For the purposes of this standard, the following terms and definitions apply. The Authoritative Dictionary of IEEE Standards Terms [B11] should be referenced for terms not defined in this clause.
3.1 access category (AC): A label for the common set of enhanced distributed channel access (EDCA) parameters that are used by a quality of service (QoS) station (STA) to contend for the channel in order to transmit medium access control (MAC) service data units (MSDUs) with certain priorities.
3.2 access control: The prevention of unauthorized usage of resources.
3.3 access point (AP): Any entity that has station (STA) functionality and provides access to the distribution services, via the wireless medium (WM) for associated STAs.
3.4 additional authentication data (AAD): Data that are not encrypted, butare cryptographicallyprotected.
3.5 ad hoc network: Often used as a venacular term for an independent basic service set (IBSS).
3.6 admission control: An algorithm to ensure that admittance of a new flow into a resource constrained network does not violate parameterized service commitments made by the network to admitted flows.
3.7 aggregated schedule: The aggregation of delivery and/or poll schedules by the quality of service (QoS) access point (AP) for a particular non-access point (non-AP) QoS station (STA) into a single service period (SP).
3.8 association: The service used to establish access point/station (AP/STA) mapping and enable STA invocation of the distribution system services (DSSs).
3.9 authentication: The service used to establish the identity of one station (STA) as a member of the set of STAs authorized to associate with another STA.
3.10 authentication and key management (AKM) suite: A set of one or more algorithms designed toprovide authentication and key management, either individually or in combination with higher layerauthentication and key management algorithms outside the scope of this standard.
3.11 Authentication Server (AS): An entity that provides an authentication service to an Authenticator. This service determines, from the credentials provided by the Supplicant, whether the Supplicant is authorized to access the services provided by the Authenticator. (IEEE Std 802.1X-200410)
3.12 Authenticator: An entity at one end of a point-to-point LAN segment that facilitates authentication of the entity attached to the other end of that link. (IEEE Std 802.1X-2004)
3.13 Authenticator address (AA): The medium access control (MAC) address of the IEEE 802.1XAuthenticator.
3.14 authorized: To be explicitly allowed.
3.15 basic service area (BSA): The area containing the members of a basic service set (BSS). It maycontain members of other BSSs. 10Information on references can be found in Clause 2.
10Information on references can be found in Clause 2.
IEEE Std 802.11-2007 LOCAL AND METROPOLITAN AREA NETWORKS—SPECIFIC REQUIREMENTS 6 Copyright © 2007 IEEE. All rights reserved.
3.16 basic service set (BSS): A set of stations (STAs) that have successfully synchronized using the JOIN service primitives11 and one STA that has used the START primitive. Membership in a BSS does not imply that wireless communication with all other members of the BSS is possible.
3.17 big endian: The concept that, for a given multi-octet numeric representation, the most significant octet has the lowest address.
3.18 broadcast address: A unique multicast address that specifies all stations (STAs).
3.19 channel: An instance of communications medium use for the purpose of passing protocol data units (PDUs) between two or more stations (STAs).
3.20 channel spacing: The difference between the center frequencies of two nonoverlapping and adjacent channels of the radio transmitter.
3.21 cipher suite: A set of one or more algorithms, designed to provide data confidentiality, data
authenticity or integrity, and/or replay protection.
3.22 clear channel assessment (CCA) function: That logical function in the physical layer (PHY) thatdetermines the current state of use of the wireless medium (WM).
3.23 contention-free period (CFP): The time period during operation of a point coordination function (PCF) when the right to transmit is assigned to stations (STAs) solely by a point coordinator (PC), allowing frame exchanges to occur between members of the basic service set (BSS) without contention for the wireless medium (WM).
3.24 contention period (CP): The time period outside of the contention-free period (CFP) in a pointcoordinated basic service set (BSS). In a BSS where there is no point coordinator (PC), this corresponds to the entire time of operation of the BSS.
3.25 controlled access phase (CAP): A time period when the hybrid coordinator (HC) maintains control of the medium, after gaining medium access by sensing the channel to be idle for a point coordination function (PCF) interframe space (PIFS) duration. It may span multiple consecutive transmission opportunities (TXOPs) and can contain polled TXOPs.
3.26 coordination function: The logical function that determines when a station (STA) operating within a basic service set (BSS) is permitted to transmit protocol data units (PDUs) via the wireless medium (WM). The coordination function within a BSS may have one hybrid coordination function (HCF), or it may have one HCF and one point coordination function (PCF) and will have one distributed coordination function (DCF). A quality of service (QoS) BSS will have one DCF and one HCF.
