’;
• the signal field indicates whether 1 Mbit/s DBPSK (signal = hexadecimal
value ‘0A’) or 2 Mbit/s DQPSK (signal = hexadecimal value ‘14’) is in use;
• the service field (when set to hexadecimal value ‘00’) indicates that the
implementation is IEEE 802.11;
• the length field indicates the length of the MPDU (MAC protocol data unit)
in number of bytes or octets;
• the PLCP header check provides for detection of bit errors in the signal,
service and length fields. A 16-bit cyclic redundancy check (CRC-16 ) code 36
is used and coded according to ITU-T.
3. INFRARED PHYSICAL LAYER (IR-
PHY)
The infrared PHY (IR-PHY) of IEEE 802.11 also provides for 1
Mbit/s transmission, with an option for 2 Mbit/s transmission.
The 1 Mbit/s version employs pulse position modulation with 16

positions (16-PPM )
The 2 Mbit/s version uses 4-PPM (4-position pulse position

modulation).
37
Fig. IEEE 802.11 Infrared PLCP Physical layer packet format
3. INFRARED PHYSICAL LAYER (IR-
PHY)
 Here the field DC level adjustment contains pattern which
enables the receiving station to set the DC level of the signal.
 The IR interface is the cheapest of all 802.11 physical interfaces.
 It does not need any frequency regulations.
 It is resistant to eavesdropping. But it has lower coverage.
 As Infrared light interferes with other resources like sunlight or
heat sources etc. such networks can only be used within
buildings, e.g. classrooms, meeting hall, conference hall etc.
 Frequency reuse is very simple. The same frequency can be used
38
in different classrooms.
4.2 UNIT OVERVIEW
 Physical layer

 MAC management
 802.11a
 802.11b
39
IEEE 802.11 MEDIUM ACCESS CONTROL LAYER
 MAC layer provides functionality for several tasks like control medium
access, can also offer support for roaming, authentication, and power
conservation.
 The basic services provided by MAC are the mandatory asynchronous
data service and an optional time-bounded service.
 Co-ordination Functions in 802.11 MAC Sublayer:
 IEEE 802.11 MAC Sublayer uses two co-ordination functions for

collision avoidance before transmission −
 Distributed Coordination Function (DCF) −
 It is a mandatory function used in CSMA/CA.
 It is used in distributed contention-based channel access.
 It is deployed in both Infrastructure BSS (basic service set) as well as
Independent BSS.
 Point Coordination Function (PCF) −
 It is an optional function used by 802.11 MAC Sublayer.
 It is used in centralized contention-free channel access. 40
 It is deployed in Infrastructure BSS only.
MAC FRAME FORMAT:
 The MAC layer frame consist of 9 fields. The following
figure shows the basic structure of an IEEE 802.11 MAC
data frame along with the content of the frame control
field.
41
MAC FRAME FORMAT:
 Frame Control(FC) (2B): It defines type of frame and some control information.
 Various fields present in FC are:
1. Version (2bit):It indicates the current protocol version which is fixed to be 0 for now.
2. Type(2bit): It determines the function of frame i.e management(00), control(01) or data(10). The value
11 is reserved.
3. Subtype (4bit): It indicates sub-type of the frame like 0000 for association request, 1000 for beacon.
4. To DS(1bit): It is set indicates that destination frame is for DS(distribution system).
5. From DS(1bit): It is when set indicates frame coming from DS.
6. More frag (More fragments)(1bit): It is 1 bit long field which when set to 1 means frame is followed
by other fragments.
7. Retry(1bit): It is 1 bit long field, if the current frame is a retransmission of an earlier frame, this bit is
set to 1.
8. Power Mgmt (Power management): It is 1 bit long field which indicates the mode of a station after
successful transmission of a frame. Set to 1 the field indicates that the station goes into power-save
mode. If the field is set to 0, the station stays active.
9. More data: It is 1 bit long field which is used to indicates a receiver that a sender has more data to send
than the current frame. This can be used by an access point to indicate to a station in power-save mode
that more packets are buffered or it can be used by a station to indicate to an access point after being
polled that more polling is necessary as the station has more data ready to transmit.
10. WEP: It is 1 bit long field which indicates that the standard security mechanism of 802.11 is applied. 42
11. Order: It is 1 bit long field, if this bit is set to 1 the received frames must be processed in strict order.
MAC FRAME FORMAT:
 Duration/ID : It is 4 bytes long field which contains the value
indicating the period of time in which the medium is occupied(in µs).
 Address 1 to 4 : These are 6 bytes long fields which contain standard
IEEE 802 MAC addresses (48 bit each). The meaning of each
address depends on the DS bits in the frame control field.
 SC (Sequence control) : It is 16 bits long field which consists of 2
sub-fields, i.e., Sequence number (12 bits) and Fragment number (4
bits). Since acknowledgement mechanism frames may be duplicated
hence, a sequence number is used to filter duplicate frames.
 Data : It is a variable length field which contain information specific
to individual frames which is transferred transparently from a sender
to the receiver(s).
 CRC (Cyclic redundancy check) : It is 4 bytes long field which
contains a 32 bit CRC error detection sequence to ensure error free
frame. 43
4.2 UNIT OVERVIEW
 Physical layer
 MAC management
 802.11a
 802.11b
44
SYNCHRONIZATION IN 802.11 MAC
MANAGEMENT LAYER
 Its main task is to keep all the nodes in a network synchronized (i.e
make their internal clocks have the same time)
 The various jobs done by this functional group includes finding a
wireless LAN, synchronization of internal clocks and generation of
beacon signals.
 Every node of an 802.11 network has an internal clock.
 To synchronize the clocks of all nodes, there is a timing synchronization

function (TSF)
 Inside a BSS (Base Station System) the timing is conveyed by the
(quasi)periodic transmission of a beacon frame. A beacon has a
timestamp along with other information meant to be used for power
management and roaming.
 A node is not required to pay heed to all the beacons it receives but has
the duty to keep its internal clock synchronized.
 Also the beacon is not transmitted in a periodic fashion (i.e. exactly at 45
equal intervals) as the medium may also be busy.
MANAGEMENT LAYER
 Its main task is to keep all the nodes in a network synchronized (i.e
make their internal clocks have the same time)
 The various jobs done by this functional group includes finding a
wireless LAN, synchronization of internal clocks and generation of
beacon signals.
 Every node of an 802.11 network has an internal clock.
 To synchronize the clocks of all nodes, there is a timing synchronization

