Method and device for advertisement and authentication for multi-AP operation in wireless LAN system
The method and apparatus for exchanging and authenticating capability information between access points in wireless LAN systems enhance Multi-AP operations by ensuring reliable and efficient connections through secure communication of capabilities and security schemes.
Patent Information
- Authority / Receiving Office
- WO · WO
- Patent Type
- Applications
- Current Assignee / Owner
- SAMSUNG ELECTRONICS CO LTD
- Filing Date
- 2025-12-18
- Publication Date
- 2026-06-25
AI Technical Summary
Existing wireless LAN systems face challenges in ensuring reliable Multi-AP operations due to the lack of effective methods for exchanging and verifying capability information and authentication between access points, which hinders efficient connection and security management.
A method and apparatus for Multi-AP operation in wireless LAN systems that involve exchanging capability information through beacon and management frames, and performing authentication requests and responses between access points to ensure reliable Multi-AP operations.
Ensures reliable and efficient Multi-AP operations by ensuring that access points can securely communicate their capabilities and support required security schemes, facilitating seamless connections and improved network performance.
Smart Images

Figure KR2025022212_25062026_PF_FP_ABST
Abstract
Description
Method and device for advertising and authentication for multi-AP operation in a wireless LAN system
[0001] The present disclosure relates to a wireless local area network (WLAN) system. Specifically, the present disclosure relates to a method and apparatus for operating a Multi-AP (access point) in a wireless LAN system.
[0002] Wireless LAN (WLAN) systems are evolving for various purposes, such as improving transmission rates, increasing bandwidth, enhancing reliability, reducing errors, and reducing latency. The Institute of Electrical and Electronics Engineers (IEEE) publishes the 802.11 standard specification for wireless LAN systems, and the technology described in the 802.11 standard specification can be referred to as WiFi (or Wi-Fi, Wireless Fidelity).
[0003] Wi-Fi technology has evolved through several generations of 802.11 standards. For example, the 802.11ac standard covers improvements for VHT (very high throughput), the 802.11ax standard covers improvements for HE (high efficiency), and the 802.11be standard covers improvements for EHT (extreme high throughput).
[0004] Meanwhile, technologies to provide an improved wireless communication environment in wireless LAN systems are being discussed, and various technologies are being proposed and researched in response to the demand to further enhance the reliability of wireless LAN systems.
[0005] The present disclosure proposes an advertising and authenticating method and apparatus for Multi-AP (access point) operation in a wireless LAN system. In particular, the present disclosure proposes a method for exchanging capability information of APs among APs for Multi-AP operation. Additionally, a method for verifying whether an AP is capable of performing Multi-AP is proposed.
[0006] The technical objectives to be achieved in this disclosure are not limited to those mentioned above, and other unmentioned technical problems may be considered by those skilled in the art from the embodiments of the present invention described below.
[0007] According to one embodiment of the present disclosure, a method performed by a first access point (AP) of a wireless local area network (WLAN) system comprises: transmitting a first beacon frame to a second AP to advertise the multi-AP (M-AP) capability of the first AP; receiving a second beacon frame from the second AP to advertise the M-AP capability of the second AP; transmitting a first management frame to the second AP for an M-AP authentication request; and receiving a second management frame from the second AP that includes a response to the M-AP authentication request, wherein the response is based on information contained in the first beacon frame and the first management frame, and the M-AP capability may include at least one of information regarding the protection of an M-AP scheme or information regarding the M-AP status.
[0008] According to one embodiment of the present disclosure, a method performed by a second access point (AP) of a wireless local area network (WLAN) system comprises: transmitting a first beacon frame from a first AP to advertise the multi-AP (M-AP) capability of the first AP; transmitting a second beacon frame to the first AP to advertise the M-AP capability of the second AP; receiving a first management frame from the first AP for an M-AP authentication request; and transmitting a second management frame to the first AP that includes a response to the M-AP authentication request, wherein the response is based on information contained in the first beacon frame and the first management frame, and the M-AP capability may include at least one of information regarding the protection of an M-AP scheme or information regarding the M-AP status.
[0009] According to one embodiment of the present disclosure, a first access point (AP) of a wireless local area network (WLAN) system comprises a transceiver and at least one processor connected to the transceiver, wherein the at least one processor is configured to transmit a first beacon frame to a second AP to advertise the multi-AP (M-AP) capability of the first AP, receive a second beacon frame from the second AP to advertise the M-AP capability of the second AP, transmit a first management frame to the second AP for an M-AP authentication request, and receive a second management frame from the second AP containing a response to the M-AP authentication request, wherein the response is based on information contained in the first beacon frame and the first management frame, and the M-AP capability may include at least one of information regarding the protection of an M-AP scheme or information regarding the M-AP status.
[0010] According to one embodiment of the present disclosure, a second access point (AP) of a wireless local area network (WLAN) system comprises a transceiver and at least one processor connected to the transceiver, wherein the at least one processor is configured to transmit a first beacon frame to advertise the multi-AP (M-AP) capability of the first AP from the first AP, transmit a second beacon frame to advertise the M-AP capability of the second AP to the first AP, receive a first management frame for an M-AP authentication request from the first AP, and transmit a second management frame to the first AP containing a response to the M-AP authentication request, wherein the response is based on information contained in the first beacon frame and the first management frame, and the M-AP capability may include at least one of information regarding the protection of an M-AP scheme or information regarding the M-AP status.
[0011] According to various embodiments proposed in this disclosure, an AP intending to perform Multi-AP (access point) operations in a wireless LAN system can ensure reliability between APs for performing Multi-AP operations by transmitting information to a counterpart AP regarding which Multi-AP schemes require security and whether support for such schemes is possible. Furthermore, by ensuring reliability between APs, Multi-AP operations through subsequent connections between APs can be performed efficiently.
[0012] FIG. 1 illustrates the configuration of a device for wireless communication according to one embodiment of the present disclosure.
[0013] FIG. 2 illustrates an exemplary structure of a wireless LAN system related to the present disclosure.
[0014] FIG. 3 illustrates a link setup process related to the present disclosure.
[0015] FIG. 4 illustrates a backoff operation related to the present disclosure.
[0016] FIG. 5 illustrates a CSMA / CA (Carrier Sense Multiple Access with Collision Avoidance) based frame transmission operation related to the present disclosure.
[0017] FIG. 6 illustrates an exemplary format of a frame used in a wireless LAN system related to the present disclosure.
[0018] FIG. 7 illustrates an exemplary format of a PPDU (physical layer protocol data unit) of a wireless LAN system related to the present disclosure.
[0019] FIG. 8 illustrates another exemplary format of a PPDU of a wireless LAN system related to the present disclosure.
[0020] FIG. 9 illustrates the configuration of a Multi-AP (multi-access point, M-AP) framework of a wireless LAN system according to one embodiment of the present disclosure.
[0021] FIG. 10 illustrates the flow of signals for Multi-AP operation in a wireless LAN system according to one embodiment of the present disclosure.
[0022] FIG. 11 is a block diagram illustrating the state transition of an AP related to Multi-AP operation in a wireless LAN system according to one embodiment of the present disclosure.
[0023] FIG. 12 illustrates an example of an element format that constitutes a Multi-AP capability advertisement frame in a wireless LAN system according to one embodiment of the present disclosure.
[0024] FIG. 13 illustrates an example of a control field configuration in a wireless LAN system according to one embodiment of the present disclosure.
[0025] FIG. 14 illustrates an example of a Multi-AP support field configuration in a wireless LAN system according to one embodiment of the present disclosure.
[0026] FIG. 15 illustrates an example of a protected Multi-AP support field configuration in a wireless LAN system according to one embodiment of the present disclosure.
[0027] FIG. 16 illustrates another example of an element format constituting a Multi-AP capability advertisement frame in a wireless LAN system according to one embodiment of the present disclosure.
[0028] FIG. 17 illustrates an example of a method for indicating a security need in a wireless LAN system according to one embodiment of the present disclosure.
[0029] FIG. 18 illustrates the flow of signals in a Multi-AP authentication procedure in a wireless LAN system according to one embodiment of the present disclosure.
[0030] FIG. 19 illustrates another example of a control field configuration in a wireless LAN system according to one embodiment of the present disclosure.
[0031] FIG. 20 illustrates an example of a frame used in the procedure for M-AP coupling, authentication, negotiation, and agreement between APs in a wireless LAN system according to one embodiment of the present disclosure.
[0032] FIG. 21 illustrates the operation sequence of a Multi-AP requesting AP in a wireless LAN system according to one embodiment of the present disclosure.
[0033] Preferred embodiments of the present disclosure will be described in detail below with reference to the accompanying drawings. It should be noted that identical components in the accompanying drawings are represented by the same reference numerals whenever possible. Furthermore, detailed descriptions of known functions and configurations that may obscure the essence of the present disclosure will be omitted.
[0034] In describing the embodiments in this specification, technical details that are well known in the technical field to which this disclosure belongs and are not directly related to this disclosure are omitted. This is intended to convey the essence of this disclosure more clearly without obscuring it by omitting unnecessary explanations.
[0035] For the same reason, some components in the attached drawings have been exaggerated, omitted, or schematically depicted. Additionally, the size of each component does not entirely reflect its actual dimensions.
[0036] The advantages and features of the present disclosure and the methods for achieving them will become clear by referring to the embodiments described below in detail together with the accompanying drawings. However, the present disclosure is not limited to the embodiments disclosed below but may be implemented in various different forms. The embodiments provided are merely to ensure that the disclosure of the present disclosure is complete and to fully inform those skilled in the art of the scope of the disclosure, and the present disclosure is defined only by the scope of the claims.
[0037] At this time, it will be understood that each block of the flowcharts and combinations of the flowcharts can be executed by computer program instructions. Since these computer program instructions can be loaded into the processor of a general-purpose computer, a specialized computer, or other programmable data processing equipment, the instructions executed through the processor of the computer or other programmable data processing equipment create means to perform the functions described in the flowchart block(s). Since these computer program instructions can also be stored in computer-available or computer-readable memory that can be directed toward the computer or other programmable data processing equipment to implement the function in a specific way, the instructions stored in computer-available or computer-readable memory can also produce a manufactured item containing instruction means to perform the function described in the flowchart block(s). Since computer program instructions can be loaded onto a computer or other programmable data processing equipment, instructions that perform a series of operation steps on the computer or other programmable data processing equipment to create a process executed by the computer can also provide steps for executing the functions described in the flowchart block(s).
[0038] Additionally, each block may represent a module, segment, or part of code containing one or more executable instructions for executing a specified logical function(s). It should also be noted that in some alternative execution examples, the functions mentioned in the blocks may occur out of order. For instance, two blocks described in succession may actually be executed substantially simultaneously, or the blocks may be executed in reverse order according to their corresponding functions.
[0039] In this embodiment, the term "part" refers to a software or hardware component, such as an FPGA or ASIC, and the "part" performs certain roles. However, the meaning of "part" is not limited to software or hardware. The "part" may be configured to reside in an addressable storage medium or configured to operate one or more processors. Accordingly, as an example, the "part" includes components such as software components, object-oriented software components, class components, and task components, as well as processes, functions, attributes, procedures, subroutines, segments of program code, drivers, firmware, microcode, circuits, data, databases, data structures, tables, arrays, and variables. The functions provided within the components and "parts" may be combined into a smaller number of components and "parts" or further separated into additional components and "parts." Furthermore, the components and "parts" may be implemented to operate one or more CPUs within a device or secure multimedia card.
[0040] In the present disclosure, when a component is described as being “connected,” “combined,” or “joined” with another component, this may include not only a direct connection but also an indirect connection in which another component exists between them. Furthermore, in the present disclosure, the terms “comprising” or “having” specify the presence of the mentioned features, steps, actions, elements, and / or components, but do not exclude the presence or addition of one or more other features, steps, actions, elements, components, and / or groups thereof.
[0041] In the present disclosure, terms such as "first," "second," etc. are used solely for the purpose of distinguishing one component from another and are not used to limit the components, nor do they limit the order or importance of the components unless specifically stated otherwise. Accordingly, within the scope of the present disclosure, a first component in one embodiment may be referred to as a second component in another embodiment, and likewise, a second component in one embodiment may be referred to as a first component in another embodiment.
[0042] The terms used in this disclosure are for the description of specific embodiments and are not intended to limit the claims. As used in the description of embodiments and in the appended claims, the singular form is intended to include the plural form unless the context clearly indicates otherwise. The term "and / or" as used in this disclosure may refer to one of the related enumerated items, or refers to and includes any and all possible combinations of two or more of them. Additionally, the " / " between words in this disclosure has the same meaning as "and / or" unless otherwise noted.