3.27 contention-free (CF) pollable: A station (STA) that is able to respond to a CF poll with a data frame if such a frame is queued and able to be generated.
3.28 Counter mode with Cipher-block chaining Message authentication code (CCM): A symmetrickey block cipher mode providing confidentiality using counter mode (CTR) and data originauthenticityusing cipher-block chaining message authentication code (CBC-MAC).
NOTE—See IETF RFC3610.12
11Description of these primitives can be found in 10.3.3.
12Notes in text, tables, and figures are given for information only and do not contain requirements needed to implement this standard.
3.29 cryptographic encapsulation: The process of generating the cryptographic payload from the plaintext data. This comprises the cipher text as well as any associated cryptographic state required by the receiver of the data, e.g., initialization vectors (IVs), sequence numbers, message integrity codes (MICs), key identifiers.
3.30 data confidentiality: A property of information that prevents disclosure to unauthorized individuals, entities, or processes.
3.31 deauthentication service: The service that voids an existing authentication relationship.
3.32 decapsulate: To recover an unprotected frame from a protected one.
3.33 decapsulation: The process of generating plaintext data by decapsulating an encapsulated frame.
3.34 delivery-enabled access category (AC): A quality of service (QoS) access point (AP) AC where the AP is allowed to use enhanced distributed channel access (EDCA) to deliver traffic from the AC to a nonaccess point (non-AP) QoS station (STA) in an unscheduled service period (SP) triggered by the STA.
3.35 directed frame: See: unicast frame.
3.36 direct link: A bidirectional link from one non-access point (non-AP) quality of service (QoS) station (STA) to another non-AP QoS STA operating in the same infrastructure QoS basic service set (BSS) that does not pass through a QoS access point (AP). Once a direct link has been set up, all frames between the two non-AP QoS STAs are exchanged directly.
3.37 disassociation service: The service that removes an existing association.
3.38 distributed coordination function (DCF): A class of coordination function where the same coordination function logic is active in every station (STA) in the basic service set (BSS) whenever the network is in operation.
3.39 distribution service: The service that, by using association information, delivers medium access control (MAC) service data units (MSDUs) within the distribution system (DS).
3.40 distribution system (DS): A system used to interconnect a set of basic service sets (BSSs) and integrated local area networks (LANs) to create an extended service set (ESS).
3.41 distribution system medium (DSM): The medium or set of media used by a distribution system (DS) for communications between access points (APs) and portals of an extended service set (ESS).
3.42 distribution system service (DSS): The set of services provided by the distribution system (DS) that enable the medium access control (MAC) to transport MAC service data units (MSDUs) between stations (STAs) that are not in direct communication with each other over a single instance of the wireless medium (WM). These services include transport of MSDUs between the access points (APs) of basic service sets (BSSs) within an extended service set (ESS), transport of MSDUs between portals and BSSs within an ESS, and transport of MSDUs between STAs in the same BSS in cases where the MSDU has a multicast or broadcast destination address or where the destination is an individual address and the STA is associated with an AP. DSSs are provided between pairs of IEEE 802.11 MACs.
3.43 downlink: A unidirectional link from an access point (AP) to one or more non-AP stations (STAs).
3.44 dynamic frequency selection (DFS): Facilities mandated to satisfy requirements in some regulatory domains for radar detection and uniform channel spreading in the 5 GHz band. These facilities may also be used for other purposes, such as automatic frequency planning.
3.45 dynamic frequency selection (DFS) owner: A station (STA) in an independent basic service set(IBSS) that takes responsibility for selecting the next channel after radar is detected operating in a channel. Due to the nature of IBSSs, it cannot be guaranteed that there will be a single DFS owner at any particular time and the protocol is robust to this situation.
3.46 EAPOL-Key confirmation key (KCK): A key used to integrity-check an EAPOL-Key frame.
3.47 EAPOL-Key encryption key (KEK): A key used to encrypt the Key Data field in an EAPOL-Keyframe.
3.48 effective isotropic radiated power (EIRP): The equivalent power of a transmitted signal in terms of an isotropic (omnidirectional) radiator. The EIRP equals the product of the transmitter power and the antenna gain (reduced by any coupling losses between the transmitter and antenna).
3.49 encapsulate: To construct a protected frame from an unprotected frame.
3.50 encapsulation: The process of generating an protected frame by encapsulating plaintext data.