function (TSF)
 Inside a BSS (Base Station System) the timing is conveyed by the
(quasi)periodic transmission of a beacon frame. A beacon has a
timestamp along with other information meant to be used for power
management and roaming.
 A node is not required to pay heed to all the beacons it receives but has
the duty to keep its internal clock synchronized.
 Also the beacon is not transmitted in a periodic fashion (i.e. exactly at 46
equal intervals) as the medium may also be busy.
MANAGEMENT LAYER
 For infrastructure based network:
 Here the access point performs the synchronization by
transmitting the (quasi)periodic beacon signal.
 The other wireless nodes in the network adjust their local time
to this timestamp signal.
47
MANAGEMENT LAYER
 For infrastructure based network:
 If the channel (i.e. medium) is busy, then the access point holds
or delays the beacon signal.
 However, the access point always tries to schedule transmissions
according to the expected beacon interval(i.e. there are fixed
intervals at which beacons have to be transmitted shown by the
vertical lines marked A,B,C,D,C)
 Note that only at point D in the figure, the beacon is transmitted
at correct instant. Elsewhere the beacon is delayed.
 Also, the beacon interval is not altered if the previous beacon
was delayed. (Compare C and D; beacon at C was delayed but
beacon at D was at time…).
 The beacon always transmits the real-transmit time, not the
48
scheduled time.
MANAGEMENT LAYER
 For ad-hoc based network:
 Here in ad-hoc mode there is no access node for beacon
transmission.
 Here each node maintains its own synchronization timer.
 After each beacon interval, each node starts transmission of
beacon signal.
 But this will result in confusion (as all nodes a sending beacon
signals together). Therefore the standard random back off
algorithm is applied.
 Because of this algorithm, only one beacon will win and its real
time time-stamp will be transmitted. The rest all nodes suppress
their beacon for the current cycle (i.e. the beacon interval) and
adjust their clocks to the transmitted signal. 49
POWER MANAGEMENT IN 802.11 MAC
LAYER
 Power saving techniques existing at the MAC layer consist primarily of
sleep scheduling protocols.
 The basic principle behind all sleep scheduling protocols is that lots of
power is wasted listening on the radio channel while there is nothing
there to receive.
 Sleep schedulers are used to duty cycle a radio between its on and off
power states in order to reduce the effects of this idle listening.
 They are used to wake up a radio whenever it expects to transmit or
receive packets and sleep otherwise.
 Other power saving techniques at this layer include battery aware MAC
protocols (BAMAC) in which the decision of who should send next is
based on the battery level of all surrounding nodes in the network.
 Battery level information is piggy-backed on each packet that is
transmitted, and individual nodes base their decisions for sending on
this information. 50
LAYER
Fig.: Synchronous sleep Fig.: Asynchronous sleep

scheduler scheduler 51
LAYER
 Sleep scheduling protocols can be broken up into two categories:
synchronous and asynchronous.
 Synchronous sleep scheduling policies rely on clock
synchronization between nodes all nodes in a network. As seen in
Fig., senders and receivers are aware of when each other should be
on and only send to one another during those time periods. They
go to sleep otherwise.
 Asynchronous sleep scheduling, on the other hand, does not rely
on any clock synchronization between nodes whatsoever. Nodes
can send and receive packets whenever they please, according to
the MAC protocol in use. Fig. 6 shows how two nodes running
asynchronous sleep schedulers are able to communicate.
52
LAYER
 Nodes wake up and go to sleep periodically in the same way they do for
synchronous sleep scheduling.
 Since there is no time synchronization, however, there must be a way to
ensure that receiving nodes are awake to hear the transmissions coming in
from other nodes.
 Normally preamble bytes are sent by a packet in order to synchronize the
starting point of the incoming data stream between the transmitter and
receiver.
 With asynchronous sleep scheduling, a significant number of extra preamble
bytes are sent per packet in order to guarantee that a receiver has the chance
to synchronize to it at some point.
 In the worst case, a packet will begin transmitting just as its receiver goes to
sleep, and preamble bytes will have to be sent for a time equal to the
receiver's sleep interval (plus a little more to allow for proper
synchronization once it wakes up).
 Once the receiver wakes up, it synchronizes to these preamble bytes and 53
remains on until it receives the packet.
4.2 UNIT OVERVIEW
 Physical layer
 MAC management
 802.11a
 802.11b
54
802.11A
 802.11a, published in 1999, uses the same data link layer protocol
and frame format as the original standard, but an OFDM based air
interface (physical layer) was added.
 It was later relabeled Wi-Fi 1, by the Wi-Fi Alliance, relative to
Wi-Fi 2 (802.11b)
 It operates in the 5 GHz band with a maximum net data rate of
54 Mbit/s, plus error correction code, which yields realistic net
achievable throughput in the mid-20 Mbit/s.
 It has seen widespread worldwide implementation, particularly
within the corporate workspace.
 The disadvantage is the effective overall range of 802.11a is less
than that of 802.11b/g.
 In theory, 802.11a signals are absorbed more readily by walls and
other solid objects in their path due to their smaller wavelength, and,
as a result, cannot penetrate as far as those of 802.11b.
55
 802.11a also suffers from interference, but locally there may be
fewer signals to interfere with, resulting in less interference and
better throughput.
4.2 UNIT OVERVIEW
 Physical layer
 MAC management
 802.11a
 802.11b
56
802.11B
 The 802.11b standard has a maximum raw data rate of 11 Mbit/s (Megabits
per second) and uses the same media access method defined in the original
standard.
 802.11b products appeared on the market in early 2000, since 802.11b is a
direct extension of the modulation technique defined in the original standard.
 High throughput and less price led to the rapid acceptance of 802.11b as the
definitive wireless LAN technology.
 Devices using 802.11b experience interference from other products operating
in the 2.4 GHz band.
 Devices operating in the 2.4 GHz range include microwave ovens, Bluetooth
devices, baby monitors, cordless telephones, and some amateur radio
equipment. 57
COMPARISON OF IEEE 802.11X STANDARDS
IEEE 802.11 IEEE 802.11a IEEE 802.11b IEEE 802.11g IEEE 802.11n
Applications WLAN WLAN WLAN
Frequency 2.4 GHz 2.4 GHz 5 GHz 2.4 2.4, 5 GHz

band
Max. Data 2 Mbps 54 Mbps 11 Mbps 54 Mbps 600 Mbps
Rate
Approval 1997 July 1999 July 1999 June 2003 August 2006
date
Modulation DSSS , FHSS OFDM DSSS or CCK DSSS or CCK DSSS or CCK
or OFDM or OFDM
Channel 20 MHz 20 MHz 20 MHz 20 MHz 20 MHz or 40
width MHz
Typical range 66 feet 75 feet 100 feet 150 feet 150 feet
Antenna 1x1 SISO 1x1 SISO 1x1 SISO 1x1 4x4 MIMO
configuration SISO(Single (Multiple
Input-Single Input-Multiple
58
Output) Output)
4.3 UNIT OVERVIEW
 Wi-Fi security : WEP
 WPA
 Wireless LAN Threats

 Securing Wireless Networks
59
 University Question:?Write short note on WEP?(5M)
WI-FI SECURITY : WEP
 Wired Equivalent Privacy (WEP) is a security standard for
wireless networks or WiFi.
 It was a part of the original IEEE 802.11 protocol.
 As wireless networks transmit data over radio waves,
eavesdropping on wireless data transmissions is relatively
easier than in wired networks connected by cables.
 WEP aims to provide the same level of security and
confidentiality in wireless networks as in wired counterparts.
 WEP was introduced as a part of IEEE 802.11 standard in
1997.
 It was available for 802.11a and 802.11b devices.
 WEP uses encryption of data to make it unrecognizable to
eavesdroppers.
 It uses RC4, a stream cipher, for encryption and CRC-32 60
checksum for confidentiality and integrity
 The two widely used standards were WEP-40 and WEP-104.
 In WEP-40, a 40 bit WEP key is concatenated with a 24 bit
initialization vector, to generate a 64 bit RC4 key.
 In WEP-104, a 104 bit WEP key is concatenated with the 24
bit initialization vector, to generate a 128 bit RC4 key.
 WEP operates at the data link and physical layer.
 It incorporates two authentication methods:
 Open System authentication
 Shared Key authentication
 In 2001 – 2003, major security flaws were identified with
WEP that proved that the data transmitted was susceptible to
malicious changes of the wireless network.
 In 2004, with the approval of Wireless Protocol Access 2
(WPA2), IEEE scraped down both WEP-40 and WEP-104 61
standards.
 WEP is having two main parts:
1) WEP Authentication
2) WEP Encryption
 Generally WEP encryption works between wireless AP and wireless
station. At first the wireless station and Access Point shares their
secret key which we commonly called as passphrase.
62
1)As a first step a wireless client sends an authentication request to the
access point. In this step no data encryption takes place.
2) Then the Access Point responds with an authentication response message