[0043] The embodiments of the present disclosure may be applied to various wireless communication systems. For example, the embodiments of the present disclosure may be applied to wireless LAN systems. For example, the embodiments of the present disclosure may be applied to wireless LAN systems based on IEEE 802.11a / g / n / ac / ax / be standards. Furthermore, the embodiments of the present disclosure may be applied to wireless LAN systems based on the newly discussed IEEE 802.11bn (or UHR (ultra high reliability)) standards. Additionally, the embodiments of the present disclosure may be applied to next-generation wireless LAN systems based on standards after IEEE 802.11bn.
[0044] In addition, the examples of the present disclosure may be applied to cellular wireless communication systems. For example, the examples of the present disclosure may be applied to cellular wireless communication systems based on LTE (Long Term Evolution), LTE-A (LTE advanced), and NR (New Radio) technologies based on 3GPP (3rd Generation Partnership Project) standard documents.
[0045] FIG. 1 illustrates the configuration of a device for wireless communication according to one embodiment of the present disclosure.
[0046] The first device (100) and the second device (200) of FIG. 1 may be replaced with various terms such as terminal, wireless device, WTRU (Wireless Transmit and Receive Unit), UE (User Equipment), MS (Mobile Station), UT (user terminal), MSS (Mobile Subscriber Station), MSS (Mobile Subscriber Unit), SS (Subscriber Station), AMS (Advanced Mobile Station), WT (Wireless terminal), client terminal, or simply user.
[0047] In addition, the first device (100) and the second device (200) can be replaced with various terms such as Access Point (AP), Base Station (BS), fixed station, Node B, base transceiver system (BTS), network, Artificial Intelligence (AI) system, road side unit (RSU), repeater, router, relay, gateway, etc.
[0048] The device (100, 200) exemplified in FIG. 1 may be referred to as a station (STA). For example, the device (100, 200) exemplified in FIG. 1 may be referred to by various terms such as a transmitting device, a receiving device, a transmitting STA, or a receiving STA. For example, the STA (110, 200) may perform the role of an access point (AP) or a non-AP. That is, in the present disclosure, the STA (110, 200) may perform the functions of an AP and / or a non-AP. If the STA (110, 200) performs the AP function, it may simply be referred to as an AP, and if the STA (110, 200) performs the non-AP function, it may simply be referred to as a STA. Additionally, in the present disclosure, the AP may also be indicated as an AP STA.
[0049] Referring to FIG. 1, the first device (100) and the second device (200) can transmit and / or receive wireless signals through various wireless LAN technologies (e.g., technologies based on the IEEE 802.11 standard). The first device (100) and the second device (200) may include interfaces for the MAC (medium access control) layer and the PHY (physical) layer that comply with the specifications of the IEEE 802.11 standard.
[0050] In addition, the first device (100) and the second device (200) may additionally support various wireless communication technologies other than wireless LAN technology (e.g., 3GPP LTE, LTE-A, or technologies based on NR standard documents). In addition, the device of the present disclosure may be implemented as various devices such as mobile phones, vehicles, personal computers, AR (Augmented Reality) equipment, VR (Virtual Reality) equipment, etc. Furthermore, the STA of the present specification may support various communication services such as voice calls, video calls, data communication, autonomous driving, MTC (Machine-Type Communication), M2M (Machine-to-Machine), D2D (Device-to-Device), and IoT (Internet-of-Things).
[0051] The first device (100) includes one or more processors (102) and one or more memories (104), and may further include one or more transceivers (or transceivers, transceivers) (106) and / or one or more antennas (108). The processor (102) controls the memory (104) and / or transceivers (106) and may be configured to implement the descriptions, functions, procedures, proposals, methods and / or sequences of operation disclosed in this disclosure. For example, the processor (102) may process information within the memory (104) to generate first information and / or a first signal, and then transmit a wireless signal including the first information and / or the first signal through the transceiver (106). Additionally, the processor (102) may receive a wireless signal including second information and / or a second signal through a transceiver (106) and then store the information obtained through signal processing of the second information and / or the second signal in the memory (104). The memory (104) may be connected to the processor (102) and may store various information related to the operation of the processor (102). For example, the memory (104) may store software code including instructions for performing some or all of the processes controlled by the processor (102) or for performing the descriptions, functions, procedures, proposals, methods, and / or operation sequences disclosed in this disclosure. Here, the processor (102) and the memory (104) may be part of a communication modem / circuit / chip designed to implement wireless LAN technology (e.g., technology based on the IEEE 802.11 document). The transceiver (106) may be connected to the processor (102) and may transmit and / or receive wireless signals through one or more antennas (108). The transceiver (106) may include a transmitter and / or receiver. The transceiver (106) may be used in combination with an RF (Radio Frequency) unit.
[0052] The second device (200) includes one or more processors (202) and one or more memories (204), and may further include one or more transceivers (or transceivers) (206) and / or one or more antennas (208). The processor (202) controls the memory (204) and / or transceivers (206) and may be configured to implement the descriptions, functions, procedures, proposals, methods and / or sequences of operation disclosed in this disclosure. For example, the processor (202) may process information within the memory (204) to generate third information and / or a third signal, and then transmit a wireless signal including the third information and / or the third signal through the transceiver (206). Additionally, the processor (202) may receive a wireless signal including fourth information and / or a fourth signal through the transceiver (206), and then store information obtained through signal processing of the fourth information and / or the fourth signal in the memory (204). Memory (204) may be connected to the processor (202) and may store various information related to the operation of the processor (202). For example, memory (204) may store software code including instructions for performing some or all of the processes controlled by the processor (202) or for performing the descriptions, functions, procedures, proposals, methods, and / or sequences of operation disclosed in this disclosure. Here, the processor (202) and memory (204) may be part of a communication modem / circuit / chip designed to implement wireless LAN technology (e.g., technology based on the IEEE 802.11 document). A transceiver (206) may be connected to the processor (202) and may transmit and / or receive wireless signals through one or more antennas (208). The transceiver (206) may include a transmitter and / or receiver. The transceiver (206) may be used interchangeably with an RF unit.
[0053] Hereinafter, the hardware elements of the device (100, 200) will be described in more detail. Although not limited to the following, the operation of one or more protocol layers may be implemented by one or more processors (102, 202). For example, one or more processors (102, 202) may implement the operation of one or more layers (e.g., functional layers such as PHY, MAC). One or more processors (102, 202) may generate one or more Protocol Data Units (PDUs) and / or Service Data Units (SDUs) according to the descriptions, functions, procedures, proposals, methods, and / or operation sequences disclosed in this disclosure. One or more processors (102, 202) may generate messages, control information, data, or information according to the descriptions, functions, procedures, proposals, methods, and / or operation sequences disclosed in this disclosure. One or more processors (102, 202) may generate a signal (e.g., a baseband signal) including a PDU, SDU, message, control information, data, traffic, or information according to the functions, procedures, proposals, and / or methods disclosed in this disclosure and provide it to one or more transceivers (106, 206). One or more processors (102, 202) may receive a signal (e.g., a baseband signal) from one or more transceivers (106, 206) and may obtain a PDU, SDU, message, control information, data, traffic, or information according to the descriptions, functions, procedures, proposals, methods, and / or flowcharts disclosed in this disclosure.
[0054] One or more memories (104, 204) may be connected to one or more processors (102, 202) and may store various forms of data, signals, messages, information, programs, codes, instructions, and / or commands. One or more memories (104, 204) may be composed of ROM (read-only memory), RAM (random access memory), EPROM (erasable programmable ROM), EEPROM (electronically EPROM), flash memory, hard drive, registers, cache memory, computer-readable storage media, and / or combinations thereof. One or more memories (104, 204) may be located inside and / or outside of one or more processors (102, 202). Additionally, one or more memories (104, 204) may be connected to one or more processors (102, 202) through various technologies such as wired or wireless connections.
[0055] One or more transceivers (106, 206) may transmit user data, control information, data, traffic, wireless signals, and / or channels, etc., as mentioned in the methods and / or operation flowcharts, etc., of the present disclosure to one or more other devices. One or more transceivers (106, 206) may receive user data, control information, data, traffic, wireless signals, and / or channels, etc., as mentioned in the descriptions, functions, procedures, proposals, methods, and / or operation flowcharts, etc., disclosed in the present disclosure from one or more other devices. For example, one or more transceivers (106, 206) may be connected to one or more processors (102, 202) and may transmit and receive wireless signals. For example, one or more processors (102, 202) may control one or more transceivers (106, 206) to transmit user data, control information, traffic, wireless signals, and / or channels to one or more other devices. Additionally, one or more processors (102, 202) may control one or more transceivers (106, 206) to receive user data, control information, traffic, wireless signals and / or channels from one or more other devices. Additionally, one or more transceivers (106, 206) may be connected to one or more antennas (108, 208), and one or more transceivers (106, 206) may be configured to transmit and receive user data, control information, traffic, wireless signals and / or channels, etc., as described in the descriptions, functions, procedures, proposals, methods and / or flowcharts, etc. disclosed in this disclosure through one or more antennas (108, 208). In this disclosure, one or more antennas (108, 208) may be a plurality of physical antennas or a plurality of logical antennas (e.g., antenna ports).One or more transceivers (106, 206) can convert received wireless signals / channels, etc. from RF band signals to baseband signals in order to process received user data, control information, wireless signals / channels, etc. using one or more processors (102, 202). One or more transceivers (106, 206) can convert processed user data, control information, wireless signals / channels, etc. from baseband signals to RF band signals using one or more processors (102, 202). To this end, one or more transceivers (106, 206) may include (analog) oscillators and / or filters.
[0056] According to one example, one of the devices (100, 200) may perform the intended operation of an AP, and the other of the devices (100, 200) may perform the intended operation of a non-AP STA. As another example, the transceiver (106, 206) of FIG. 1 may perform the transmission and / or reception operation of a signal (e.g., a packet or PPDU (physical layer protocol data unit) according to IEEE 802.11a / b / g / n / ac / ax / be / bn, etc.).
[0057] In addition, in the present disclosure, the operation of generating transmission and reception signals or performing data processing or calculations in advance for transmission and reception signals by various STAs can be performed in the processor (102, 202) of FIG. 1. For example, examples of operations for generating transmit / receive signals or performing data processing or operations in advance for transmit / receive signals include: 1) operations for determining / acquiring / configuring / operating / decoding / encoding bit information of fields included in the PPDU (e.g., SIG (signal), STF (short training field), LTF (long training field), Data, etc.); 2) operations for determining / configuring / acquiring time resources or frequency resources (e.g., subcarrier resources) used for fields included in the PPDU (e.g., SIG, STF, LTF, Data, etc.); 3) operations for determining / configuring / acquiring specific sequences (e.g., pilot sequence, STF / LTF sequence, extra sequence applied to SIG) used for fields included in the PPDU (e.g., SIG, STF, LTF, Data, etc.); 4) power control operations and / or power saving operations applied to the STA; and 5) of the ACK (acknowledgement) signal. It may include operations related to determination / acquisition / configuration / operation / decoding / encoding, etc. In addition, in the following example, various information (e.g., information related to fields / subfields / control fields / parameters / power, etc.) used by various STAs for determination / acquisition / configuration / operation / decoding / encoding of transmission and reception signals may be stored in the memory (104, 204) of FIG. 1.
[0058] In the following, the downlink (DL) refers to a link for communication from an AP STA to a non-AP STA, and downlink PPDUs, packets, signals, etc., can be transmitted and received through the downlink. In downlink communication, the transmitter may be part of the AP STA, and the receiver may be part of the non-AP STA. The uplink (UL) refers to a link for communication from a non-AP STA to an AP STA, and uplink PPDUs, packets, signals, etc., can be transmitted and received through the uplink. In uplink communication, the transmitter may be part of the non-AP STA, and the receiver may be part of the AP STA.
[0059] FIG. 2 illustrates an exemplary structure of a wireless LAN system related to the present disclosure.
[0060] A wireless LAN system may have a structure composed of multiple components. Through the interaction of these multiple components, the wireless LAN system can support transparent STA mobility relative to the upper layer. A Basic Service Set (BSS) corresponds to the basic building block of a wireless LAN. Figure 2 exemplarily illustrates the existence of two BSSs (BSS 1 and BSS 2), each containing two STAs as members (STA 1 and STA 2 are included in BSS 1, and STA 3 and STA 4 are included in BSS 2). In Figure 2, the ellipse representing the BSS can also be understood as representing the coverage area where the STAs included in the corresponding BSS maintain communication. This area can be referred to as a Basic Service Area (BSA). If a STA moves outside the BSA, it cannot communicate directly with other STAs within that BSA.