3.51 enhanced distributed channel access (EDCA): The prioritized carrier sense multiple access with collision avoidance (CSMA/CA) access mechanism used by quality of service (QoS) stations (STAs) in a QoS basic service set (BSS). This access mechanism is also used by the QoS access point (AP) and operates concurrently with hybrid coordination function (HCF) controlled channel access (HCCA).
3.52 enhanced distributed channel access function (EDCAF): A logical function in a quality of service(QoS) station (STA) that determines, using enhanced distributed channel access (EDCA), when aframe in the transmit queue with the associated access category (AC) is permitted to be transmitted via the wireless medium (WM). There is one EDCAF per AC.
3.53 extended service area (ESA): The area within which members of an extended service set (ESS) may communicate. An ESA is larger than or equal to a basic service area (BSA) and may involve several basic service sets (BSSs) in overlapping, disjointed, or both configurations.
3.54 extended service set (ESS): A set of one or more interconnected basic service sets (BSSs) that appears as a single BSS to the logical link control (LLC) layer at any station (STA) associated with one of those BSSs.
3.55 4-Way Handshake: A pairwise key management protocol defined by this standard. This handshake confirms mutual possession of a pairwise master key (PMK) by two parties and distributes a group temporal key (GTK).
3.56 4-Way station-to-station link (STSL) transient key (STK) Handshake: A key management protocol between two parties that confirms mutual possession of an STSL master key (SMK) and distributes an STK.
3.57 fragmentation: The process of segmenting a medium access control (MAC) service data unit (MSDU) or MAC management protocol data unit (MMPDU) into a sequence of smaller MAC protocol data units (MPDUs) prior to transmission. The process of recombining a set of fragment MPDUs into an MSDU or MMPDU is known as defragmentation. These processes are described in 5.8.1.9 of ISO/IEC 7498-1:1994.
3.58 Gaussian frequency shift keying (GFSK): A modulation scheme in which the data are first filtered by a Gaussian filter in the baseband and then modulated with a simple frequency modulation.
3.59 group: The entities in a wireless network, e.g., an access point (AP) and its associated stations (STAs), or all the STAs in an independent basic service set (IBSS) network.
3.60 Group Key Handshake: A group key management protocol defined by this standard. It is used only to issue a new group temporal key (GTK) to peers with whom the local station (STA) has already formed security associations.
3.61 group master key (GMK): An auxiliary key that may be used to derive a group temporal key (GTK).
3.62 group temporal key (GTK): A random value, assigned by the broadcast/multicast source, which is used to protect broadcast/multicast medium access control (MAC) protocol data units (MPDUs) from that source. The GTK may be derived from a group master key (GMK).
3.63 group temporal key security association (GTKSA): The context resulting from a successfulgroup temporal key (GTK) distribution exchange via either a Group Key Handshake or a 4-Way Handshake.
3.64 hidden station (STA): A STA whose transmissions cannot be detected using carrier sense (CS) by a second STA, but whose transmissions interfere with transmissions from the second STA to a third STA
3.65 hybrid coordination function (HCF): A coordination function that combines and enhances aspects of the contention-based and contention-free access methods to provide quality of service (QoS) stations (STAs) with prioritized and parameterized QoS access to the wireless medium (WM), while continuing to support non-QoS STAs for best-effort transfer. The HCF includes the functionality provided by both enhanced distributed channel access (EDCA) and HCF controlled channel access (HCCA). The HCF is compatible with the distributed coordination function (DCF) and the point coordination function (PCF). It supports a uniform set of frame formats and exchange sequences that STAs may use during both the contention period (CP) and the contention-free period (CFP).
3.66 hybrid coordinator (HC): A type of coordinator, defined as part of the quality of service (QoS) facility, that implements the frame exchange sequences and medium access control (MAC)servicedata unit (MSDU) handling rules defined by the hybrid coordination function (HCF). The Hoperates during both the contention period (CP) and contention-free period (CFP). The HCperformsbandwidth management including the allocation of transmission opportunities (TXOPs) toQoS stations (STAs). The HC is collocated with a QoS access point (AP).
3.67 hybrid coordination function (HCF) controlled channel access (HCCA): The channel accessmechanism utilized by the hybrid coordinator (HC) to coordinate contention-free media usebyquality of service (QoS) stations (STAs) for downlink unicast, uplink, and direct-link transmissions.
3.68 IEEE 802.1X authentication: Extensible Authentication Protocol (EAP) authentication transported by the IEEE 802.1X protocol.