consist of challenge text.
3) Now the client uses its secret WEP key to encrypt the challenge text and
sends it to the access point.
4) If the access point successfully decrypt the encrypted challenge and

retrieve the original challenge text then it comes to know that the client is
also using the same secret key. So responds with an Confirmation success
message.
63
5) Finally data transfer takes place.
2) WEP Encryption
 The encryption process used by WEP is Rivest
Cipher 4 (RC4). There is also a Integrity algorithm CRC-32 is
used on the plaintext to create the Integrity Check Value (ICV)
used to protect from tampering or unauthorized data
modification.
64
2) WEP Encryption
 WEP uses RC4 encryption which is a symmetric stream cipher
to provide confidentiality.
 The 40-bit secret key is connected with a 24-bit Initialization
Vector(IV) resulting in a total 64-bit key(seed)
 The resulting key (seed) is the input for the Pseudo Random
Number Generator (PRNG).
 The PRNG (RC4) outputs a pseudo random key sequence based
on the input key.
 The resulting sequence is used to encrypt the data by doing a
bitwise XOR.
 The result is encrypted bytes equal in length to the number of
data bytes that are to be transmitted in the expanded data plus
four bytes. This is because the key sequence is used to protect 65
the 32-bit Integrity Check Value(ICV) as well as the data.
2) WEP Decryption
66
2) WEP Decryption
 The incoming message has three parts: Ciphertext, IV and ICV.
 The IV of incoming message is used to generate the key sequence
to decrypt the incoming message.
 Combining the Ciphertext with the proper key sequence will give
the original plaintext and ICV.
 The decryption is verified by performing integrity check algorithm
on the recovered plain text and comparing the output of the ICV’
(Calculated ICV) to the ICV submitted with the message.
 If ICV’ is not same as ICV, the received message is in error. 67
WEP VULNERABILITIES
1. The IV is too small and in clear text: Initial vector used in
WEP is 24-bit field sent in the clear text portion of message is
relatively very small field when used for cryptographic purpose.
2. The IV is static: The reuse of IV may produce identical key
streams and they may repeat after relatively short time.
3. The IV makes key stream vulnerable: The IEEE 802.11
standard does not specify the change the IV so hackers can record
network traffic and determine key stream and use it to decrypt
the cipher text.
4. WEP provides no cryptographic integrity check: The
combination of non-cryptographic checksums with stream
ciphers is dangerous and often introduces vulnerabilities.
5. WEP uses Stream Cipher: The loss of a single bit of a data
stream causes the loss of all data following the lost bit which is
not suitable to wireless medium where packet loss is widespread. 68
4.3 UNIT OVERVIEW
 WPA
69
 Expected Question:?Write short note on WPA?(5M)
WPA WI-FI PROTECTED ACCESS
 The Wi-Fi Alliance intended WPA as an intermediate measure
to take the place of WEP pending the availability of the
full IEEE 802.11i standard.
 WPA could be implemented through firmware upgrades
on wireless network interface cards designed for WEP that
began shipping as far back as 1999.
 The WPA protocol implements the
Temporal Key Integrity Protocol (TKIP).
 TKIP employs a per-packet key, meaning that it dynamically
generates a new 128-bit key for each packet and thus prevents
the types of attacks that compromised WEP.
 WPA also includes a Message Integrity Check, which is
designed to prevent an attacker from altering and resending
data packets. 70
 It uses RC4 stream cipher with 128 bit key and a 48 bit IV.
The longer key and IV together defeat the key recovery
attacks on WEP.
 Along with authentication and encryption, WPA also provides
vastly improved payload integrity.
 WPA uses Michael, which is Message Integrity Check(MIC),
to the checksum being corrupted issue.
 WPA uses a 32 bit Integrity Check Value(ICV) which is
inserted after payload and before IV.
 The MIC includes a frame counter, which helps to prevent
replay attacks.
71
 WPA Modes:
 WPA supports two modes of operation,
1. Pre-Shared Key Mode or Personal Mode
This mode is used for personal use. The preshared mode
does not require authentication server. It utilizes a shared key
that is communicated to both sides(AP and client) before
establishing a wireless connection; this key is then used to
secure the traffic.
2. Enterprise Mode
Enterprise mode requires an authentication server. It uses
more stringent 802.11x authentication with the Extensible
Authentication Protocol(EAP). It uses RADIUS protocols for
authentication and key distribution. In this mode, the user
credentials are managed centrally. 72
4.3 UNIT OVERVIEW
 WPA

 Expected Question:? Explain threats in wireless 73

LAN?(10M)
WIRELESS LAN THREATS
 The risk of attacks occurring on wireless LANs is high.
 The main reason is that the nature of a wireless network is to
provide easy access to end users, but this ease of access
creates a more open attack surface.
 Unlike a wired network that requires an attacker to physically
access part of the network, a wireless network only requires
that the attacker be in close proximity (and even this is
relative). Also, there is a general lack of knowledge and
awareness of wireless networks.
74
 The 7 most common wireless network threats are:
 Configuration Problems: Misconfigurations, incomplete
configurations.
 Denial of Service: Sending large amounts of traffic (or viruses)
over the network with the intent of hijacking resources or
introducing backdoors.
 Passive Capturing: Eavesdropping within range of an access point
to capture sensitive information.
 Rogue (or Unauthorized/Ad-Hoc) Access Points: Fool devices
into connecting with a false access point.
 Evil Twin Attacks: Impersonating legit access points with a
stronger signal to entice authorized users to sign on.
 Hacking of Lost or Stolen Wireless Devices: Bypassing the
password to gain access.
 Freeloading: Piggybacking on a connection or intercepting file
75
sharing.
 Configuration Problems:
 Simple configuration problems are often the cause of many
vulnerabilities because many consumer/SOHO-grade access points
ship with no security configuration at all. Other potential issues with
configuration include weak passphrases, feeble security deployments,
and default SSID usage.
 A novice user can quickly set up one of these devices and gain access,
or open up a network to external use without further configuration.
These acts allow attackers to steal an SSID and connect without
anyone being the wiser.
 To mitigate the risk, use a centrally managed WLAN that features
76
periodic audits and coordinated updates.
 Denial of Service:
 This can be done by placing viruses or worm programs on your network,
or by simply sending a large amount of traffic at a specific target with the
intent of causing a slowdown or shutdown of wireless services. This
allows attackers to hijack resources, view unauthorized information
disclosures, and introduce backdoors into the system.
 For wireless networks it can be much easier, as the signal can be interfered
with through a number of different techniques. When a wireless LAN is
using the 2.4 GHz band, interference can be caused by something as
simple as a microwave oven or a competing access point on the same
channel. Because the 2.4 GHz band is limited to only three non-
overlapping channels (in the U.S.), an attacker just needs to cause enough
interference into these to cause service interruption.
 A denial of service attack can also be used in conjunction with a rogue
access point. For example, one could be set up in a channel not used by the
legitimate access point. Then a denial of service attack could be launched
at the channel currently being used, causing endpoint devices to try and re-
77
associate onto a different channel that is used by the rogue access point.
 Passive Capturing:
 Passive capturing (or eavesdropping) is performed simply by getting
within range of a target wireless LAN, then ‘listening to’ and capturing
data which can be used for breaking existing security settings and
analyzing non-secured traffic. Such information that can be “heard”
include SSIDs, packet exchanges, and files (including confidential ones).
 Consider the following scenarios that make passive capturing possible:
 Your office building has multiple tenants, including immediately above