[0061] Excluding the distributed system (DS) illustrated in Fig. 2, the most basic type of BSS in a wireless LAN is the Independent BSS (IBSS). For example, an IBSS can have a minimal form consisting of only two STAs. For instance, assuming other components are omitted, a BSS 1 composed of only STA 1 and STA 2, or a BSS 2 composed of only STA 3 and STA 4, can each be considered a representative example of an IBSS. Such a configuration is possible when the STAs can communicate directly without an AP. Furthermore, this type of wireless LAN is not configured through pre-planning but can be established when a LAN (local area network) is required, and it may also be referred to as an ad-hoc network. Since an IBSS does not include an AP, there is no centralized management entity. In other words, in an IBSS, STAs are managed in a distributed manner. In IBSS, all STAs can be mobile STAs, and since connections to DS are not allowed, they form a self-contained network.
[0062] The membership of an STA in a BSS can be dynamically changed by the STA being turned on or off, or by the STA entering or leaving the BSS area. To become a member of a BSS, an STA can join the BSS using a synchronization process. To access all services of the BSS infrastructure, an STA must be associated with the BSS. This association can be configured dynamically and may include the use of a Distribution System Service (DSS).
[0063] In a wireless LAN, the direct STA-to-STA distance can be limited by PHY performance. In some cases, this distance limit may be sufficient, but in others, communication between STAs over longer distances may be required. A DS can be configured to support extended coverage.
[0064] DS refers to a structure in which BSSs are interconnected. Specifically, as shown in FIG. 2, a BSS may exist as a component in an extended form of a network composed of multiple BSSs. DS is a logical concept and can be specified by the characteristics of the Distributed System Medium (DSM, DS medium). In this regard, the Wireless Medium (WM) and the DSM can be logically distinguished. Each logical medium is used for a different purpose and is utilized by different components. These media are not limited to being identical or different. The flexibility of the wireless LAN structure (DS structure or other network structure) can be explained by the fact that multiple media are logically distinct in this way. That is, the wireless LAN structure can be implemented in various ways, and the corresponding wireless LAN structure can be independently specified by the physical characteristics of each implementation.
[0065] DS can support mobile devices by providing seamless integration of multiple BSSs and providing logical services necessary for handling addresses to destinations. Additionally, DS may include a component called a portal that acts as a bridge for connecting the wireless LAN with other networks (e.g., IEEE 802.X).
[0066] An AP enables access to the DS via the WM for non-AP STAs coupled with it. An AP can refer to an entity that also possesses the functionality of an STA, and data movement between the BSS and the DS can be performed through the AP. For example, STA 2 and STA 3 shown in FIG. 2 possess the functionality of an STA and provide the function of enabling coupled non-AP STAs (STA 1 and STA 4) to access the DS. Furthermore, since all APs fundamentally correspond to STAs, all APs are addressable entities. The address used by the AP for communication on the WM and the address used by the AP for communication on the DSM do not necessarily have to be the same. A BSS composed of an AP and one or more STAs can be referred to as an infrastructure BSS.
[0067] Data transmitted from one of the STA(s) coupled to the AP to the STA address of the AP can always be received at an uncontrolled port and processed by an IEEE 802.1X port access entity. Additionally, if the controlled port is authenticated, the transmitted data (or frame) can be forwarded to the DS.
[0068] In addition to the structure of the aforementioned DS, an Extended Service Set (ESS) may be configured to provide wider coverage.
[0069] An ESS is a network of arbitrary size and complexity that can correspond to a set of BSSs connected to a single DS. However, an ESS does not contain a DS. An ESS network is characterized by appearing as an IBSS at the Logical Link Control (LLC) layer. STAs included in an ESS can communicate with each other, and mobile STAs can move from one BSS to another (i.e., within the same ESS) transparently to the LLC. APs included in a single ESS can have the same Service Set Identifier (SSID). The SSID is distinguished from the BSSID (BSS SSID), which is the identifier of the BSS.
[0070] In wireless LAN systems, no assumptions are made regarding the relative physical locations of BSSs, and all of the following forms are possible. BSSs may partially overlap, which is a form commonly used to provide continuous coverage. Additionally, BSSs may not be physically connected, and logically, there is no limit to the distance between BSSs. Furthermore, BSSs may be located in the same physical location, which can be used to provide redundancy. Additionally, one or more IBSS or ESS networks may physically exist in the same space as one (or more) ESS networks. This may apply to ESS network configurations where an ad-hoc network operates at a location where an ESS network exists, where wireless networks are physically overlapping by different organizations, or where two or more different access and security policies are required at the same location.
[0071] FIG. 3 illustrates a link setup process related to the present disclosure.
[0072] In order for an STA to set up links and transmit and receive data on a network, it must discover the network through an AP, perform authentication, establish an association, and set up security. The link setup process can also be referred to as the session initiation process or the session setup process. Additionally, the processes of discovery, authentication, association, and security setup within the link setup process can be collectively referred to as the association process.
[0073] In step 310, the STA can perform a network discovery operation. The network discovery operation may include the STA's scanning operation. That is, in order for the STA to access a network, it must find a network it can join. Before joining a wireless network, the STA must identify a compatible network, and the process of identifying networks existing in a specific area is called scanning.
[0074] Scanning methods include active scanning and passive scanning. Figure 3 illustrates a network discovery operation that includes an active scanning process as an example. In active scanning, the STA performing the scanning moves between channels to search for nearby APs, transmits a probe request frame, and waits for a response. The responder transmits a probe response frame as a response to the probe request frame to the STA that transmitted the probe request frame. Here, the responder may be the STA that last transmitted a beacon frame from the BSS of the channel being scanned. In a BSS, the AP becomes the responder because it transmits the beacon frame; however, in an IBSS, the responder is not constant because STAs within the IBSS take turns transmitting the beacon frame. For example, an STA that transmits a probe request frame on channel 1 and receives a probe response frame on channel 1 can store BSS-related information included in the received probe response frame and move to the next channel (e.g., channel 2) to perform scanning in the same way (i.e., transmit and receive probe request / response on channel 2).
[0075] Although not illustrated in FIG. 3, the scanning operation may be performed using a passive scanning method. In passive scanning, the STA performing the scanning waits for a beacon frame while switching between channels. A beacon frame is one of the management frames defined in IEEE 802.11, which announces the presence of a wireless network and is periodically transmitted to allow the scanning STA to find the wireless network and join it. In a BSS, the AP performs the role of periodically transmitting beacon frames, and in an IBSS, the STAs within the IBSS take turns transmitting beacon frames. When the scanning STA receives a beacon frame, it stores the information about the BSS included in the beacon frame and records the beacon frame information in each channel while moving to another channel. The STA that receives the beacon frame stores the BSS-related information included in the received beacon frame, moves to the next channel, and can perform scanning in the next channel in the same way. When comparing active scanning and passive scanning, active scanning has the advantage of lower delay and power consumption than passive scanning.
[0076] After the STA discovers the network, an authentication process can be performed in step 320. This authentication process may be referred to as the first authentication process to clearly distinguish it from the security setup operation in step 340 described later.
[0077] The authentication process involves the STA sending an authentication request frame to the AP, and the AP sending an authentication response frame to the STA in response. The authentication request frame and the authentication response frame used in the authentication process belong to management frames.
[0078] The authentication frame may include information regarding the authentication algorithm number, authentication transaction sequence number, status code, challenge text, Robust Security Network (RSN), Finite Cyclic Group, etc. These are some examples of information that may be included in the authentication request / response frame, and they may be replaced with other information or additional information may be included.
[0079] The STA can send an authentication request frame to the AP. Based on the information contained in the received authentication request frame, the AP can determine whether to allow authentication for the STA. The AP can provide the result of the authentication process to the STA through an authentication response frame.
[0080] After the STA is successfully authenticated, the association process can be performed in step 330. The association process includes the STA sending an association request frame to the AP, and in response, the AP sending an association response frame to the STA.
[0081] The association request frame may include information regarding various capabilities, beacon listen interval, service set identifier (SSID), supported rates, supported channels, robust security network (RSN), mobility domain, supported operating classes, Traffic Indication Map Broadcast request, interworking service capabilities, etc. For example, the association response frame may include information regarding various capabilities, status code, Association ID (AID), supported rates, Enhanced Distributed Channel Access (EDCA) parameter set, Received Channel Power Indicator (RCPI), Received Signal to Noise Indicator (RSNI), mobility domain, timeout interval (e.g., association comeback time), overlapping BSS scan parameters, TIM broadcast response, Quality of Service (QoS) map, etc. These are some examples of information that may be included in a combined request / response frame, and the combined request / response frame may include other additional information.
[0082] After the STA is successfully joined to the network through the AP, the security setup process can be performed in step 340. The security setup process in step 340 may include an authentication process through RSNA (Robust Security Network Association) requests and responses. Additionally, if the authentication process in step 320 is referred to as the first authentication process, the security setup process in step 340 may also be referred to simply as the authentication process.
[0083] The security setup process of step 340 may include, for example, a private key setup process through a 4-way handshake via an EAPOL (Extensible Authentication Protocol over LAN) frame. Additionally, the security setup process may be performed according to a security method not defined in the IEEE 802.11 standard.
[0084] FIG. 4 illustrates a backoff operation related to the present disclosure.
[0085] In wireless LAN systems, the basic access mechanism of a MAC is the CSMA / CA (Carrier Sense Multiple Access with Collision Avoidance) mechanism. The CSMA / CA mechanism is also known as the Distributed Coordination Function (DCF) of IEEE 802.11 MACs, and it basically employs a "listen before talk" access mechanism. According to this type of access mechanism, the AP and / or STA perform Clear Channel Assessment (CCA) to sense the wireless channel or medium for a predetermined time interval (e.g., DIFS (DCF Inter-Frame Space)) before starting transmission. If the sensing result determines that the medium is in an idle status, the AP and / or STA start transmitting a frame through that medium. On the other hand, if the medium is detected to be occupied or busy, the AP and / or STA may not start their own transmission but wait for a predetermined delay period for medium access (e.g., a random backoff period) before attempting to transmit a frame. By applying a random backoff period, multiple STAs attempt to transmit frames after waiting for different periods of time, thereby minimizing collisions.
[0086] In addition, the IEEE 802.11 MAC protocol provides a Hybrid Coordination Function (HCF). The HCF is based on the aforementioned Point Coordination Function (PCF). The PCF is a polling-based synchronous access method that refers to a method of periodically polling so that all receiving APs and / or STAs can receive data frames. Furthermore, the HCF includes Enhanced Distributed Channel Access (EDCA) and Controlled Channel Access (HCCA). EDCA is a contention-based access method for a provider to provide data frames to multiple users, while HCCA uses a non-contention-based channel access method utilizing a polling mechanism. Additionally, the HCF includes a media access mechanism to improve the Quality of Service (QoS) of a wireless LAN and can transmit QoS data during both the Contention Period (CP) and the Contention-Free Period (CFP).
[0087] With reference to FIG. 4, the operation based on the random backoff period is described. When a medium that was in an occupied / busy state changes to an idle state, multiple STAs may attempt to transmit data (or frames). As a measure to minimize collisions, each STA may select a random backoff count and attempt transmission after waiting for the corresponding slot time. The random backoff count has a pseudo-random integer value and can be determined as one of the values in the range from 0 to CW. Here, CW is the Contention Window parameter value. The CW parameter is given an initial value of CWmin, but in the event of transmission failure (e.g., failure to receive an ACK for a transmitted frame), the STA may double the CW. When the CW parameter value reaches CWmax, the STA may attempt to transmit data while maintaining the CWmax value until data transmission is successful, and if data transmission is successful, the CW is reset to the CWmin value. The values of CW, CWmin, and CWmax can be set to 2n-1 (n=0, 1, 2, ...).
[0088] When the random backoff process begins, the STA continues to monitor the media while counting down the backoff slots according to the determined backoff count value. When the media is monitored as occupied, it stops the countdown and waits, and when the media becomes idle, it resumes the remaining countdown.
[0089] In the example of Fig. 4, when a packet to be transmitted arrives at the MAC of STA3, STA3 confirms that the medium is idle for DIFS and can immediately transmit the frame. The remaining STAs monitor whether the medium is occupied or idle and wait. Meanwhile, data to be transmitted may also arise at each of STA1, STA2, and STA5, and each STA, once it confirms that the medium is idle, waits for DIFS and then performs a countdown of the backoff slot according to a random backoff count value selected by each. Assume the case where STA2 selects the smallest backoff count value and STA1 selects the largest backoff count value. That is, it exemplifies a case where, at the point when STA2 finishes the backoff count and starts transmitting the frame, the remaining backoff time of STA5 is shorter than the remaining backoff time of STA1. STA1 and STA5 pause the countdown briefly and wait while STA2 occupies the medium. When STA2's possession ends and the medium becomes idle again, STA1 and STA5 wait for DIFS and then resume the paused backoff count. That is, STA1 and STA5 can start frame transmission after counting down the remaining backoff slots corresponding to the remaining backoff time. Since STA5's remaining backoff time was shorter than STA1's, STA5 starts frame transmission. Data to be transmitted may also occur in STA4 while STA2 is occupying the medium. When the medium becomes idle, STA4 waits for DIFS, performs a countdown based on a random backoff count value selected by itself, and can start frame transmission. The example in Figure 4 illustrates a case where STA5's remaining backoff time happens to match STA4's random backoff count value; in this case, a collision may occur between STA4 and STA5. If a collision occurs, neither STA4 nor STA5 receives an ACK, resulting in a failure of data transmission.In this case, STA4 and STA5 can double the CW value, select a random backoff count value, and perform a countdown. STA1 waits while the medium is occupied due to the transmission of STA4 and STA5, and when the medium becomes idle, it waits for DIFS, and then can start transmitting frames after the remaining backoff time has elapsed.
