1. IEEE 802.

11 Architecture

IEEE 802.11 standard, popularly known as WiFi, lays down the architecture and specifications of
wireless LANs (WLANs). WiFi or WLAN uses high-frequency radio waves instead of cables for
connecting the devices in LAN. Users connected by WLANs can move around within the area of
network coverage.

IEEE 802.11 Architecture

The components of an IEEE 802.11 architecture are as follows −

Stations (STA) − Stations comprises of all devices and equipment that are connected to the wireless
LAN. A station can be of two types−

 Wireless Access Point (WAP) − WAPs or simply access points (AP) are generally
wireless routers that form the base stations or access.

 Client. Clients are workstations, computers, laptops, printers, smartphones, etc.

Each station has a wireless network interface controller.

Basic Service Set (BSS) − A basic service set is a group of stations communicating at the physical
layer level. BSS can be of two categories depending upon the mode of operation−

 Infrastructure BSS − Here, the devices communicate with other devices through
access points.

 Independent BSS − Here, the devices communicate in a peer-to-peer basis in an

adhoc manner.

Extended Service Set (ESS) − It is a set of all connected BSS.

Distribution System (DS) − It connects access points in ESS.

Frame Format of IEEE 802.11

The main fields of a frame of wireless LANs as laid down by IEEE 802.11 are −
Frame Control − It is a 2 bytes starting field composed of 11 subfields. It contains control
information of the frame.

Duration − It is a 2-byte field that specifies the time period for which the frame and its
acknowledgment occupy the channel.

Address fields − There are three 6-byte address fields containing addresses of source, immediate
destination, and final endpoint respectively.

Sequence − It a 2 bytes field that stores the frame numbers.

Data − This is a variable-sized field that carries the data from the upper layers. The maximum size of
the data field is 2312 bytes.

Check Sequence − It is a 4-byte field containing error detection information.

Bluetooth User Scenarios and Architecture .2

It is a Wireless Personal Area Network (WPAN) technology and is used for exchanging data over
smaller distances. This technology was invented by Ericson in 1994. It operates in the unlicensed,
industrial, scientific and medical (ISM) band at 2.4 GHz to 2.485 GHz. Maximum devices that can be
connected at the same time are 7. Bluetooth ranges upto 10 meters. It provides data rates upto 1
Mbps or 3 Mbps depending upon the version. The spreading technique which it uses is FHSS
(Frequency hopping spread spectrum). A Bluetooth network is called a piconet and a collection of
interconnected piconets is called scatternet.

Bluetooth Architecture:

The architecture of Bluetooth defines two types of networks:

1. Piconet 2. Scatternet

Piconet:
Piconet is a type of Bluetooth network that contains one primary node called master node
and seven active secondary nodes called slave nodes. Thus, we can say that there are total of 8
active nodes which are present at a distance of 10 meters. The communication between the primary
and secondary node can be one-to-one or one-to-many. Possible communication is only between
the master and slave; Slave-slave communication is not possible. It also have 255 parked nodes,
these are secondary nodes and cannot take participation in communication unless it gets converted
to the active state.

Scatternet:

It is formed by using various piconets. A slave that is present in one piconet can act as master or we
can say primary in another piconet. This kind of node can receive message from master in one
piconet and deliver the message to its slave into the other piconet where it is acting as a slave. This
type of node is refer as bridge node. A station cannot be master in two piconets.

Bluetooth protocol stack:

Radio (RF) layer:

It performs modulation/demodulation of the data into RF signals. It defines the physical

characteristics of bluetooth transceivers. It defines two types of physical link: connection-less and
connection-oriented.

Baseband Link layer:

It performs the connection establishment within a piconet.

Link Manager protocol layer:

It performs the management of the already established links. It also includes authentication and
encryption processes.

Logical Link Control and Adaption protocol layer:

It is also known as the heart of the Bluetooth protocol stack. It allows the communication between
upper and lower layers of the Bluetooth protocol stack. It packages the data packets received from
upper layers into the form expected by lower layers. It also performs the segmentation and
multiplexing.

SDP layer:

It is short for Service Discovery Protocol. It allows to discover the services available on another
Bluetooth enabled device.

RF comm layer:

It is short for Radio Frontend Component. It provides serial interface with WAP and OBEX.

OBEX:

It is short for Object Exchange. It is a communication protocol to exchange objects between 2

devices.

WAP:

It is short for Wireless Access Protocol. It is used for internet access.

TCS:

It is short for Telephony Control Protocol. It provides telephony service.

Application layer:

It enables the user to interact with the application.

Advantages:

Low cost.

Easy to use.

It can also penetrate through walls.

It creates an adhoc connection immediately without any wires.

It is used for voice and data transfer.

Disadvantages:

It can be hacked and hence, less secure.

It has slow data transfer rate: 3 Mbps.

It has small range: 10 meters.

3. Bluetooth security mechanisms

The basic security mechanisms used in Bluetooth equipment are:

1. Bonding
When two devices communicate, they can initiate a process known as bonding, where each of them
uses a PIN code provided by the user to generate two secret keys: A link key, and an encryption key.
For the bonding procedure to succeed, the user must supply the same PIN code to both devices, so
they both generate the same pair of keys. These keys are used in the authentication and encryption
procedures described below.

2. Authentication

Authentication is the process by which a device verifies another device's identity. The mechanism
used for this purpose in Bluetooth is a so-called challenge-response scheme, in which:

1. One party (the claimant) sends its address to the other (the verifier).

2. The verifier sends a random challenge (in fact, a number generated by a random number
generator) to the claimant.

3. The claimant replies with a response, which it works out on the basis of the challenge, the
address and the shared secret link key, and sends it to the verifier.

4. The verifier works out the response which it expects to receive on the basis of the challenge,
the address and the shared secret link key, and compares it with the response actually
received.

If the expected and received responses are identical, the two participants have evidently used the
same information to work out their responses. Since the necessary information includes the secret
link key, which is assumed only to be known by the two participants who took part in the bonding
process, each of them can be pretty certain that it is communicating with its true "bonding partner".
If this is the case, the authentication process terminates successfully, otherwise the connection
between the two parties is broken.

3. Confidentiality

Confidentiality is ensured by encryption of the data sent between two Bluetooth devices. Encryption
is based on a so-called stream cipher. In this form of encryption, a continuous sequence of
encryption keys (a keystream) is produced by the sender and combined with the stream of
unencrypted data to produce a stream of encrypted data, which is transmitted to the receiver. At
the receiver, an identical keystream is produced, and used to extract the unencrypted data from the
encrypted data:
Each key in the keystream is generated in two steps:

1. The secret shared link key is combined with a random number to produce an encryption key.

2. The encryption key is combined with the address and the random number to produce the
next key in the keystream.

It is important to make it as difficult as possible for an intruder to guess the sequence of encryption
keys, since if he could do so he could decrypt the stream of encrypted data. Ideally, even if the
intruder actually managed to find a long sequence of keys, he would be unable to deduce what the
next one would be. To ensure this, successive encryption keys are generated using successive
random numbers generated by a random number generator for which it is extremely difficult to
guess the next number, even if one has seen a long sequence of numbers already.