or below you on different floors.
 You have a lobby just outside your office.
 Your parking lot is close to the building.
 There is a street that passes nearby.
 There are adjacent buildings.
 There are also some go-arounds when an attacker can’t be within normal
broadcast range, such as using a big antenna or a wireless repeater device
to extend range by miles. An attacker can even use a packet sniffer
application that captures all the outgoing packets, grabs and analyzes 78
them, then reveals its data payload.
 Rogue (or Unauthorized/Ad-Hoc) Access Points:
 The method of setting up a rogue access point within the range of an existing
wireless LAN to ‘fool’ some of the authorized devices in the area to associate
with the false access point, rather than the legitimate one.
 This type of attack requires some amount of physical access because if a user
associates with a rogue access point, then is unable to perform any of their
normal duties, the vulnerability will be short-lived and not that effective.
However, if an attacker is able to gain access to a physical port on a company
network and then hook the access point into this port, it’s possible to get
devices to associate and capture data from them for an extended period of
time.
 The exception to this barrier is when the wireless LAN being targeted only
provides internet access. A rogue access point can also offer simple internet
access and leave the user unaware of their vulnerability for an extended
amount of time.
 Part of the same idea of rogue access points is unauthorized, non-malicious
access points and ad-hoc networks. In these situations, a legitimate user sets up
an access point or ad-hoc network for their own use, but does not implement 79
proper security techniques. This provides an opening for watching attackers.
 Evil Twin Attacks:
 An attacker can gather enough information about a wireless access
point to impersonate it with their own, stronger broadcast signal. This
fools unsuspecting users into connecting with the evil twin signal and
allows data to be read or sent over the internet.
 Server authentication and penetration testing are the only tools that
will aid in ending evil twin attacks.
 Hacking of Lost or Stolen Wireless Devices:

 Often ignored because it seems so innocent, but if an employee loses
a smartphone, laptop, etc., that is authorized to be connected to your
network, it's very easy for the finder or thief to gain full access. All
that’s necessary is to get past the password, which is quite simple to
do.
 Make it a policy and practice to have employees immediately report a
misplaced or stolen device so that it can be remotely locked, given a 80
password change, or wiped clean.
 Freeloading:
 Sometimes unauthorized users will piggyback on your wireless
network to gain free access. Usually this is not done maliciously,
but there are still security ramifications.
 Your internet service may slow down.
 Illegal content or spam can be downloaded via your mail server.
 “Innocent” snooping may take place.
 Additionally, employees sharing files with unrecognized networks,
or giving permission for a friend or family member to use their
login credentials for computer access, both seriously disrupt
81
security measures.
4.3 UNIT OVERVIEW
 WPA

82
 University Question:?(5M)
SECURING WIRELESS NETWORKS
 Taking a few precautions in the configuration and use of your
devices can help prevent from wireless network attacks,
1. Change default passwords.
2. Restrict access.
3. Encrypt the data on your network.
4. Protect your Service Set Identifier (SSID).
5. Install a firewall.
6. Maintain antivirus software.
7. Use file sharing with caution.
8. Keep your access point software patched and up to date.
9. Check your internet provider’s or router manufacturer’s

wireless security options.
10. Connect using a Virtual Private Network (VPN). 83
 Change default passwords. Most network devices, including
wireless access points, are pre-configured with default administrator
passwords to simplify setup. These default passwords are easily
available to obtain online, and so provide only marginal protection.
Changing default passwords makes it harder for attackers to access a
device. Use and periodic changing of complex passwords is your
first line of defense in protecting your device.
 Restrict access. Only allow authorized users to access your
network. Each piece of hardware connected to a network has a media
access control (MAC) address. You can restrict access to your
network by filtering these MAC addresses. Consult your user
documentation for specific information about enabling these features.
You can also utilize the “guest” account, which is a widely used
feature on many wireless routers. This feature allows you to grant
wireless access to guests on a separate wireless channel with a
separate password, while maintaining the privacy of your primary 84
credentials.
 Encrypt the data on your network. Encrypting your wireless data
prevents anyone who might be able to access your network from
viewing it. There are several encryption protocols available to
provide this protection. Wi-Fi Protected Access (WPA), WPA2, and
WPA3 encrypt information being transmitted between wireless
routers and wireless devices. WPA3 is currently the strongest
encryption. WPA and WPA2 are still available; however, it is
advisable to use equipment that specifically supports WPA3, as
using the other protocols could leave your network open to
exploitation.
 Protect your Service Set Identifier (SSID). To prevent outsiders
from easily accessing your network, avoid publicizing your SSID.
All Wi-Fi routers allow users to protect their device’s SSID, which
makes it more difficult for attackers to find a network. At the very
least, change your SSID to something unique. Leaving it as the
manufacturer’s default could allow a potential attacker to identify 85
the type of router and possibly exploit any known vulnerabilities.
 Install a firewall. Consider installing a firewall directly on your
wireless devices (a host-based firewall), as well as on your home
network (a router- or modem-based firewall). Attackers who can
directly tap into your wireless network may be able to circumvent
your network firewall—a host-based firewall will add a layer of
protection to the data on your computer.
 Maintain antivirus software. Install antivirus software and keep
your virus definitions up to date. Many antivirus programs also have
additional features that detect or protect against spyware and adware
 Use file sharing with caution. File sharing between devices should
be disabled when not needed. You should always choose to only
allow file sharing over home or work networks, never on public
networks. You may want to consider creating a dedicated directory
for file sharing and restrict access to all other directories. In
addition, you should password protect anything you share. Never 86
open an entire hard drive for file sharing.
 Keep your access point software patched and up to date. The
manufacturer of your wireless access point will periodically release
updates to and patches for a device’s software and firmware. Be sure
to check the manufacturer’s website regularly for any updates or
patches for your device.
 Check your internet provider’s or router manufacturer’s
wireless security options. Your internet service provider and router
manufacturer may provide information or resources to assist in
securing your wireless network. Check the customer support area of
their websites for specific suggestions or instructions.
 Connect using a Virtual Private Network (VPN). Many
companies and organizations have a VPN. VPNs allow employees to
connect securely to their network when away from the office. VPNs
encrypt connections at the sending and receiving ends and keep out
traffic that is not properly encrypted. If a VPN is available to you, 87
make sure you log onto it any time you need to use a public wireless
access point.
4.4 UNIT OVERVIEW
 HiperLAN 1
 HiperLAN 2
 University Question:?Write short note on HIPERLAN?

(5M)/Explain HIPERLAN-1 MAC layer?(10M)/ Explain 88
HIPERLAN-1 physical layer?(10M)
HIPERLAN1
 HIPERLAN-1 operates in the dedicated bandwidth 5.15 to 5.3
GHz divided into 5 fixed channels.
 It supports data rate up to 23.5 Mbps with coverage of 50m.
 HIPERLAN-1 terminals can move at the maximum speed of 1.4
m/s.
 It supports both infrastructure based and ad-hoc networks.
 It supports packet oriented structure and uses a variant of
CSMA/CA protocol.
 It supports asynchronous as well as isochronous traffic.
 The protocol includes optional pre-session encryption and power 89
saving mechanism.
HIPERLAN1
 HIPERLAN-1 reference layer model
90
HIPERLAN1
 The MAC layer receives MAC service data units(MSDU) form the
higher layers through MAC service access point.
 It processes MSDU and generates HMPDU (HIPERLAN MAC Protocol
Data Unit)
 This HMPDU then enters HIPERLAN CAC layer through a
HIPERLAN-CAC service access point(HCSAP).
 The Channel Access Control(CAC) sub layer determines which nodes
are allowed to transmit and specifies the access priorities.
 This layer offers a connection less service to the MAC sub layer.
 CAC protocol processes the HMPDU and produce
HCPDU(HIPERLAN-CAC Protocol Data Unit) which finally constitute 91
a payload of a physical data burst.