[0090] As shown in the example in Fig. 4, a data frame is a frame used for transmitting data to an upper layer and can be transmitted after a backoff performed after the elapsed time of DIFS from when the medium becomes idle. Additionally, a management frame is a frame used for exchanging management information without being transmitted to an upper layer, and is transmitted after a backoff performed after the elapsed time of an IFS such as DIFS or PIFS (Point coordination function IFS). A management frame may include a beacon, association request / response, re-association request / response, probe request / response, authentication request / response, etc., as a subtype frame. A control frame is a frame used to control access to the medium. A control frame is a subtype frame and may include a Request-To-Send (RTS), Clear-To-Send (CTS), Acknowledgment (ACK), Power Save-Poll (PS-Poll), Block ACK (B-ACK or BlockAck), Block ACK Request (BlockACKReq), Null Data Packet Announcement (NDP), Trigger, etc. If the control frame is not an acknowledgment frame of the previous frame, it is transmitted after a backoff performed after the elapsed DIFS; if it is an acknowledgment frame of the previous frame, it is transmitted after the short IFS (SIFS) elapsed without a backoff. The type and subtype of the frame can be identified by the type field and subtype field within the frame control (FC) field.
[0091] A QoS (Quality of Service) STA can transmit a frame after backoff, which is performed after the elapsed time of the arbitration IFS (AIFS) for the access category (AC) to which the frame belongs, i.e., AIFS[i] (where i is a value determined by the AC). Here, the frames for which AIFS[i] can be used can be data frames, management frames, and control frames rather than response frames.
[0092] FIG. 5 illustrates a CSMA / CA (Carrier Sense Multiple Access with Collision Avoidance) based frame transmission operation related to the present disclosure.
[0093] As previously mentioned, the CSMA / CA mechanism includes virtual carrier sensing in addition to physical carrier sensing, where the STA directly senses the medium. Virtual carrier sensing is intended to mitigate problems that may occur in medium access, such as the hidden node problem. For virtual carrier sensing, the STA's MAC can utilize the Network Allocation Vector (NAV). The NAV is a value that indicates to other STAs the time remaining until the medium becomes available, provided that the STA currently using or authorized to use the medium is using it. Therefore, the value set as the NAV corresponds to the period during which the medium is scheduled to be used by the STA transmitting the frame, and the STA receiving the NAV value is prohibited from accessing the medium during that period. For example, the NAV can be set based on the value of the "duration" field in the frame's MAC header.
[0094] In the example of FIG. 5, STA1 wants to transmit data to STA2, and STA3 is in a position to overhear part or all of the frames transmitted and received between STA1 and STA2.
[0095] In order to reduce the possibility of collisions between multiple STAs in a CSMA / CA-based frame transmission operation, a mechanism utilizing RTS / CTS frames may be applied. In the example of FIG. 5, while STA1 is transmitting, the medium may be determined to be idle based on the carrier sensing result of STA3. That is, STA1 may be a hidden node to STA3. Alternatively, in the example of FIG. 5, while STA2 is transmitting, the medium may be determined to be idle based on the carrier sensing result of STA3. That is, STA2 may be a hidden node to STA3. By exchanging RTS / CTS frames before performing data transmission and reception between STA1 and STA2, it is possible to prevent a STA outside the transmission range of either STA1 or STA2, or a STA outside the carrier sensing range for transmission from STA1 or STA3, from attempting to occupy the channel during data transmission and reception between STA1 and STA2.
[0096] Specifically, STA1 can determine whether the channel is in use through carrier sensing. In terms of physical carrier sensing, STA1 can determine the channel occupancy idle state based on the energy magnitude or signal correlation detected in the channel. Additionally, in terms of virtual carrier sensing, STA1 can determine the channel occupancy state using a NAV timer.
[0097] If the channel is idle during DIFS, STA1 can send an RTS frame to STA2 after performing backoff. If STA2 receives the RTS frame, it can send a CTS frame to STA1 as a response to the RTS frame after SIFS.
[0098] If STA3 cannot overhear a CTS frame from STA2 but can overhear an RTS frame from STA1, STA3 can set a NAV timer for the duration of subsequent consecutive frame transmissions (e.g., SIFS + CTS frame + SIFS + data frame + SIFS + ACK frame) using the duration information included in the RTS frame. Alternatively, if STA3 cannot overhear an RTS frame from STA1 but can overhear a CTS frame from STA2, STA3 can set a NAV timer for the duration of subsequent consecutive frame transmissions (e.g., SIFS + data frame + SIFS + ACK frame) using the duration information included in the CTS frame. That is, if STA3 can overhear one or more of the RTS or CTS frames from one or more of STA1 or STA2, it can set a NAV accordingly. If STA3 receives a new frame before the NAV timer expires, it can update the NAV timer using the duration information contained in the new frame. STA3 does not attempt channel access until the NAV timer expires.
[0099] If STA1 receives a CTS frame from STA2, it may transmit a data frame to STA2 after SIFS from the time the reception of the CTS frame is completed. If STA2 successfully receives the data frame, it may transmit an ACK frame, which is an acknowledgment of the data frame, to STA1 after SIFS. STA3 may determine whether the channel is in use through carrier sensing when the NAV timer expires. If STA3 determines that the channel is not in use by another terminal during DIFS from the time the NAV timer expires, it may attempt channel access after a contention window (CW) based on random backoff has passed.
[0100] FIG. 6 illustrates an exemplary format of a frame used in a wireless LAN system related to the present disclosure.
[0101] Based on instructions or primitives (meaning a set of instructions or parameters) from the MAC layer, the PHY layer can prepare the MPDU (MAC PDU) to be transmitted. When the PHY layer receives an instruction from the MAC layer requesting the start of transmission, it switches to transmission mode and can construct the information provided by the MAC layer (e.g., data) into a frame and transmit it. Additionally, if the PHY layer detects a valid preamble of the received frame, it can monitor the preamble header and send an instruction to the MAC layer indicating the start of reception.
[0102] As such, information transmission and reception in wireless LAN systems are carried out in the form of frames, and for this purpose, the Physical Layer Protocol Data Unit (PPDU) frame format is defined.
[0103] A basic PPDU frame may include a short training field (STF), a long training field (LTF), a signal field (SIG), and a data field. The most basic (e.g., non-HT (high throughput)) PPDU frame format may consist only of a legacy-STF (Legacy-STF), a greenfield field (Legacy-LTF), a signal field, and a data field. Additionally, depending on the type of PPDU frame format (e.g., HT-mixed format PPDU, HT-greenfield format PPDU, VHT (very high throughput) PPDU, etc.), additional (or different types of) STF, LTF, and signal fields may be included between the signal field and the data field. Specific types of frame formats will be described later in FIG. 7.
[0104] STF is a signal for signal detection, AGC (automatic gain control), diversity selection, and precise time synchronization, while LTF is a signal for channel estimation and frequency error estimation. STF and LTF are signals for synchronization and channel estimation in the physical layer of OFDM (orthogonal frequency division multiplexing).
[0105] The SIG field may include a RATE field and a LENGTH field, etc. The RATE field may include information regarding the modulation and coding rates of the data. The LENGTH field may include information regarding the length of the data. Additionally, the SIG field may include a parity bit, a SIG TAIL bit, etc.
[0106] The data field may include a SERVICE field, a PSDU (physical layer service data unit), and PPDU TAIL bits, and may also include padding bits if necessary. Some bits of the SERVICE field may be used for synchronization of the descrambler at the receiver. The PSDU corresponds to a MAC PDU defined at the MAC layer and may contain data generated or used by the upper layer. The PPDU TAIL bits may be used to return the encoder to a 0 state. Padding bits may be used to adjust the length of the data field to a predetermined unit.
[0107] A MAC PDU is defined according to various MAC frame formats, and a basic MAC frame consists of a MAC header, a frame body, and a frame check sequence (FCS). A MAC frame is composed of a MAC PDU and can be transmitted or received through the PSDU of the data portion of the PPDU frame format.
[0108] The MAC header includes a frame control field, a duration / ID field, an address field, etc. The frame control field may contain control information necessary for frame transmission / reception. The duration / ID field may be set as the time for transmitting the corresponding frame, etc. The specific details of the Sequence Control, QoS Control, and HT Control subfields of the MAC header are omitted.
[0109] Although not illustrated in Fig. 6, the null-data packet (NDP) frame format refers to a frame format that does not include data packets. That is, an NDP frame refers to a frame format that includes the PLCP (physical layer convergence procedure) header portion (i.e., STF, LTF, and SIG fields) in a standard PPDU frame format, but excludes the remaining portion (i.e., data fields). An NDP frame may also be referred to as a short frame format.
[0110] FIG. 7 illustrates an exemplary format of a PPDU (physical layer protocol data unit) of a wireless LAN system related to the present disclosure.
[0111] Various forms of PPDU are used in standards such as IEEE 802.11a / g / n / ac / ax / be. The basic PPDU format (the format of IEEE 802.11a / g) includes L-LTF, L-STF, L-SIG, and Data fields. The basic PPDU format may also be referred to as the non-HT PPDU format.
[0112] The HT PPDU format (the format of IEEE 802.11n) additionally includes HT-SIG, HT-STF, and HT-LFT(s) fields in addition to the basic PPDU format. The HT PPDU format illustrated in Fig. 7 can be referred to as the HT-mixed format. Although not illustrated, an HT-greenfield format PPDU may be defined, which is a format that does not include L-STF, L-LTF, and L-SIG, but consists of HT-GF-STF, HT-LTF1, HT-SIG, one or more HT-LTFs, and Data fields.
[0113] The VHT PPDU format (the format of IEEE 802.11ac) additionally includes VHT SIG-A, VHT-STF, VHT-LTF, and VHT-SIG-B fields in addition to the basic PPDU format.
[0114] The HE PPDU format (the format of IEEE 802.11ax) additionally includes the RL-SIG (Repeated L-SIG), HE-SIG-A, HE-SIG-B, HE-STF, HE-LTF(s), and PE (Packet Extension) fields in addition to the basic PPDU format. Depending on specific examples of the HE PPDU format, some fields may be excluded or their lengths may vary. For example, the HE-SIG-B field is included in the HE PPDU format for multi-user (MU), but is not included in the HE PPDU format for single-user (SU). Additionally, the HE trigger-based (TB) PPDU format does not include HE-SIG-B, and the length of the HE-STF field may vary to 8 μs. The HE ER (Extended Range) SU PPDU format does not include the HE-SIG-B field, and the length of the HE-SIG-A field may vary to 16 μs.
[0115] FIG. 8 illustrates another exemplary format of a PPDU of a wireless LAN system related to the present disclosure.
[0116] The EHT PPDU format of FIG. 8 (format of IEEE 802.11be) may include the EHT MU PPDU format and the EHT TB PPDU format. The EHT MU PPDU format corresponds to a PPDU that carries one or more data (or PSDU) for one or more users. The EHT MU PPDU may be used for both SU transmission and MU transmission, and the EHT MU PPDU may correspond to a PPDU for one receiving STA or multiple receiving STAs. The EHT-SIG is omitted in the EHT TB PPDU compared to the EHT MU PPDU. A STA that receives a trigger for UL MU transmission (e.g., a trigger frame or an RTS frame) may perform UL transmission based on the EHT TB PPDU format.
[0117] The EHT PPDU format additionally includes RL-SIG, U-SIG (Universal SIG), EHT-SIG, EHT-STF, EHT-LTF(s), and PE fields in addition to the basic PPDU format. Depending on the specific examples of the EHT PPDU format, some fields may be excluded or their lengths may vary. For example, depending on the previously described EHT MU PPDU format and EHT TB PPDU format, some fields of the EHT PPDU format may be included or excluded, or the length of specific fields may vary.