3.69 independent basic service set (IBSS): A basis service set (BSS) that forms a self-contained network, and in which no access to a distribution system (DS) is available.
3.70 individual address: See: unicast address.
3.71 infrastructure: The infrastructure includes the distribution system medium (DSM), access point (AP), and portal entities. It is also the logical location of distribution and integration service functions of an extended service set (ESS). An infrastructure contains one or more APs and zero or more portals in addition to the distribution system (DS).
3.72 integration service: The service that enables delivery of medium access control (MAC) service data units (MSDUs) between the distribution system (DS) and a non-IEEE-802.11 local area network (LAN) (via a portal).
3.73 key counter: A 256-bit (32-octet) counter that is used in the pseudo-random function (PRF) to generate initialization vectors (IVs). There is a single key counter per station (STA) that is global to that STA.
3.74 key data encapsulation (KDE): Format for data other than information elements in the EAPOL-Key Data field.
3.75 key management service: A service to distribute and manage cryptographic keys within a robustsecurity network (RSN).
3.76 link: In the context of an IEEE 802.11 medium access control (MAC) entity, a physical path consisting of exactly one traversal of the wireless medium (WM) that is used to transfer an MAC service data unit (MSDU) between two stations (STAs).
3.77 link margin: Ratio of the received signal power to the minimum desired by the station (STA). TheSTA may incorporate rate information and channel conditions, including interference, into its computation of link margin. The specific algorithm for computing the link margin is implementation dependent.
3.78 little endian: The concept that, for a given multi-octet numeric representation, the least significantoctet has the lowest address.
3.79 liveness: A demonstration that the peer is actually participating in this instance of communication.
3.80 master session key (MSK): Keying material that is derived between the Extensible Authentication Protocol (EAP) peer and exported by the EAP method to the Authentication Server (AS). This key is at least 64 octets in length.
3.81 medium access control (MAC) management protocol data unit (MMPDU): The unit of dataexchanged between two peer MAC entities, using services of the physical layer (PHY), to implement the MAC management protocol.
3.82 medium access control (MAC) protocol data unit (MPDU): The unit of data exchanged betweentwo peer MAC entities using the services of the physical layer (PHY).
3.83 medium access control (MAC) service data unit (MSDU): Information that is delivered as a unitbetween MAC service access points (SAPs).
3.84 message integrity code (MIC): A value generated by a cryptographic function. If the input data arechanged, a new value cannot be correctly computed without knowledge of the cryptographic key(s)used by the cryptographic function. This is traditionally called a message authentication code (MAC),but the acronym MAC is already reserved for another meaning in this standard.
3.85 Michael: The message integrity code (MIC) for the Temporal Key Integrity Protocol (TKIP).
3.86 mobile station (STA): A type of STA that uses network communications while in motion.
3.87 multicast: When applied to a medium access control (MAC) service data unit (MSDU), it is an MSDU with a multicast address as the destination address (DA). When applied to a MAC protocol data unit (MPDU) or control frame, it is an MPDU or control frame with a multicast address as the receiveraddress (RA).
3.88 multicast address: A medium access control (MAC) address that has the group bit set.
3.89 multicast-group address: A medium access control (MAC) address associated by higher levelconvention with a group of logically related stations (STAs).
3.90 network allocation vector (NAV): An indicator, maintained by each station (STA), of time periods when transmission onto the wireless medium (WM) will not be initiated by the STA whether or not the STA’s clear channel assessment (CCA) function senses that the WM is busy.
3.91 non-access point (non-AP) quality of service (QoS) station (STA): A STA that supports the QoSfacility, but is not an access point (AP). A non-AP STA does not have an hybrid coordinator (HC) and uses the QoS AP for the distribution system services (DSSs).
3.92 nonce: A numerical value, used in cryptographic operations associated with a given cryptographic key, that is not to be reused with that key, including over all reinitializations of the system through all time.
3.93 non-quality of service (non-QoS) access point (AP): An AP that does not support the quality ofservice (QoS) facility.
3.94 non-quality of service (non-QoS) basic service set (BSS): A BSS that does not support the quality of service (QoS) facility.
3.95 non-quality of service (non-QoS) station (STA): A STA that does not support the quality of service(QoS) facility.
3.96 pairwise: Referring to, or an attribute of, two entities that are associated with each other, e.g., an access point (AP) and an associated station (STA), or two STAs in an independent basic service set (IBSS) network. This term is used to refer to a type of encryption key hierarchy pertaining to keysshared by only two entities.