HIPERLAN1
 The HIPERLAN communication model is shown in figure,
92
HIPERLAN1
 The HIPERLAN MAC service:
- is based on, and therefore is compatible with, the ISO MAC
service definition;
- defines the communication service over a single HIPERLAN;
- allows the timing requirements of the MSDU transfer to be
specified; and
- allows exploration of available HIPERLANs for dynamic
HIPERLAN access.
 The HIPERLAN CAC service:
- defines the communication service over a single shared
communication channel;
- allows the channel access priority requirements of the
HCSDU transfer to be specified; and
- frees the HCS-user from the concerns of the characteristics 93
peculiar to any particular communication channel
HIPERLAN1
 The HIPERLAN MAC protocol:
- provides the HIPERLAN MAC service;
- specifies the behavior of a HM-entity in a given HIPERLAN;
- is compatible with the ISO MAC bridges specification in ISO/IEC.
- uses the HIPERLAN CAC service.
 The HIPERLAN CAC protocol:
- provides the HIPERLAN CAC service;
- specifies, for a particular set of one or more shared radio channels, the
appropriate hierarchically independent channel access mechanism used by a HC-
entity in a given HIPERLAN;
- uses the transmission and reception facilities specified by the HIPERLAN
physical layer.
 The HIPERLAN physical protocol:
- provides the transmission and reception facilities to the HIPERLAN CAC
sublayer.
- specifies, for a particular set of one or more shared radio channels, the
techniques of transmission, reception, and channel assessment in a given channel.
94
HIPERLAN-1 MAC SUBLAYER
 MAC sublayer functions are,
1. MAC address mapping
- The standard defines internal address structure.
- The address of a HIPERLAN terminal contains two parts. The first
part defines the network name and the second part determines the station.
2. Security
- To ensure communication security, The Encryption/Decryption
algorithms are used.
- The algorithm requires an identification key and a common
initialization vector for data encryption and decryption.
- The pseudorandom generator accepts the identification key and
the initial vector and generates a sequence.
- The modulo-2 addition is performed on the sequence of user data
and the sequence generated by the pseudorandom generator.
95
- Initialization vectors and identification keys can be frequently
changed in order to achieve high security.
HIPERLAN-1 MAC SUBLAYER
 MAC sublayer functions are,
3. Addressing of MAC service access point(MSAP)
- MSAP are addressed using 48 bit LAN-MAC address which are
compatible to IEEE 802.x LANs.
4. Data forwarding
- The appealing feature of HIPERLAN/1 is ability to forward data
packets using several relays. Relays can extend the communication on
the MAC layer beyond the radio range.
- The forwarding can be of two types, point to point(unicast) or
point to multipoint(multicast/broadcast).
- Each relays station maintains a routing table and a list of
multipoint relays.
5. Power Saving
- Switch off terminals whenever they are not in use in sleep mode
when they don’t have data to send. 96
HIPERLAN-1 CAC SUBLAYER
 Channel Access Control (CAC)
o assure that terminal does not access forbidden channels
o priority scheme, access with EY-NPMA
  Priorities
o 5 priority levels for QoS support
o QoS is mapped onto a priority level with the help of the packet
lifetime (set by an application)
 if packet lifetime = 0 it makes no sense to forward the packet to
the receiver any longer
 standard start value 500ms, maximum 16000ms
 if a terminal cannot send the packet due to its current priority,
waiting time is permanently subtracted from lifetime
 based on packet lifetime, waiting time in a sender and number of
hops to the receiver, the packet is assigned to one out of five
priorities 97
 the priority of waiting packets, therefore, rises automatically
 HIPERLAN-1 EY-NPMA
 EY-NPMA (Elimination Yield Non-preemptive Priority Multiple
Access)
 3 phases: priority resolution, contention resolution, transmission
 finding the highest priority
o every priority corresponds to a time-slot to send in the first
phase
o higher priorities can not be preempted
o if an earlier time-slot for a higher priority remains empty,
stations with the next lower priority might send
o after this first phase the highest current priority has been
determined
98
Fig. Phases of the HIPERLAN 1 EY-NPMA access scheme
99
 EY-NPMA divides the medium access of different competing
nodes into three phases:
 Prioritization: Determine the highest priority of a data packet
ready to be sent by competing nodes.
 Contention: Eliminate all but one of the contenders
 Transmission: Finally, transmit the packet of the remaining
node.
100
 Prioritization:
 offers five different priorities for data packets ready to be sent
 objective of the prioritization phase is to make sure that no
node with a lower priority gains access to the medium while
packets with higher priority are waiting at other nodes
 priority detection, time is divided into five slots, slot 0 (highest
priority) to slot 4 (lowest priority).
 Each slot has a duration of IPS = 168 high rate bit-periods.
 If a node has the access priority p, it has to listen into the
medium for p slots (priority detection).
 If the node senses the medium is idle for the whole period of p
slots, the node asserts the priority by immediately transmitting a
burst for the duration IPA = 168 high rate bit-periods (priority
101
assertion).
 Contention:
 The elimination phase now resolves contention by means of
 elimination bursting
 elimination survival verification.
 Each contending node sends an elimination burst with length

n as determined via the probabilities and then listens to the
channel during the survival verification interval I = 256 high
rate bit periods.
 The burst sent is the same as for the priority assertion.
 A contending node survives this elimination phase if, and
only if, it senses the channel is idle during its survival
verification period.
 One or more nodes will survive this elimination phase, and 102
can then continue with the next phase

 Transmission:
A node that has survived the prioritization and contention
phase can now send its data, called a Low BitRate High Bit-
Rate HIPERLAN 1 CAC Protocol Data Unit (LBR-HBR
HCPDU).
 In case of a unicast transmission, the sender expects to
receive an immediate acknowledgement from the
destination, called an acknowledgement HCPDU (AK-
HCPDU), which is an LBR HCPDU containing only an LBR
part
103
HIPERLAN-1 PHYSICAL LAYER
 The function of HIPERLAN/1 physical layer are as follows:
a. Modulation and Demodulation.
b. Bit and frame synchronization.
c. Forward error correction mechanisms.
d. Channel sensing.
 HIPERLAN/1 provide 3 mandatory and 2 optional channels.
 Mandatory channels
a. Channel 0 : 5.18Ghz
b. Channel 1 : 5.20GHz
c. Channel 2 : 5.22GHz
 Optional Channels
a. Channel 3 :5.25GHz
b. Channel 4 :5.25GHz 104
 Hiperlan/1 uses Non Differential Gaussian Minimum Shift
Keying(GMSK)
 It uses Decision Feedback Equalizer (DFE) to remove inter
symbol interference.
 To minimize the error at physical layer, it uses BCH error
correcting codes.
 This code is able to correct a single error and detect two random
errors.
105
Figure. HIPERLAN/1 Data Packet format used at physical

layer.
106
4.4 UNIT OVERVIEW
 HiperLAN 1
 HiperLAN 2
 University Question:?Write short note on HIPERLAN?