[0118] Meanwhile, prior to association or connection for performing Multi-AP operation among a plurality of APs, the present disclosure describes methods for mutually verifying whether the APs are capable of supporting Multi-AP operation and for ensuring reliability. More specifically, in order to perform coordination operations among APs according to a Multi-AP coordination scheme (hereinafter referred to as the M-AP scheme) (e.g., C-TDMA (coordinated time division multiple access), CR-TWT (coordinated restricted target awake time), C-SR (coordinated spatial reuse), or C-BF (coordinated beamforming), capability information among APs (e.g., Multi-AP capability) needs to be shared. Additionally, authentication may be required to determine whether they can be combined into a single pair or group to perform Multi-AP operations by indicating whether security is required. In this case, the coordination operations among APs may include functions for negotiating operating modes or power-saving mode scheduling by cooperating with each other, such as Coordinated Operating Mode Negotiation or Coordinated Power-Saving Scheduling. Furthermore, as described in the examples above, the coordination operations among APs involve Multi-AP (M-AP or MAP, hereinafter referred to as M-AP), Coordinated-AP (C-AP), or Multi-AP It may be referred to as Coordination (MAPC, or MAP-C), and may refer to an operation or process for communication between APs for smooth M-AP operation. Hereinafter, in the present disclosure, the cooperative operation between the APs described above may be referred to as M-AP, but is not limited to this designation.
[0119] Additionally, the M-AP operation described in this disclosure may be performed in a single AP pair or an AP group comprising multiple APs. Accordingly, in the embodiments described below, at least these APs performing the M-AP operation may constitute a single AP pair or a single AP group. However, for convenience of explanation, this disclosure includes an example in which a single AP pair composed of two APs performs the M-AP procedure.
[0120] FIG. 9 illustrates the configuration of a Multi-AP (access point) framework of a wireless LAN system according to one embodiment of the present disclosure.
[0121] Referring to Fig. 9, in 802.11bn, the process of sharing or advertising (hereinafter referred to as advertisement) the M-AP capabilities supported by each AP and negotiating or agreeing on which M-AP scheme to use can be defined as a general M-AP framework.
[0122] More specifically, in step 910, the advertisement of M-AP capability may broadcast or announce information regarding each AP's M-AP capability through a management frame. Additionally, the management frame for the advertisement of M-AP capability may be referred to as an M-AP capability advertisement frame. Thus, M-AP capability may be shared or exchanged between at least two APs (hereinafter referred to as AP1 and AP2) in an unencrypted state. Furthermore, the broadcasted M-AP capability of a specific AP may be discovered by at least one other AP. For example, at least one neighboring AP may overhear information from the AP broadcasting the M-AP capability, which may be referred to as M-AP discovery passive scanning (e.g., the passive scanning method of FIG. 3 described above). Thus, information related to M-AP between APs may be identified by the advertisement of M-AP capability. For example, the AP may identify information regarding whether at least one other AP supports M-AP or the status of M-AP operation. In one embodiment, the AP may identify at least one other AP capable of participating in or supporting M-AP operation. In one embodiment, the APs participating in M-AP operation may identify which M-AP operation (e.g., M-AP scheme) to perform based on information regarding the discovered M-AP capability. Of course, the M-AP scheme may be determined in a step after step 910 (e.g., an ICF (initial control frame) / ICR (initial control response) exchange operation at the TXOP (transmission opportunity) level).
[0123] In step 920, based on the M-AP capabilities exchanged between APs, the APs can perform authentication. The authentication operation in step 920 may include an authentication procedure to determine whether M-AP operations can be performed between APs. The authentication operation in step 920 may be one of the IEEE 802.11 authentication methods (e.g., FT (Fast BSS Transition) authentication, SAE (Simultaneous Authentication of Equals), FILS authentication, PASN (Pre-association Security Negotiation) authentication, or WP3 (Wi-Fi protected access 3) based authentication). If the authentication operation in step 920 is the FT authentication, SAE, FILS authentication, PASN authentication, or WP3-based authentication operation exemplified above, an authentication procedure to determine whether M-AP operations can be performed between APs may be performed by including it in part of the detailed message of the aforementioned authentication operation. An AP can enhance security through an authentication operation to perform M-AP operations with an authenticated overlapping basic service set (OBSS) AP (e.g., an AP of another BSS that overlaps with its own basic service set). However, Step 920 may not be a mandatory step and may be performed optionally depending on security requirements. For example, if authentication between APs is completed prior to the operation of the present disclosure, Step 920 may be omitted. As another example, Step 920 may be performed as a separate step prior to Step 950 below, or it may be performed together with Step 950.Meanwhile, the present disclosure may be a case where the authentication step between APs of step 920 is performed as a single independent step, and a more specific method of operation is described below in FIG. 10.
[0124] In step 930, based on steps 910 and 920, a combination or connection between APs (hereinafter referred to as M-AP combination) may be performed. For example, through step 910, M-AP capabilities are detected and mutually discovered APs may be assigned an M-AP AID (e.g., an AID between APs) to each AP for combination. Meanwhile, the M-AP AID assigned for mutual identification between APs may be referred to as an AID below, but it should be noted that it may refer to a different meaning from the AID assigned between an AP and a non-AP STA as described above. Additionally, the assigned AID is exchanged between APs so that the APs can identify each other's AIDs. In one embodiment, an AID may be assigned to each AP. In another embodiment, in addition to the M-AP AID, an ID to designate an AP pair or AP group may be additionally assigned, which may be referred to as an M-AP Group ID (or M-AP GID).
[0125] In step 940, APs can generate and negotiate security keys to support trigger frames based on WPS, etc. or MAC header protection. At this time, signaling may be possible by adopting security procedures defined in IEEE 802.11 (e.g., Wi-Fi Protection Setup between APs or RSNA (robust security network association)).
[0126] In step 950, APs may perform negotiation and agreement on M-AP features or features. Even when referred to as a negotiation procedure or an agreement procedure in this disclosure, it may mean a procedure that includes both negotiation and agreement operations of step 950. Additionally, M-AP features may refer to features or functions that are distinguished according to an M-AP scheme, or, even if they relate to the same M-AP scheme, are distinguished according to a logical session (hereinafter referred to as a session) created through negotiation / agreement between APs.
[0127] In step 960, APs can perform actions corresponding to the M-AP scheme(s) agreed upon between APs through the aforementioned steps 910 or 950.
[0128] The names of each step in FIG. 9 described above are merely examples to explain the operation of the corresponding step and are not limited to the examples provided. Therefore, each step may be replaced with an appropriate term to describe the corresponding operation. For example, the M-AP combination in step 930 described above may be referred to as M-AP link establishment, M-AP pre-negotiation, M-AP pre-configuration, or M-AP ID allocation. Additionally, while the description in FIG. 9 describes M-AP operations performed between two APs, it can be applied in the same way when performed between three or more APs (e.g., a group of APs).
[0129] FIG. 10 illustrates the flow of signals for Multi-AP operation in a wireless LAN system according to one embodiment of the present disclosure.
[0130] Referring to FIG. 10, the flow of signals in an M-AP coupling procedure including each step of FIG. 9 described above is explained. For example, the entire sequence of M-AP operations performed through the advertising, authentication, coupling, security, and negotiation / agreement steps between AP1 and AP2 of FIG. 9 can be configured as follows. Hereinafter, in the embodiment of FIG. 10, APs may refer to AP1 and AP2. Accordingly, descriptions that overlap with FIG. 9 may be omitted.
[0131] In step 1010, AP1 and AP2 may exchange information regarding each other's M-AP capabilities and M-AP coupling status. For example, information regarding M-AP capabilities may include at least one of the following: the capability regarding cryptography used for M-AP authentication, information regarding whether M-AP schemes are supported and the types and characteristics of supported M-AP schemes, information regarding whether security is supported for M-AP schemes, or a list of M-AP schemes requiring security. In step 1010 of FIG. 10, the AP may include information regarding its M-AP capabilities and M-AP coupling status in a broadcast management frame, such as a beacon frame, and transmit it to the surroundings. Step 1010 of FIG. 10 may be referred to as the Multi-AP Passive Discovery (or Multi-AP Discovery Passive Scanning) step. In step 1020, the APs mutually discovered in step 1010 may perform mutual authentication through an M-AP authentication procedure. For example, since the service providers (vendors) and / or settings between APs may differ, the M-AP authentication procedure may refer to a procedure for verifying, based on frame switching, whether access is possible or whether the use and negotiation of the M-AP scheme is possible. Thus, through step 1020, trust between APs to form an M-AP combination can be ensured. More specifically, in step 1023, AP2 may send an M-AP authentication request message to AP1. In step 1025, in response to step 1023, AP1 may send an M-AP authentication response message to AP2. Meanwhile, as described above in FIG. 9, the M-AP authentication procedure (1020) may be omitted in some cases. For example, if mutual authentication between APs is completed prior to the M-AP operation described in FIG. 10, step 1020 may be omitted.However, the present disclosure describes an example in which step 1020 is performed without being omitted. Step 1020 of FIG. 10 may be referred to as the Multi-AP Active Discovery (or Multi-AP Discovery Active scanning) step.
[0132] In step 1030, APs may assign AIDs between APs through an M-AP joining procedure. More specifically, in step 1033, AP2 may send an M-AP joining request message to AP1. For example, the M-AP joining request message may include information indicating that it is a request for M-AP joining, or at least one of the AIDs of the counterpart AP (e.g., AP1) assigned by the AP requesting the joining (e.g., AP2). In step 1035, AP1 may send an M-AP joining response message to AP2. For example, the M-AP joining response message may include information indicating that it is a response for M-AP joining, or at least one of the AIDs of the AP requesting the joining (e.g., AP2). At this time, AP2, which transmits the M-AP association request message, may be referred to as the M-AP requesting AP or the M-AP association requesting AP (e.g., M-AP (association) requesting AP), and AP1, which transmits the M-AP association response message, may be referred to as the M-AP response AP or the M-AP association responding AP (e.g., M-AP (association) responding AP). In step 1030, the M-AP AID value assigned by the AP to the counterpart AP must be a value other than the AID previously assigned by the AP to the non-AP STAs connected to it, and must not be an M-AP AID value previously assigned by M-AP association to an AP other than the counterpart AP to which the M-AP AID is to be assigned.
[0133] In step 1040, APs may perform M-AP protection setup. M-AP protection setup may be a procedure performed separately from the aforementioned step 1020 if additional encryption is required for security. Therefore, step 1040 is not a mandatory step and may be omitted depending on the circumstances. Meanwhile, whether additional encryption is required may be included in the M-AP combination request message (e.g., step 1033), so that information regarding whether additional encryption procedures will be performed may be conveyed in advance.
[0134] In step 1050, APs may perform M-AP feature negotiation / agreement. In one embodiment, a configuration that can be commonly used among APs regardless of the M-AP scheme (e.g., common configuration or common M-AP configuration) and / or a configuration specific to the M-AP scheme (e.g., M-AP specific configuration) may be negotiated. In this case, the configuration that can be commonly used may include at least one parameter that considers M-AP operations that are short-term or periodic (long-term).
[0135] At step 1060, APs can perform actions specific to M-AP features or M-AP schemes. For example, APs can perform actions corresponding to a specific M-AP scheme agreed upon at step 1050.
[0136] Meanwhile, the signalings in the aforementioned step 1010 (e.g., signaling for M-AP capability advertising) may be transmitted via a beacon frame. Additionally, as described above, a beacon frame is one of the management frames defined in IEEE 802.11, and the management frame of the present disclosure may refer to a management frame defined in IEEE 802.11 or a newly defined management frame. The configuration of the element format of the newly defined management frame for signaling in the present disclosure is described in detail below in FIG. 12.
[0137] The steps of FIG. 10 described above may be performed by omitting at least one step or by adding at least one new step and combining them with the steps described above. Additionally, the steps described above in FIG. 10 may be merged into a single step, or a single step may be separated into the steps described above. For example, although the above-described step 1050 was described as a separate step from step 1030, it may be performed in a single step (e.g., step 1030).
[0138] FIG. 11 is a block diagram illustrating the state transition of an AP related to Multi-AP operation in a wireless LAN system according to one embodiment of the present disclosure.
[0139] Referring to FIG. 11, the state changes of APs according to the M-PA authentication, coupling, and security procedures of FIG. 9 or FIG. 10 described above are explained. Therefore, descriptions that overlap with FIG. 9 or FIG. 10 are omitted. The state transition steps illustrated in FIG. 11 can be individually generated and managed by surrounding APs performing multi-AP operations. For example, after an AP (the first AP) discovers two surrounding APs (the second AP and the third AP), it can generate state transition steps for the second AP and state transition steps for the third AP, respectively, and manage them separately.
