The security association encompasses both
authentication and encryption, and is described in more detail below. Briefly,
authentication in a security association can be handled by a separate 802.1x authentication
server, or be based on demonstrating possession of the correct pre-shared key (PSK).
A station can be authenticated with multiple other stations at any one time. The
standard also supports an optional measure of pre-authentication in support of roaming
within an ESS by stations already authenticated with the network.
2.2.4.3 Association, Disassociation, and Reassociation
In order to exchange unicast data traffic, stations must create an association between them
by an exchange of management packets. A station can send an association (or
Guide to Wireless LAN Analysis
19
reassociation) request to any station with which it is authenticated. If the association
response is positive, the association is created.
In an IBSS, each station must create a separate association with each of the others in
the group.
In a BSS, each station has a separate association with the access point. Stations can
only be associated with one access point at any given time.
Pages:
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109