(5M)/Explain HIPERLAN-1 MAC layer?(10M)/ Explain 107
HIPERLAN-1 physical layer?(10M)
HIPERLAN 2
 Features:
 Operates at 5 GHz frequency band.
 Provides Connection-oriented service.
 High speed transmission up to 54 Mbit/s
 Quality-of-Service(QoS) support
 Automatic frequency allocation
 Security support
 Mobility support
 Network and application independent
 Power saving
108
HIPERLAN 2
 High-throughput transmission: Using OFDM in the physical layer and a
dynamic TDMA/TDD-based MAC protocol, HiperLAN2 not only offers up to
54 Mbit/s at the physical layer but also about 35 Mbit/s at the network layer.
 Connection-oriented: Prior to data transmission HiperLAN2 networks
establish logical connections between a sender and a receiver
 Quality of service support: support of QoS is much simpler. Each connection
has its own set of QoS parameters (bandwidth, delay, jitter, bit error rate etc.).
 Dynamic frequency selection: HiperLAN2 does not require frequency
 Security support: Authentication as well as encryption are supported by

HiperLAN2.
 Mobility support: Mobile terminals can move around while
transmission always takes place between the terminal and the access point with
the best radio signal.
 Application and network independence: HiperLAN2 was not designed with a
certain group of applications or networks in mind. Access points can connect to
LANs running ethernet as well as IEEE 1394 (Firewire) systems used to connect
home audio/video devices.
 Power saves: Mobile terminals can negotiate certain wake-up patterns to save 109
power.
HIPERLAN 2
 REFERENCE MODEL AND CONFIGURATIONS
110
HIPERLAN 2
 The Figure shows the standard architecture of an infrastructure-
based HiperLAN2 network.
 Here, two access points (AP) are attached to a core network.
Core networks might be Ethernet LANs, Firewire (IEEE 1394)
connections between audio and video equipment, ATM
networks, UMTS 3G cellular phone networks etc.
 Each AP consists of an access point controller (APC) and one
or more access point transceivers (APT).
 An APT can comprise one or more sectors (shown as cell here).
 Finally, four mobile terminals (MT) are also shown. MTs can
move around in the cell area as shown.
 No frequency planning is necessary as the APs automatically
select the appropriate frequency via dynamic frequency 111
selection.
HIPERLAN 2
 Three handover situations may occur:
Sector handover (Inter sector):

 If sector antennas are used for an AP, which is optional in

the standard, the AP shall support sector handover.
 This type of handover is handled inside the DLC layer
 Radio handover (Inter-APT/Intra-AP):
 As this handover type, too, is handled within the AP, no
external interaction is needed.
 Network handover (Inter-AP/Intra-network):
 This is the most complex situation: MT2 moves from one
AP to another.
112
HIPERLAN 2
 HiperLAN2 networks can operate in two different modes
(which may be used simultaneously in the same network).
 Centralized mode (CM): In infrastructure-based mode all
APs are connected to a core network and MTs are associated
with APs.
 Direct mode (DM): The optional ad-hoc mode of HiperLAN2
directly exchanged between MTs if they can receive each
other, but the network still controlled.
113
HIPERLAN-2 PROTOCOL STACK
114
The above figure shows the HiperLAN2 protocol stack as used
in access points. Protocol stacks in mobile terminals differ with
respect to the number of MAC and RLC instances (only one of
each).
The lowest layer, the physical layer, handles as usual all
functions related to modulation, forward error correction,
signal detection, synchronization etc.
The data link control (DLC) layer contains the MAC
functions, the RLC sub layer and error control functions.
The MAC of an AP assigns each MT a certain capacity to
guarantee connection quality depending on available resources.
Above the MAC DLC is divided into a control and a user part.
The user part contains error control mechanisms. HiperLAN2
offers reliable data transmission using acknowledgements and
115
retransmissions.
 The radio link control (RLC) sub layer comprises most
control functions in the DLC layer (the CC part of an AP).
 The association control function (ACF) controls association
and authentication of new MTs as well as synchronization of
the radio cell via beacons.
 The DLC user connection control (DCC or DUCC) service
controls connection setup, modification, and release.
 Finally, the radio resource control (RRC) handles handover
between APs and within an AP.
 On top of the DLC layer there is the convergence layer.
 This highest layer of HiperLAN2 standardization may
comprise segmentation and reassembly functions and
adaptations to fixed LANs, 3G networks etc.
116
 Physical layer performs following functions,
1. Modulation(OFDM)
2. Forward Error Check
3. Signal Detection
4. Synchronization
117
Fig. HIPERLAN-2 Physical layer reference configuration

 The reference configuration consists of
 Data scrambling: User data is exor-ed with the output of a 7-bit Linear Feedback
shift register LSFR with polynomial X7 + x4 + 1 is used to randomize the data. The
sequence length is 127.
 FEC error coding: Convolutional encoding with puncturing. The length of the
encoder is 6. The generator polynomials are 133 (oct) and 171 (oct) for two outputs
per input symbol. Pucturing is used for code rates other than 1/2, namely 3/4 and 9/16.
 Interleaving: Encoded bits are interleaved to mitigate the frequency selective fading.
The result is interleaved bits.
 Mapping bits to QAM: BPSK, QPSK, 16 or 64 QAM are used.
 OFDM: 64 subcarriers. sampling rate is 1/T = 20 MHz. The useful symbol duration is
64T or 3.2 microsecond. The prefix has a duration of 16T. Optionally, a prefix of
8T can be used. So the total frame (OFDM symbol) duration is 80T (4 microsec) or
72T. 48 subcarriers carry data. 4 subcarriers are used as pilots to estimate the channel.
Hence only 52 of the 64 subcarriers are actually in use, the others contain no signal. In
the specification these are numbered -26, -25, ..., 26. Subcarriers used for pilots are -
21, -7, 7, and 21. No signal is transmitted at subcarrier 0 (DC).
The subcarrier spacing equals 312.5 kHz.
 PHY burst transmission: Different burst formats for up and downlink 118
 Radio transmission: Shifts the baseband signal into a carrier frequency
HIPERLAN-2 DATA LINK CONTROL LAYER
 DLC layer is situated on top of the physical layer.
 It contains following sub functions:
1. MAC function
2. Error Control(EC)
3. RLC sub layer which is divided into RLC, RRC, ACF and DCC.
 DLC provides for a logical link between MT and AP over the
OFDM physical layer.
 DLC is divided into three parts: MAC, Control plane and User
plane.
 User plane contains Error Control Mechanism(EC).
 Control plane contains RLC sub layer that provides most of the
control functions given below,
 ACF( Association Control Function) controls association and
authentication of new MT’s as well as performs synchronization task. 119
 Control plane contains RLC sub layer that provides most of
the control functions given below,
 DCC(DLC user connection control) controls connection setup,
modification and release.
 RRC(Radio Resource Control) function performs the
following tasks
 Dynamic frequency selection
 Measurements performed by MT
 Reporting measurements to the AP
 Frequency change by the AP and its associated MT’s
 Power saving procedure
 Transmit power control
 Handover between APs and within AP

120
 HIPERLAN-2 MAC is based on TDMA/TDD.
 Each mac frame is of 2 ms duration and it is further divided
into Broadcast, Downlink, Uplink and Random access phase.
121
Fig. MAC frame structure of HIPERLAN-2
HIPERLAN-2 LOGICAL CHANNEL
122
HIPERLAN-2 TRANSPORT CHANNEL
 Logical channels are mapped onto different transport
channels which describe the basic message format and are
the basic elements for constructing message sequence of
each user.
123
HIPERLAN-2 LOGICAL AND TRANSPORT
CHANNEL MAPPING
124
DIFFERENCE BETWEEN HIPERLAN-1
AND HIPERLAN-2
Specifications HIPERLAN/1 HIPERLAN/2
Access technique TDMA, EY NPMA TDMA, TDD
BPSK-OFDM, QPSK-OFDM, 16QAM-