[0140] The first state (1110) may be a state before the APs perform the M-AP authentication procedure after exchanging information about their M-AP capabilities. For example, the APs share information regarding whether each other AP supports M-AP, a list of supported M-AP schemes, whether they form an M-AP combination, and the status of the M-AP combination, and may represent a state in which step 1010 of FIG. 10 described above has been performed. However, between an AP and a non-AP STA, regarding the authentication request from the non-AP STA, the AP may decide whether to allow the non-AP STA requesting authentication to be a member serviced in its BSS. Additionally, in the case of an enterprise network, a centralized network, or a network where a controller AP exists and manages other APs, the entity acting as the controller may take the initiative to perform authentication, combination, multi-AP negotiation, and consent procedures. However, in network environments where there is no entity acting as a controller, such as distributed networks or residential networks, APs do not perform an operation in which a specific AP takes the initiative to decide whether to allow the other AP. Therefore, prior to performing an M-AP operation, an authentication procedure (e.g., step 920 or step 1020) can be performed between APs to determine whether the M-AP operation can be performed.
[0141] The second state (1120) may represent the state of the APs when the M-AP authentication procedure between the APs supporting the M-AP is successfully performed. At this time, the reliability between the APs to form the M-AP combination can be secured through the M-AP authentication procedure. For example, it may represent the state in which step 1020 of FIG. 10 described above is successfully performed. Accordingly, the APs that have successfully performed the M-AP authentication procedure are in a state in which at least one M-AP scheme commonly supported exists through step 1020, and can perform the M-AP combination procedure (e.g., step 930 or step 1030) to select one of the supported M-AP schemes and initiate an operation accordingly.
[0142] A third state (1130) may represent the state of the APs when the M-AP combination procedure between the authenticated APs has been successfully performed. In this case, if the state does not require additional security (e.g., if the M-AP authentication procedure did not indicate that security is required), the APs in the third state (1130) may perform actions according to the M-AP scheme. On the other hand, if the state requires additional security (e.g., if the M-AP authentication procedure indicated that security is required), the APs in the third state (1130) may perform additional security procedures (M-AP security setup procedures) (e.g., step 940 or step 1040). The third state (1130) may be a state in which an AP AID (AP Association ID, AP ID) for mutual identification between APs has been pre-assigned. An M-AP scheme that can be performed in the third state (1130) may be referred to as an unprotected M-AP scheme.
[0143] The fourth state (1140) may represent the state of APs where the M-AP security setup procedure has been performed when additional security is required. Accordingly, APs in the fourth state (1140) may be in a state where M-AP authentication, coupling, and security have been completed. An M-AP scheme that can be performed in the fourth state (1140) may be referred to as a protected M-AP scheme. Meanwhile, an AP may broadcast to surrounding APs the M-AP schemes that can be allowed (or supported) in the third state (1130) and the M-AP schemes that can be allowed (or supported) in the fourth state (1140), respectively, by including them in the M-AP capability information. For example, the M-AP capability information included in the beacon frame may include a list of M-AP schemes that can be performed without encryption (or in the third state (1130)) (or an unprotected M-AP scheme list) and a list of M-AP schemes that require enhanced security (or in the fourth state (1140)) (or a protected M-AP scheme list), respectively. For example, the same M-AP scheme (e.g., C-TDMA) may be supported by both the AP in the third state (1130) and the AP in the fourth state (1140), but in this case, the detailed operation of the AP may be restricted in the third state (1130). Of course, although the above example illustrates that information regarding M-AP schemes is included in a list format, this is merely one example.
[0144] FIG. 12 illustrates an example of an element format that constitutes a Multi-AP capability advertisement frame in a wireless LAN system according to one embodiment of the present disclosure.
[0145] Referring to FIG. 12, there is an example of the configuration of an element format for an M-AP operation included in a beacon frame required for advertising M-AP capabilities (e.g., step 910 or step 1010). For example, a beacon frame used by an AP to broadcast information about its M-AP capabilities may further include at least one field for an M-AP procedure. In this case, the beacon frame may be based on a beacon frame defined in IEEE 802.11 or may be newly defined.
[0146] Referring again to FIG. 12, the element format for M-AP operation included in the beacon frame may be referred to as the M-AP operation element format. Of course, it is not limited to the above name. In one embodiment, the M-AP operation element format may include at least some of the Element ID field (1210), Length field (1220), Element ID Extension field (1230), Control field (1240), MAP Support field (1250), Protected MAP Support field (1260), or MAP Operation Parameter field (1270). The Element ID field (1210) contains one octet and may represent a beacon element ID. For example, the Element ID field (1210) may have a value of 255. The Length field (1220) contains one octet and may include a value for the length of the information transmitted through the M-AP operation element format. The Element ID Extension field (1230) contains 1 octet and can represent the extended value of Element ID 255.
[0147] The Control field (1240) includes one octet and may include a value related to M-AP control. At this time, the configuration of the sub-fields constituting the Control field (1240) is described in detail below in FIG. 13.
[0148] The MAP Support field (1250) contains 1 octet and may contain information about M-AP schemes supported by the AP transmitting the beacon frame.
[0149] The Protected MAP Support field (1260) contains one octet and may include information about M-AP schemes (or specific features) that require security among the M-AP schemes supported by the AP transmitting the beacon frame. For example, the security requirement for a specific feature may include cases where the security requirement may be applied differently depending on the beam type in the case of C-BF. However, the Protected MAP Support field (1260) may be omitted depending on the case.
[0150] In one embodiment, if the MAP Support field (1250) contains only information regarding M-AP schemes supported by the AP transmitting the beacon frame, the M-AP operation element format may include a Protected MAP Support field (1260). In this case, the Protected MAP Support field (1260) may include information regarding the need for security for each of the M-AP schemes included in the MAP Support field (1250).
[0151] In another embodiment, if the MAP Support field (1250) includes information regarding M-AP schemes supported by the AP transmitting the beacon frame and information regarding the security requirements for each M-AP scheme, the M-AP operation element format may not include the Protected MAP Support field (1260).
[0152] In another embodiment, if the Control field (1240) indicates that security is not required, the M-AP operation element format may not include the Protected MAP Support field (1260).
[0153] Meanwhile, the structure of the format, field names, values indicated by the fields, the number of fields to which meaningful values are assigned, the order of the fields, the number of octets or bits, and whether fields are included in the format, etc., as illustrated in FIG. 12 are merely examples and may be changed differently from the illustrated and described embodiments.
[0154] FIG. 13 illustrates an example of a control field configuration in a wireless LAN system according to one embodiment of the present disclosure.
[0155] Referring to FIG. 13, the configuration of sub-fields constituting the Control field (1240) of FIG. 12 described above is explained. The Control field (1240) may include at least one of the Type field (1310), the Protected M-AP supported field (1320), the Protected ICF / ICR exchange required field (1330), or the Protected MAP Support Present field (1340).
[0156] The Type field (1310) can indicate the type of element format.
[0157] The Protected M-AP supported field (1320) contains a 1-bit value and may include a value indicating whether security is required for the M-AP schemes supported by the AP transmitting the beacon frame (e.g., whether a secure channel between APs must be formed to perform M-AP operations). For example, if the value corresponding to the Protected M-AP supported field (1320) is 0, it may indicate that security is not required for the M-AP schemes supported by the AP. For example, if the value corresponding to the Protected M-AP supported field (1320) is 0, it may indicate that the M-AP schemes supported by the AP can be performed in the third state (1130) or the fourth state (1140) of FIG. 11. Alternatively, if the value corresponding to the Protected M-AP supported field (1320) is 1, it may indicate that security is required for the M-AP schemes supported by the AP. For example, if the value corresponding to the Protected M-AP supported field (1320) is 1, it may indicate that the M-AP schemes supported by the AP can be performed only in the fourth state (1140) of FIG. 11. Accordingly, depending on the value indicated by the Protected M-AP supported field (1320), it may be determined whether to perform the M-AP security setup procedure (e.g., step 940 or step 1040). Of course, the meaning indicated by each value corresponding to the Protected M-AP supported field (1320) is merely one example and is not limited to the above example.
[0158] The Protected ICF / ICR exchange required field (1330) contains a 1-bit value and may include a value indicating whether security is required for the transmission and reception of the ICF / ICR at the TXOP level. For example, if the value corresponding to the Protected ICF / ICR exchange required field (1330) is 0, it may indicate that security is not required for the transmission and reception of the ICF / ICR. Alternatively, if the value corresponding to the Protected ICF / ICR exchange required field (1330) is 1, it may indicate that security is required for the transmission and reception of the ICF / ICR. For example, if the value corresponding to the Protected ICF / ICR exchange required field (1330) is 1, the AP may need to exchange the protected ICF and the protected ICR. Protected ICF and protected ICR may additionally include fields such as a Message Integrity Check field for verifying integrity within the frame and a Key ID. Of course, the meaning of each value corresponding to the Protected ICF / ICR exchange required field (1330) is merely one example and is not limited to the above example.
[0159] The Protected MAP Support Present field (1340) contains a 1-bit value and can indicate whether the Protected MAP Support field (1260) exists after the Control field (1240) within the M-AP operation element format.
[0160] Meanwhile, the structure of the format, field names, values indicated by the fields, the number of fields to which meaningful values are assigned, the order of the fields, the number of octets or bits, and whether fields are included in the format, etc., as illustrated in FIG. 13 are merely examples and may be changed differently from the illustrated and described embodiments.
[0161] FIG. 14 illustrates an example of a Multi-AP support field configuration in a wireless LAN system according to one embodiment of the present disclosure.
[0162] Referring to FIG. 14, the configuration of the subfields constituting the MAP Support field (1250) of FIG. 12 described above is explained.
[0163] In one embodiment, the MAP Support field (1250) may include fields (1410, 1420, 1450, ...) for indicating whether support is provided for each M-AP scheme. For example, the fields (1410, 1420, 1450, ...) for indicating whether support is provided for each M-AP scheme may include a 1-bit value, and each field may be a field indicating whether support is provided for a first M-AP scheme, a second M-AP scheme, a third M-AP scheme, etc., defined as an M-AP scheme. For example, each of the above-described fields (1410, 1420, 1450, ...) may include at least one of a C-TDMA supported field, a CR-TWT supported field, a C-SR supported field, or a C-BF supported field.
[0164] In another embodiment, the MAP Support field (1250) may further include fields (1420, 1440, 1460, ...) for indicating security requirements per M-AP scheme. The fields (1420, 1440, 1460, ...) for indicating security requirements per M-AP scheme include a 1-bit value and may indicate security requirements for each of the fields (1410, 1430, 1450, ...) for indicating whether support is provided per M-AP scheme. In this case, if the value corresponding to the Protected MAP Support Present field (1340) indicates that security is not required for the M-AP schemes, the MAP Support field (1250) may not include fields (1420, 1440, 1460, ...) for indicating security requirements per M-AP scheme. On the other hand, if the value corresponding to the Protected MAP Support Present field (1340) indicates that security is required for M-AP schemes, the MAP Support field (1250) may include fields (1420, 1440, 1460, ...) for indicating the need for security per M-AP scheme.
[0165] Meanwhile, the structure of the format, field names, values indicated by the fields, the number of fields to which meaningful values are assigned, the order of the fields, the number of octets or bits, and whether fields are included in the format, etc., as illustrated in FIG. 14 are merely examples and may be changed differently from the illustrated and described embodiments.
[0166] FIG. 15 illustrates an example of a protected Multi-AP support field configuration in a wireless LAN system according to one embodiment of the present disclosure.
[0167] Referring to FIG. 15, the configuration of subfields constituting the Protected MAP Support field (1260) of FIG. 12 described above is explained. In one embodiment, the Protected MAP Support field (1260) may include fields (1510, 1520, 1530, 1540, ...) for indicating the need for security for each M-AP scheme. Each field includes a 1-bit value, and each field may be a field indicating that for a first M-AP scheme, a second M-AP scheme, a third M-AP scheme, etc. defined as an M-AP scheme, each M-AP scheme is supported under the premise that a security channel between APs is formed. Additionally, fields (1510, 1520, 1530, 1540, ...) for indicating the need for security per M-AP scheme in the Protected MAP Support field (1260) may indicate the need for security for each M-AP scheme included in the MAP Support field (1250) of FIG. 14 described above. As described above in FIG. 14, if the value corresponding to the Protected MAP Support Present field (1340) indicates that security is required for the M-AP schemes, and the MAP Support field (1250) does not include fields (1420, 1440, 1460, ...) for indicating the need for security per M-AP scheme, the M-AP operation element format may include the Protected MAP Support field (1260).
[0168] Meanwhile, the structure of the format, field names, values indicated by the fields, the number of fields to which meaningful values are assigned, the order of the fields, the number of octets or bits, and whether fields are included in the format, etc., as illustrated in FIG. 15 are merely examples and may be changed differently from the illustrated and described embodiments.
[0169] FIG. 16 illustrates another example of an element format constituting a Multi-AP capability advertisement frame in a wireless LAN system according to one embodiment of the present disclosure.