3.97 pairwise master key (PMK): The highest order key used within this standard. The PMK may bederived from a key generated by an Extensible Authentication Protocol (EAP) method or may be obtained directly from a preshared key (PSK).
3.98 pairwise master key security association (PMKSA): The context resulting from a successful IEEE 802.1X authentication exchange between the peer and Authentication Server (AS) or from a preshared key (PSK).
3.99 pairwise transient key (PTK): A value that is derived from the pairwise master key (PMK), Authenticator address (AA), Supplicant address (SPA), Authenticator nonce (ANonce), and Supplicant nonce (SNonce) using the pseudo-random function (PRF) and that is split up into as many as fivekeys, i.e., temporal encryption key, two temporal message integrity code (MIC) keys, EAPOL-Key encryption key (KEK), EAPOL-Key confirmation key (KCK).
3.100 pairwise transient key security association (PTKSA): The context resulting from a successful4-Way Handshake exchange between the peer and Authenticator.
3.101 parameterized quality of service (QoS): The treatment of the medium access control (MAC)protocol data units (MPDUs) depends on the parameters associated with the MPDU. Parameterized QoS is primarily provided through the hybrid coordination function (HCF) controlled channel access (HCCA) mechanism, but may also be provided by the enhanced distributed channel access (EDCA) mechanism when used with a traffic specification (TSPEC) for admission control.
3.102 pass-phrase: A secret text string employed to corroborate the user’s identity.
3.103 PeerKey Handshake: A key management protocol composed of the station-to-station link (STSL) master key (SMK) Handshake and the 4-Way STSL transient key (STK) Handshake. This is used to create new SMK security associations (SMKSAs) and STK security associations (STKSAs) to secure the STSLs.
3.104 per-frame encryption key: A unique encryption key constructed for each medium access control (MAC) protocol data unit (MPDU), employed by some IEEE 802.11 security protocols.
3.105 per-frame sequence counter: For Temporal Key Integrity Protocol (TKIP), the counter that is used as the nonce in the derivation of the per-frame encryption key. For Counter mode with Cipher-block chaining Message authentication code Protocol (CCMP), the per-frame initialization vector (IV).
3.106 piggyback: The overloading of a data frame with an acknowledgment of a previously receivedmedium access control (MAC) protocol data unit (MPDU) and/or a poll to the station (STA) to which the frame is directed.
3.107 point coordinator (PC): The entity within the STA in an AP that performs the point coordination function.
3.108 point coordination function (PCF): A class of possible coordination functions in which the
coordination function logic is active in only one station (STA) in a basic service set (BSS) at any given time that the network is in operation.
3.109 portable station (STA): A type of station (STA) that may be moved from location to location, butthat only uses network communications while at a fixed location.
3.110 portal: The logical point at which the integration service is provided.
3.111 pre-robust security network association (pre-RSNA): The type of association used by a pair ofstations (STAs) if the procedure for establishing authentication or association between them did not include the 4-Way Handshake.
3.112 pre-robust security network association (pre-RSNA) equipment: A device that is not able tocreate robust security network associations (RSNAs).
3.113 preshared key (PSK): A static key that is distributed to the units in the system by a method outside the scope of this standard, always by some out-of-band means.
3.114 prioritized quality of service (QoS): The provisioning of service in which the medium access control (MAC) protocol data units (MPDUs) with higher priority are given a preferential treatment over MPDUs with a lower priority. Prioritized QoS is provided through the enhanced distributed channel access (EDCA) mechanism.
3.115 protection mechanism: Any procedure that attempts to update the network allocation vector (NAV) of all receiving stations (STAs) prior to the transmission of a frame that may or may not be detected as valid network activity by the PHY entities at those receiving STAs.
3.116 protection mechanism frame: Any frame that is sent as part of a protection mechanism procedure.
3.117 pseudo-random function (PRF): A function that hashes various inputs to derive a pseudo-random value. In order to ensure liveness of a communication in which a pseudorandom value is used, a nonce is used as one of the inputs to the function.
3.118 quality of service (QoS) access point (AP): An AP that supports the QoS facility. The functions ofa QoS AP are a superset of the functions of a non-QoS AP, and thus a QoS AP is able to function as a non- QoS AP to non-QoS stations (STAs).
3.119 quality of service (QoS) basic service set (BSS): A BSS that provides the QoS facility. An
infrastructure QoS BSS contains a QoS access point (AP).