Modulation technique GMSK, FSK
OFDM, 64QAM-OFDM
Data rate (Mbps) 23 (HBR), 1.4 (LBR) From 6, 9, 12, 18, 27, 36, 48, 54
Frequency of operation 5.1 GHz to 5.3 GHz 5.1 GHz to 5.3 GHz
Data rate 23.2 Mbps Greater than 20 Mbps
Application WLAN Wireless ATM, Indoor Access
Infrastructure, De-
Topology cellular, centralized
centralised Ad-Hoc
Antenna type Omni-directional Omni-directional
Coverage Range 50 meters 50 to 100 meters
Interface LAN ATM networks 125
Mobility less than 10 m/s less than 10 m/s
4.5 UNIT OVERVIEW
 Bluetooth: Introduction
 User Scenario
 Architecture
 protocol stack
126
 University Question: Write short note on Bluetooth?(5M)
BLUETOOTH: INTRODUCTION
 Bluetooth technology was released in 1999 as Bluetooth 1.0, by Special Interest
Group (SIG) who continues to manage it.
 It was initially standardized as IEEE 802.15.1.
 Mobile computing devices and accessories are connected wirelessly by

Bluetooth using short-range, low-power, inexpensive radios.
 UHF radio waves within the range of 2.400 to 2.485 GHz are using for data
communications.
 A PAN or a piconet can be created by Bluetooth within a 10 m radius.
 Presently, 2 to 8 devices may be connected.
 Bluetooth protocols allow devices within the range to find Bluetooth devices
and connect with them. This is called pairing. Once, the devices are paired, they
can transfer data securely.
 Bluetooth has lower power consumption and lower implementation costs than
Wi-Fi. However, the range and transmission speeds are typically lower than Wi-
Fi.
 The lower power requirements make it less susceptible to interference with
other wireless devices in the same 2.4GHz bandwidth. 127
 Bluetooth version 3.0 and higher versions can deliver a data rate of 24 Mbps.
BLUETOOTH: INTRODUCTION
 The Bluetooth version 4.0 came in 2010. It is characterized by low
energy consumption, multivendor interoperability, the economy of
implementation, and grater range.
Sr No Parameter Specification
1 Frequency range 2.4 - 24835 GHz
2 No. of RF channel used 79
3 Bandwidth of each channel 1 MHz
4 Data rate 1 Mbps
5 Signal Modulation GFSK
6 Range up to 10 m
7 Time slot duration 625 μμsec
8 Piconenet access FH TDMA
128
9 Power Transmitted 2.5 mW for 10 m
4.5 UNIT OVERVIEW
User Scenario
 Architecture
 protocol stack
129
USER SCENARIOS OF BLUETOOTH
 Connection of peripheral devices: Today, most devices are connected
to a desktop computer via wires (e.g., keyboard, mouse, joystick, headset,
speakers). This type of connection has several disadvantages: each device
has its own type of cable, different plugs are needed, and wires block office
space. In a wireless network, no wires are needed for data transmission.
However, batteries now have to replace the power supply, as the wires not
only transfer data but also supply the peripheral devices with power.
 Support of ad-hoc networking: Imagine several people coming
together, discussing issues, exchanging data (schedules, sales figures etc.).
For instance, students might join a lecture, with the teacher distributing data
to their personal digital assistants (PDAs). Wireless networks can support
this type of interaction; small devices might not have WLAN adapters
following the IEEE 802.11 standard, but cheaper Bluetooth chips built in.
 Bridging of networks: Using wireless piconets, a mobile phone can be
connected to a PDA or laptop in a simple way. Mobile phones will not have
full WLAN adapters built in, but could have a Bluetooth chip. The mobile
phone can then act as a bridge between the local piconet and, e.g., the global
130
GSM network.
4.5 UNIT OVERVIEW
 Bluetooth:Introduction
 User Scenario
 Architecture
 protocol stack
131
ARCHITECTURE
 PICONET:
132
ARCHITECTURE
 PICONET:
 The bluetooth enabled devices can locate each other, but user
action is essential in order to make connections with other
devices and from networks.
 Upto eight devices can be connected in a Bluetooth network
called, PICONET.
 One of them acts as a master and remaining act as slaves.
Hence, a maximum of 7 slaves can be supported inside a
piconet.
 When ever two or more devices detect each other and
communicate through Bluetooth, a PICONET is formed
133
ARCHITECTURE
 SCATTERNET:
134
ARCHITECTURE
 SCATTERNET:
 Eight devices can be considered in a Bluetooth network called
Piconet. One of them acts as a master and other acts a slaves.
 A scatter-net is formed when two or more piconets connect
through a bridge node.
 In addition to seven active slaves, there can be up to 255
parked nodes in the net that can only respond to a beacon
signal from the master.
 The slaves are dumb devices that do the task that the master
tells them to do.
 All the communication is between the master and slave and
not between the slaves.
135
4.5 UNIT OVERVIEW
 User Scenario
 Architecture
 protocol stack
136
 University Question: Draw and explain Bluetooth protocol
stack in detail. (10M)
BLUETOOTH PROTOCOL STACK
137
 1. Transport protocol group: .
 The protocols in this group are designed to
 Allow devices to locate and connect
 Carry audio and data traffic where audio traffic has higher priority.
 Support synchronous and asynchronous transmission for telephony

grade voice communication
 Manage physical and logical links between devices so that layers above
and applications can pass data through connections.
 The following protocols are in this group:
i. Logical link control and adaptation protocol layer (L2CAP)

 All data traffic is routed through this layer.
 This layer shields higher layers from details of lower layers.
 It segments larger packets from higher layers into smaller packets that
can be easily handled by lower layers.
 It facilitates maintenance of desired grade of service in two peer
138
devices.
 1. Transport protocol group:
ii. Link manager layer (LML)
 It negotiates properties of Bluetooth air interface between communicating
devices.
 These properties may be bandwidth allocation, support services of
particular type, etc.
 This layer also supervises devices pairing.
 Device pairing generates and stores authentication key specific to a device
 It is also responsible for power control and may request adjustments in

power levels.
iii. Baseband and radio layers
 The baseband layer is responsible for searching other devices, assigning
master and slave roles.
 This layer also controls Bluetooth unit’s synchronization and transmission
frequency hopping sequence. It manages link between devices and
determines packet types supported for synchronous and asynchronous 139
traffic.
 1. Transport protocol group:
iv. Host Controller Interface (HCI)
 The HCI allows higher layers of stack, including applications,
to access the baseband, link manager, etc., through a single
standard interface.
 It serves the purpose of interoperability between host devices
and Bluetooth modules.
 HCI commands, module may enter certain modes of
operation. Higher layers are informed about certain events
through HCI.
140
 2. Middleware protocol group
 The protocols in this group are needed for existing applications to
operate over Bluetooth links.
 These protocols may be third party protocols (Industry standard) or
developed by ‘simple interest group (SIG)’ specifically for
Bluetooth.
 Some of the protocols in this group:
i. RFCOMM layer
 It provides a virtual serial port for applications needed for scenarios
like dial-up networking, etc.
 This eliminates the use of cables.
ii. Service Discovery protocol layer (SDP)