[0170] Referring to FIG. 16, an example of the configuration of an M-AP operation element format related to the MAP status field (1610) is described. For example, the M-AP operation element format described in FIG. 12 may further include a MAP Status field (1610). Additionally, the Control field (1240) may further include a MAP Status Present field (1620) as a subfield related to the MAP Status field (1610). The MAP Status Present field (1620) contains a 1-bit value and can indicate whether the MAP Status field (1610) exists after the Control field (1240) within the M-AP operation element format.
[0171] The MAP status field (1610) may include subfields representing information regarding the M-AP status formed by the AP transmitting the beacon frame. For example, the MAP status field (1610) may include a Num of M-AP agreements field (1630) and M-AP agreement info fields (1640, 1650, 1660, ...). The Num of M-AP agreements field (1630) may include 1 octet and may indicate the number of M-AP agreements formed by the AP. The M-AP agreement info fields (1640, 1650, 1660, ...) may include 8 octets or more and may include an information set consisting of {M-AP scheme, AP MAC address, Type}. At this time, the M-AP scheme includes 1 octet and can be represented in a bitmap format (e.g., bit 0: C-TDMA, bit 1: C-SR, bit 2: C-BF, ...). The AP MAC address includes 6 octets and can represent the MAC address of the counterpart AP that formed the M-AP scheme. The Type includes 1 octet and can include other information regarding the M-AP consensus (e.g., Protected: whether the Protected M-AP scheme is used).
[0172] Meanwhile, the structure of the format, field names, values indicated by the fields, the number of fields to which meaningful values are assigned, the order of the fields, the number of octets or bits, and whether fields are included in the format, etc., as illustrated in FIG. 16 are merely examples and may be changed differently from the illustrated and described embodiments.
[0173] FIG. 17 illustrates an example of a method for indicating a security need in a wireless LAN system according to one embodiment of the present disclosure.
[0174] Referring to FIG. 17, embodiments for an AP transmitting a beacon frame to indicate to surrounding APs the need for security to use an M-AP scheme, as described above in FIG. 12 to 16, are described below, and FIG. 17 illustrates one embodiment. Accordingly, descriptions that overlap with FIG. 12 to 16 may be omitted below.
[0175] In one embodiment, the AP may collectively indicate the need for security regardless of the type of M-AP scheme. For example, the need for security may be collectively indicated according to the 1-bit value of the Protected M-AP supported field (1320), which is a subfield included in the Control field (1240) of the M-AP operation element format. For example, if the Protected M-AP supported field (1320) has a value of 1, it may indicate that security is required regardless of the M-AP scheme, and the APs may need to perform the M-AP security setting procedure after the M-AP authentication procedure is completed.
[0176] In another embodiment, the AP can individually indicate the need for security according to the M-AP scheme. Referring again to FIG. 17, the AP can indicate the M-AP scheme requiring security by utilizing a bitmask method. For example, the AP can indicate the M-AP scheme requiring security by utilizing a bitmask method. For each of the M-AP schemes (e.g., bit 0: C-TDMA, bit 1: C-SR, bit 2: C-BF), the AP can indicate whether the corresponding M-AP scheme is supported (Supported M-AP Scheme) using 1 bit. Additionally, for each of the M-AP schemes supported by the AP (e.g., C-TDMA and C-BF), the AP can indicate the need for security (Protected M-AP Required bitmask). Thus, the AP can indicate the support status and the need for security using 2 bits for each M-AP scheme. As another example, AP may define a separate field to indicate the need for security for each M-AP scheme (Protected M-AP scheme 1 supported, Protected M-AP scheme 2 supported, ...).
[0177] In another embodiment, the AP may apply different security requirements to each sub-feature of the M-AP scheme. For example, even for a single feature, security requirements may need to be applied differently for individual signaling or behavior (e.g., sub-features). For instance, at the request of a service provider, security may be configured separately as mandatory, contrary to the specifications (e.g., when security is optional). Therefore, the AP may set different security requirements for individual signaling or behavior, and to do so, additional fields or signaling may be required, unlike what was described above.
[0178] In another embodiment, the AP may apply different security requirements depending on the result of the M-AP authentication procedure (e.g., step 920 or step 1020). For example, when performing the M-AP authentication procedure of FIG. 18 described below, the APs that have exchanged authentication information with each other may determine whether additional security is required for each supported M-AP scheme based on the authentication result of the other AP. Accordingly, the APs may exchange authentication information with each other and, based on the authentication information, require an authentication process for the other AP through an authentication server, etc. Meanwhile, if it is determined that security is required based on the result of M-AP authentication, there may be a first method (hard type) that enforces the security requirement and a second method (recommend type) that suggests the security requirement. The first method may refer to a method that enforces the execution of the M-AP security setting procedure (e.g., step 940 or step 1040). As the second method proposes performing the M-AP security setup procedure, an additional negotiation process may be required to determine whether to perform the M-AP security setup procedure during the M-AP authentication procedure (e.g., Step 920 or Step 1020) or the M-AP negotiation procedure (e.g., Step 930 or Step 1030). The M-AP authentication procedure is described in detail below in FIG. 18.
[0179] FIG. 18 illustrates the flow of signals in a Multi-AP authentication procedure in a wireless LAN system according to one embodiment of the present disclosure.
[0180] Referring to FIG. 18, the illustrated embodiment illustrates a method for performing authentication request, response, and verification procedures between two APs, but is not necessarily limited to procedures between two APs. As another example, three or more APs may participate in the M-AP authentication procedure. For example, the M-AP authentication procedure may be performed in an active scanning manner in which, when an M-AP authentication requesting AP broadcasts an M-AP authentication request to multiple APs, the surrounding APs transmit a response to the M-AP authentication request to the M-AP authentication requesting AP.
[0181] In step 1801, the M-AP authentication requesting AP may transmit an M-AP authentication request frame to the M-AP authentication responding AP. At this time, the M-AP authentication request frame may contain M-AP authentication requesting element format or information. For example, the M-AP authentication requesting element format or information may contain authentication information of the M-AP authentication requesting AP, and examples of authentication information may include information regarding the Requesting AP certificate chain (e.g., AP certificate for CA (certificate authority) based authentication, AP CA certificate, AP CA public key value, or identifier). Additionally, the M-AP authentication request frame may include a list of M-AP schemes (e.g., a list of M-AP schemes that the M-AP authentication request AP can support, or a list of M-AP schemes that require security).
[0182] In step 1802, the M-AP authentication response AP may send an authentication request to an external server (e.g., an authentication server) based on the information received from the M-AP authentication request AP in step 1801. At this time, the authentication request may include at least one of a vendor ID, certificates, or a CA public key (PK) ID. Step 1802 may be an IEEE 802.1X-based authentication procedure, and the external server may be a RADIUS (Remote Authentication Dial In User Service) server.
[0183] In step 1803, the M-AP authentication response AP may receive the result of the authentication request in step 1802 from an external server (e.g., an authentication server). For example, authentication of the M-AP authentication request AP may be performed based on the information transmitted in step 1802, and the result of the authentication may be transmitted to the M-AP authentication response AP.
[0184] In step 1804, the M-AP authentication response AP can generate a list of M-AP schemes that the M-AP authentication request AP and itself (M-AP authentication response AP) can operate based on the authentication result through the authentication server according to steps 1802 and 1803 or the configuration value set in the M-AP authentication response AP.
[0185] In step 1805, the M-AP authentication response AP may transmit an M-AP authentication response frame to the M-AP authentication requesting AP. The M-AP authentication response frame may include an M-AP authentication response element format or information. For example, the M-AP authentication response element format or information may include authentication information of the M-AP authentication response AP, and examples of authentication information may include information regarding the authentication chain (Requesting AP certificate chain) (e.g., an AP certificate for CA-based authentication, an AP CA certificate, an AP CA public key value, or an identifier). Additionally, the M-AP authentication response frame may include a list of M-AP schemes (e.g., a list of M-AP schemes received from the M-AP authentication request AP (e.g., step 1801)) and a list of M-AP schemes that can operate with the M-AP authentication request AP based on the authentication information of the M-AP authentication request AP (e.g., the M-AP scheme list of step 1804).
[0186] In step 1806, the M-AP authentication request AP may send an authentication request to an external server (e.g., an authentication server) based on the information received from the M-AP authentication response AP in step 1805. The authentication request may include at least one of a vendor ID, certificates, or CA PK ID. Step 1806 may be an IEEE 802.1X-based authentication procedure, and the external server may be a RADIUS server.
[0187] In step 1807, the M-AP authentication request AP may receive the result of the authentication request in step 1806 from an external server (e.g., an authentication server). For example, authentication of the M-AP authentication response AP may be performed based on the information transmitted in step 1806, and the result of the authentication may be transmitted to the M-AP authentication request AP.
[0188] In step 1808, the M-AP authentication request AP can generate a final list of M-AP schemes that can be operated between the M-AP authentication request AP and the M-AP authentication response AP based on the authentication result through the authentication server in steps 1806 and 1807 or the configuration value set in the M-AP authentication request AP, based on the list of M-AP schemes that can be operated between the M-AP authentication response AP and itself (M-AP authentication request AP) (e.g., step 1801) and the list of M-AP schemes received from the M-AP authentication response AP (e.g., step 1805), according to the authentication result through the authentication server in steps 1806 and 1807. For example, the final list of M-AP schemes may refer to the list of M-AP schemes that can finally be operated between the M-AP authentication response AP and the M-AP authentication response AP based on the authentication information of the M-AP authentication response AP and the configuration value set in the M-AP authentication request AP among the list of M-AP schemes transmitted by the M-AP authentication response AP in step 1805.
[0189] In step 1809, the M-AP authentication request AP may transmit an M-AP authentication confirmation frame to the M-AP authentication response AP. At this time, the M-AP authentication confirmation frame may include the final list of M-AP schemes generated in step 1808. However, step 1809 may be performed optionally. Therefore, if step 1809 is omitted, the (final) list of M-AP schemes that can ultimately operate between the M-AP authentication request AP and the M-AP authentication response AP may be the list of M-AP schemes generated in step 1804 and transmitted in step 1805.
[0190] In step 1810, the M-AP authentication request AP and the M-AP authentication response AP may perform an M-AP combination and / or consensus procedure for one M-AP scheme included in the final list of M-AP schemes, in accordance with the instruction(s) regarding security needs. For example, they may perform an M-AP combination and / or consensus procedure for one M-AP scheme among the final M-AP schemes determined through steps 1801 to 1809 described above, corresponding to the instruction(s) regarding security needs.
[0191] The M-AP authentication procedure is not limited to the operations described above. Accordingly, at least some of the operations described above may be omitted, or at least one new operation may be added and combined with said operations. Additionally, multiple operations among the operations described above may be merged into a single operation, or a single operation may be separated into multiple operations to be performed.
[0192] FIG. 19 illustrates another example of a control field configuration in a wireless LAN system according to one embodiment of the present disclosure.
[0193] Referring to FIG. 19, an embodiment of a Control field (1240 or 1910) for instructing to perform the M-AP authentication procedure according to FIG. 18 described above is illustrated. More specifically, it may be a configuration of a Control field for instructing a security requirement based on the M-AP authentication procedure in the embodiment described above in relation to FIG. 17.
[0194] For example, the Control field (1240 or 1910) may further include a MAP authentication required field (1920). The MAP authentication required field (1920) may be a subfield for determining whether to use a security link and to finalize a list of M-AP schemes that can be supported between two APs through the M-AP authentication procedure of FIG. 18 described above. For example, if the value of the MAP authentication required field (1920) is 1, the AP may be instructed to perform a mutual authentication procedure through the signalings of the M-AP authentication procedure (e.g., including at least one of 1801, 1805, or 1809), and to determine the need for security based on the information obtained therefrom (the final list of M-AP schemes that can be supported between two APs and whether to use a security link). For example, if the value of the MAP authentication required field (1920) is 0, the AP does not perform a mutual authentication procedure through M-AP authentication procedure signalings (e.g., including at least one of 1801, 1805, or 1809), and can determine the final list of M-AP schemes that can be supported between the two APs and whether a security link is necessary based on the information contained in the MAP Support field (1250) or the Protected MAP Support field (1260) which is transmitted within a broadcast frame, such as a beacon frame, according to step 1010 (Multi-AP Passive Discovery) of FIG. 10.
[0195] Accordingly, among the embodiments described above in relation to FIG. 17, when security requirements are indicated collectively, by M-AP scheme, or by M-AP sub-feature, the Control field (1240 or 1910) may not include the MAP authentication required field (1920).
[0196] Meanwhile, the structure of the format, field names, values indicated by the fields, the number of fields to which meaningful values are assigned, the order of the fields, the number of octets or bits, and whether fields are included in the format, etc., as illustrated in FIG. 19 are merely examples and may be changed differently from the illustrated and described embodiments.
[0197] FIG. 20 illustrates an example of a frame used in the procedure for M-AP coupling, authentication, negotiation, and agreement between APs in a wireless LAN system according to one embodiment of the present disclosure.
[0198] Referring again to FIG. 9, the frames transmitted and received between APs performing M-AP operations in the embodiments described above are described as management frames defined in IEEE 802.11 or newly defined management frames, but are not limited thereto.
[0199] For example, each of the frames used in steps 920 to 950 of FIG. 9, steps 1020 to 1050 of FIG. 10, or steps 1801, 1805, and 1809 of FIG. 18 may be referred to as an M-AP operation frame. An element containing an element format transmitted in steps 920 to 950 of FIG. 9, steps 1020 to 1050 of FIG. 10, or steps 1801, 1805, and 1809 of FIG. 18 may be referred to as an M-AP operation element.
[0200] FIG. 20 is a drawing illustrating an example in which an M-AP action element is included within a newly defined UHR action frame or a protected UHR action frame, or in which an M-AP action frame is configured in the form of a UHR action frame or a protected UHR action frame.
[0201] A UHR action frame can be configured as shown in FIG. 20 (a). A secure UHR action frame can be configured as shown in FIG. 20 (b). The Dialog tokens in FIG. 20 (a) and (b) are merely examples and are not limited by the table shown in FIG. 20.
[0202] At this time, the category field can indicate whether it is a UHR or a protected UHR through the value according to (c) of FIG. 20.
[0203] The UHR action field of (a) or the protected UHR action field of (b) may have a value according to (d) of FIG. 20, and the specific configuration and included information of the UHR Action field value-dependent field format of (a) or the specific configuration and included information of the Protected UHR Action field value-dependent field format of (b) may be determined according to the corresponding value in (d).
[0204] However, the values shown in (d) are merely examples. Also, the configuration of FIG. 20 is merely an example, and it is possible to omit at least one of the fields described in FIG. 20 or to add additional fields. Alternatively, obvious variations are possible in which the information described above is indicated using other fields.
[0205] FIG. 21 illustrates the operation sequence of a Multi-AP requesting AP in a wireless LAN system according to one embodiment of the present disclosure.
[0206] Referring to FIG. 21, the operation of an AP for advertising the M-AP capability proposed in the present disclosure and performing an M-AP authentication procedure is illustrated, and some or all of the various embodiments related to the advertising and authentication procedure of the M-AP capability described above may be applied identically or similarly to FIG. 21. Additionally, in the following, the first AP may refer to an M-AP authentication request AP, and the second AP may refer to an M-AP authentication response AP.
[0207] In step 2110, the first AP may transmit a first beacon frame to the second AP to advertise the first AP's M-AP capability. At this time, the first beacon frame may include information regarding the first AP's M-AP capability, and the information regarding the first AP's M-AP capability may include at least one of the following: capability regarding encryption used for M-AP authentication, information regarding whether an M-AP scheme is supported and the type and characteristics of the supported M-AP scheme, whether security is supported for the M-AP scheme, or a list of M-AP schemes requiring security. At this time, the method for indicating the need for security may be indicated according to the embodiments described above. Of course, the composition of the information regarding the first AP's M-AP capability is not limited to the above examples, and may include various information related to the M-AP that surrounding APs require for the first AP to perform M-AP operations.
[0208] In step 2120, the first AP may receive a second beacon frame from the second AP to advertise the M-AP capability of the second AP. At this time, the second beacon frame may include information regarding the M-AP capability of the second AP, and the information regarding the M-AP capability of the second AP may include at least one of the following: capability regarding encryption used for M-AP authentication; information regarding whether an M-AP scheme is supported and the type and characteristics of the supported M-AP scheme; information regarding whether security is supported for the M-AP scheme; or a list of M-AP schemes requiring security. Of course, the composition of the information regarding the M-AP capability of the second AP is not limited to the above examples, and may include various information related to M-AP necessary to perform M-AP operations on surrounding APs including the first AP. At this time, the method for indicating the need for security may be indicated according to the embodiments described above.
[0209] In step 2130, the first AP may transmit a first management frame to the second AP for an M-AP authentication request. For example, the M-AP authentication procedure may refer to a procedure for verifying in advance whether access between APs is possible or whether the use and negotiation of an M-AP scheme is possible. Thus, it may be a signaling to ensure trust between APs that will form an M-AP combination. In this case, the first management frame may include information regarding the authentication of the first AP and at least some of a list of M-AP schemes (e.g., a list of M-AP schemes that the first AP can support, or at least one of a list of M-AP schemes that require security).
[0210] In step 2140, the first AP may receive a second management frame containing a response to an M-AP authentication request from the second AP. At this time, the second management frame may include information regarding the authentication of the second AP and a list of M-AP schemes (e.g., a list of M-AP schemes that can operate with the first AP based on the information regarding the authentication of the first AP and the setting value set on the second AP among the list of M-AP schemes received from the first AP (e.g., step 2130)).
[0211] Meanwhile, the beacon frame used for signaling in steps 2110 and 2120 is one of the management frames defined in IEEE 802.11 as described above, where the management frame may refer to a management frame defined in IEEE 802.11 or a newly defined management frame. Additionally, the management frame in steps 2130 and 2140 may also be a management frame defined in IEEE 802.11 or a newly defined management frame.
[0212] Meanwhile, although an example of the operation of the first AP and the second AP has been described above based on the flowchart illustrated in FIG. 21, it is obvious that the operation of the first AP and the second AP may vary according to other examples described above.
[0213] Meanwhile, the present specification and drawings disclose preferred embodiments of the present disclosure. Although specific terms have been used, they are used merely in a general sense to facilitate the explanation of the technical content of the present disclosure and to aid in understanding the disclosure, and are not intended to limit the scope of the present disclosure.
[0214] Furthermore, it is obvious to those skilled in the art that, in addition to the embodiments described in this disclosure, other variations based on the technical concept of this disclosure are possible. For example, some or all of the contents of one embodiment described above may be combined with some or all of one or more other embodiments, and such combination is also included in the embodiments proposed in this disclosure.
Claims
1. A method performed by a first access point (AP) of a wireless local area network (WLAN) system, A step of transmitting a first beacon frame to the second AP to advertise the M-AP (multi-AP) capability of the first AP; A step of receiving a second beacon frame from the second AP to advertise the M-AP capability of the second AP; The step of transmitting a first management frame for an M-AP authentication request to the second AP; and The method includes the step of receiving a second management frame from the second AP that includes a response to the M-AP authentication request, and The above response is based on information regarding the M-AP capability of the first AP included in the first beacon frame, and information regarding the authentication chain of the first AP included in the first management frame and a list of M-AP schemes, and A method in which information regarding the M-AP capability includes at least one of information regarding the protection of the M-AP scheme or information regarding the M-AP status.
2. In paragraph 1, the above method is, A step of identifying at least one M-AP scheme based on the second beacon frame and the second management frame; and A method further comprising the step of transmitting a third management frame containing information regarding at least one M-AP scheme to the second AP.
3. In Paragraph 1, Information regarding the security of the above M-AP scheme includes at least one of a list of at least one M-AP scheme supported by each AP, or a list of at least one M-AP scheme requiring security. The information regarding the above M-AP status includes the number of M-AP agreements between the first AP and the second AP, and information regarding the M-AP agreement, and A method in which the information regarding the above M-AP agreement includes at least one of the agreed M-AP scheme, the MAC (medium access control) address of the agreed counterpart AP, or information regarding whether a security-required M-AP scheme is used.
4. In Paragraph 3, At least one M-AP scheme requiring security is identified based on the first beacon frame, and A method in which the first beacon frame comprises first information indicating the need for security, second information indicating the need for security per M-AP scheme, or third information indicating the need for security based on an M-AP authentication procedure.
5. A method performed by a second access point (AP) of a wireless local area network (WLAN) system, A step of transmitting a first beacon frame from a first AP to advertise the M-AP (multi-AP) capability of the first AP; A step of transmitting a second beacon frame to the first AP to advertise the M-AP capability of the second AP; The step of receiving a first management frame for an M-AP authentication request from the first AP; and The method includes the step of transmitting a second management frame containing a response to the M-AP authentication request to the first AP. The above response is based on information regarding the M-AP capability of the first AP included in the first beacon frame, and information regarding the authentication chain of the first AP included in the first management frame and a list of M-AP schemes, and A method in which information regarding the M-AP capability includes at least one of information regarding the protection of the M-AP scheme or information regarding the M-AP status.
6. In paragraph 5, the above method is, The method further includes the step of receiving a third management frame containing information regarding at least one M-AP scheme from the first AP, and A method in which at least one M-AP scheme is identified based on the second beacon frame and the second management frame.
7. In Paragraph 5, Information regarding the security of the above M-AP scheme includes at least one of a list of at least one M-AP scheme supported by each AP, or a list of at least one M-AP scheme requiring security. The information regarding the above M-AP status includes the number of M-AP agreements between the first AP and the second AP, and information regarding the M-AP agreement, and A method in which the information regarding the above M-AP agreement includes at least one of the agreed M-AP scheme, the MAC (medium access control) address of the agreed counterpart AP, or information regarding whether a security-required M-AP scheme is used.
8. In Paragraph 7, At least one M-AP scheme requiring security is identified based on the first beacon frame, and A method in which the first beacon frame comprises first information indicating the need for security, second information indicating the need for security per M-AP scheme, or third information indicating the need for security based on an M-AP authentication procedure.
9. In a first access point (AP) of a wireless local area network (WLAN) system, transceiver; and It includes at least one processor connected to the above-mentioned transmitting and receiving unit, and The above at least one processor is: Transmit a first beacon frame to advertise the M-AP (multi-AP) capability of the first AP to the second AP, and Receive a second beacon frame from the second AP to advertise the M-AP capability of the second AP, and Transmit a first management frame for an M-AP authentication request to the above second AP, and, It is configured to receive a second management frame containing a response to the M-AP authentication request from the second AP, and The above response is based on information regarding the M-AP capability of the first AP included in the first beacon frame, and information regarding the authentication chain of the first AP included in the first management frame and a list of M-AP schemes, and The first AP, wherein the information regarding the above M-AP capability includes at least one of information regarding the protection of the above M-AP scheme or information regarding the M-AP status.
10. In paragraph 9, the above at least one processor is: Identify at least one M-AP scheme based on the second beacon frame and the second management frame, and A first AP further configured to transmit a third management frame containing information regarding at least one M-AP scheme to the second AP.
11. In Paragraph 9, Information regarding the security of the above M-AP scheme includes at least one of a list of at least one M-AP scheme supported by each AP, or a list of at least one M-AP scheme requiring security. The information regarding the above M-AP status includes the number of M-AP agreements between the first AP and the second AP, and information regarding the M-AP agreement, and The first AP, wherein the information regarding the above M-AP agreement includes at least one of the agreed M-AP scheme, the MAC (medium access control) address of the agreed counterpart AP, or information regarding whether a security-required M-AP scheme is used.
12. In Paragraph 11, At least one M-AP scheme requiring security is identified based on the first beacon frame, and The first AP, wherein the first beacon frame comprises first information indicating the need for security, second information indicating the need for security per M-AP scheme, or third information indicating the need for security based on an M-AP authentication procedure.
13. In a second access point (AP) of a wireless local area network (WLAN) system, transceiver; and It includes at least one processor connected to the above-mentioned transmitting and receiving unit, and The above at least one processor is: From the first AP, a first beacon frame is transmitted to advertise the M-AP (multi-AP) capability of the first AP, and Transmit a second beacon frame to advertise the M-AP capability of the second AP to the first AP, and From the above-mentioned first AP, a first management frame for an M-AP authentication request is received, and The above first AP is configured to transmit a second management frame containing a response to the above M-AP authentication request, and The above response is based on information regarding the M-AP capability of the first AP included in the first beacon frame, and information regarding the authentication chain of the first AP included in the first management frame and a list of M-AP schemes, and The second AP, wherein the information regarding the above M-AP capability includes at least one of information related to the protection of the above M-AP scheme or information regarding the M-AP status.
14. In paragraph 13, the above at least one processor is: The method further includes the step of receiving a third management frame containing information regarding at least one M-AP scheme from the first AP, and The above at least one M-AP scheme is a second AP identified based on the second beacon frame and the second management frame.
15. In Paragraph 13, Information regarding the security of the above M-AP scheme includes at least one of a list of at least one M-AP scheme supported by each AP, or a list of at least one M-AP scheme requiring security. The information regarding the above M-AP status includes the number of M-AP agreements between the first AP and the second AP, and information regarding the M-AP agreement, and The second AP, wherein the information regarding the above M-AP agreement includes at least one of the agreed M-AP scheme, the MAC (medium access control) address of the agreed counterpart AP, or information regarding whether a security-required M-AP scheme is used.