 The SDP is a standard method for Bluetooth devices to discover and
learn about the services offered by other device once a connection is
established with it. 141
 2. Middleware protocol group\
iii. Infrared data association(IrDA) interoperability protocols
 The SIG has adopted some IrDA protocols to ensure
interoperability between applications to exchange a wide
variety of data.
iv. Object exchange protocol (OBEX)
 It is developed by IrDA to exchange objects simple and
spontaneous manner.
 It uses client-server model.
 It is independent of transport mechanism and transport

‘Application programming Interface (API)’, provided it
realizes a reliable transport base.
 It defines a folder-listing object, which is used to browse
contents of folders on a remote device. 142
 2. Middleware protocol group
v. Networking layers
 Bluetooth wireless technology uses peer-to-peer network topology.
 Dial-up networking uses AT commands.
 In most cases, network accessed is IP network with use of standard
protocols like TCP, UDP, HTTP
 A device can connect to IP network using network access point. The
internet PPP is used to connect to access point.
vi. Telephone control specifications layer (TCS) and audio
 This layer is designed to set up voice calls. It supports functions like
call control and group management.
 TCS can also be used to set up data calls.
 TCS protocols are compatible with ITU Specifications.
 Bluetooth audio communication takes place at rate of 64Kbps using one
of two encoding schemes: 8-bit logarithmic PCM or continuous 143
variable slope delta modulation.
 3. Application group
 This group consists of actual applications that make use of
Bluetooth links and refers to software that exists above
protocol stack.
 The Bluetooth-SIG does not define any application protocols
nor does it specify any API. Bluetooth profiles are developed
to establish a base point for use of a protocol stack to
accomplish a given usage case
144
ADVANTAGES OF BLUETOOTH:
 Wireless: As you probably already know, there are many
benefits and advantages to using wireless devices.
 Bluetooth is actually inexpensive: The technology of
Bluetooth is cheap for companies to implement, which results
in lower costs for the company.
 Bluetooth is automatic: Bluetooth doesn't have you set up a
connection or push any buttons.
 Standardized protocol: Bluetooth is standardized wireless,
meaning that a high level of compatibility among devices is
guaranteed.
 Low interference: Bluetooth devices almost always avoid
interference from other wireless devices.
 Low energy consumption: As a result of Bluetooth using low
power signals, the technology requires very little energy and 145
will use less battery or electrical power as a result.
ADVANTAGES OF BLUETOOTH:
 Sharing voice and data: The standard for Bluetooth will
allow compatible devices to share data and voice
communications. This is great for mobile phones and headsets,
as Bluetooth simplifies driving and talking on your cell phone.
 Instant PAN (Personal Area Network): You can connect up
to seven Bluetooth devices to each other within a range of up
to 30 feet, forming a piconet or PAN. For a single room, you
can also set up multiple piconets.
 Upgradeable: Upgradeable is the standard for Bluetooth.
There are newer versions of Bluetooth in the works, which
offer many new advantages and backward compatible with
older versions.
 The technology stays: Bluetooth technology is a worldwide,
universal wireless standard. With it being as popular as it is,
146
you can count on it being around for years to come.
DISADVANTAGES OF BLUETOOTH:
 The only real downsides are the data rate and security.
Infrared can have data rates of up to 4 MBps, which provides
very fast rates for data transfer, while Bluetooth only offers 1
MBps.
 Although there are very few disadvantages, Bluetooth still
remains the best for short range wireless technology. Those
who have tried it love it, and they know for a fact that
Bluetooth will be around for years to come.
147
BLUETOOTH SECURITY ISSUES
 There are a number of ways in which Bluetooth security can
be penetrated, often because there is little security in place.
The major forms of Bluetooth security problems fall into the
following categories:
 Bluejacking: Bluejacking is often not a major malicious
security problem, although there can be issues with it,
especially as it enables someone to get their data onto another
person's phone, etc.
 Bluebugging: This more of an issue. This form of Bluetooth
security issue allows hackers to remotely access a phone and
use its features.
 Car Whispering: This involves the use of software that
allows hackers to send and receive audio to and from a
Bluetooth enabled car stereo system.
148
APPLICATIONS OF BLUETOOTH
 Following are some of the capabilities that Bluetooth can
provide consumers: -
• Make calls from a wireless headset connected remotely to a
cell phone.
• Eliminate cables linking computers to printers, keyboards,

and the mouse.
• Hook up MP3 players wirelessly to other machines to
download music.
149
CHAPTER 4
FINISHED
THANK TOU.
150

Mobile Computing: SEM - VI (CSC603)

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Mobile Computing: SEM - VI (CSC603)

Uploaded by

Copyright:

Available Formats

MOBILE COMPUTING

 Chapter outcomes: On successful completion of chapter learner

 Expected Question: Write Short note on Wireless 3

Fig. Components of WLANs

 Ad-hoc network WLAN

 Expected Question: Write Short note on Wireless 10

Fig. Architecture of Infrastructure WLAN 11

Fig. Architecture of Ad-hoc network WLAN 13

 If you want to quickly set up a peer-to-peer (P2P) network between

 If there is no network infrastructure set up in the area (ad-hoc is the

 Medium access control layer

 802.11 comes under the most popular IEEE specification for

 802.x belongs to different families of IEEE protocol where x

 802.11 is used for Wi-Fi. Standards for WLAN

 University Question: Discuss the PHY frame format of an IEEE

Fig. IEEE 802.11 frequency hopping spread spectrum radio

Fig. IEEE 802.11 direct sequence spread spectrum radio physical

The 1 Mbit/s version employs pulse position modulation with 16

The 2 Mbit/s version uses 4-PPM (4-position pulse position

 Medium access control layer

 IEEE 802.11 MAC Sublayer uses two co-ordination functions for

 Medium access control layer

 To synchronize the clocks of all nodes, there is a timing synchronization

 To synchronize the clocks of all nodes, there is a timing synchronization

Fig.: Synchronous sleep Fig.: Asynchronous sleep

 Medium access control layer

 Medium access control layer

Applications WLAN WLAN WLAN

Frequency 2.4 GHz 2.4 GHz 5 GHz 2.4 2.4, 5 GHz

 Wireless LAN Threats

2) Then the Access Point responds with an authentication response message

4) If the access point successfully decrypt the encrypted challenge and

 Wireless LAN Threats

 Expected Question:? Explain threats in wireless 73

 Your office building has multiple tenants, including immediately above

 Hacking of Lost or Stolen Wireless Devices:

 Wireless LAN Threats

3. Encrypt the data on your network.

4. Protect your Service Set Identifier (SSID).

6. Maintain antivirus software.

7. Use file sharing with caution.

8. Keep your access point software patched and up to date.

9. Check your internet provider’s or router manufacturer’s

 University Question:?Write short note on HIPERLAN?

a payload of a physical data burst.

Fig. Phases of the HIPERLAN 1 EY-NPMA access scheme

 elimination survival verification.

 Each contending node sends an elimination burst with length

can then continue with the next phase

Figure. HIPERLAN/1 Data Packet format used at physical

 University Question:?Write short note on HIPERLAN?

 Security support: Authentication as well as encryption are supported by

 If sector antennas are used for an AP, which is optional in

Fig. HIPERLAN-2 Physical layer reference configuration

 Reporting measurements to the AP

 Frequency change by the AP and its associated MT’s

 Power saving procedure

 Transmit power control

 Handover between APs and within AP

BPSK-OFDM, QPSK-OFDM, 16QAM-

Application WLAN Wireless ATM, Indoor Access

 Mobile computing devices and accessories are connected wirelessly by

 Presently, 2 to 8 devices may be connected.