3.120 quality of service (QoS) facility: The set of enhanced functions, channel access rules, frame formats, frame exchange sequences and managed objects used to provide parameterized and prioritized QoS.
3.121 quality of service (QoS) independent basic service set (IBSS): An IBSS in which one or more ofits stations (STAs) support the QoS facility.
3.122 quality of service (QoS) station (STA): A STA that implements the QoS facility. A QoS STA actsas a non-QoS STA when associated in a non-QoS basic service set (BSS).
3.123 reassociation service: The service that enables an established association [between accesspoint (AP) and station (STA)] to be transferred from one AP to another (or the same) AP.
3.124 receive power: Mean power measured at the antenna connector.
3.125 received power indicator (RPI): A quantized measure of the received power level as seen at theantenna connector.
3.126 robust security network (RSN): A security network that allows only the creation of robust security network associations (RSNAs). An RSN can be identified by the indication in the RSN information element (IE) of Beacon frames that the group cipher suite specified is not wired equivalent privacy (WEP).
3.127 robust security network association (RSNA): The type of association used by a pair of stations(STAs) if the procedure to establish authentication or association between them includes the 4-WayHandshake. Note that the existence of an RSNA by a pair of devices does not of itself provide robust security. Robust security is provided when all devices in the network use RSNAs.
3.128 robust-security-network-association- (RSNA-) capable equipment: A station (STA) that is ableto create RSNAs. Such a device can use pre-RSNAs because of configuration. Notice that RSNA-capable does not imply full compliance with the RSNA Protocol Implementation Conformance Statement (PICS). A legacy device that has been upgraded to support Temporal Key Integrity Protocol (TKIP) can be RSNAcapable, but will not be compliant with the PICS if it does not also support Counter mode with Cipher-block chaining Message authentication code Protocol (CCMP).
3.129 robust-security-network-association- (RSNA-) enabled equipment: A station (STA) when it isRSNA-capable and dot11RSNAEnabled is set to TRUE.
3.130 robust security network association (RSNA) key management: Key management that includes the 4-Way Handshake, the Group Key Handshake, and the PeerKey Handshake.
3.131 scheduled service period (SP): The SP that is scheduled by the quality of service (QoS) accesspoint (AP). Scheduled SPs start at fixed intervals of time.
3.132 security network: A basic service set (BSS) where the station (STA) starting the BSS providesinformation about the security capabilities and configuration of the BSS by including the robustsecurity network (RSN) information element in Beacon frames.
3.133 selector: An item specifying a list constituent in an IEEE 802.11 Management Message information element.
3.134 service interval (SI): The interval between the start of two successive scheduled service periods(SPs).
3.135 service period (SP): A contiguous time during which one or more downlink unicast frames aretransmitted to a quality of service (QoS) station (STA) and/or one or more transmission opportunit
3.136 station (STA): Any device that contains an IEEE 802.11-conformant medium access control (MAC) and physical layer (PHY) interface to the wireless medium (WM).
3.137 station service (SS): The set of services that support transport of medium access control (MAC)service data units (MSDUs) between stations (STAs) within a basic service set (BSS).
3.138 station-to-station link (STSL): A direct link established between two stations (STAs) while
associated to a common access point (AP). This term refers to a generic mechanism that may be
implemented to allow direct station-to-station communication while remaining in the infrastructure mode. Establishment of this type of link includes an initialization step. The STSL is terminated by specific teardown procedures under the conditions prescribed in this standard. The only example ofthis procedure currently specified is direct link established by the direct-link setup (DLS).
3.139 station-to-station link (STSL) master key (SMK): A random value generated by an access point(AP) during an SMK Handshake. It is used for deriving an STSL transient key (STK).
3.140 station-to-station link (STSL) master key (SMK) Handshake: A key management protocolbetween two parties that creates a new SMK.
3.141 station-to-station link (STSL) master key security association (SMKSA): The context resultingrom a successful STSL master key (SMK) Handshake.
3.142 station-to-station link (STSL) transient key (STK): A value that is derived from the STSL masterkey (SMK), initiator MAC address (MAC_I), peer MAC address (MAC_P), initiator nonce (INonce), and peer nonce (PNonce), using the pseudo-random function (PRF). The value is split into as many as five keys, i.e., temporal encryption key, two temporal message integrity code (MIC) keys, EAPOL-Keyencryption key (KEK), and EAPOL-Key confirmation key (KCK).
3.143 station-to-station link (STSL) transient key security association (STKSA): The context resulting from a successful 4-Way STSL transient key (STK) exchange.
3.144 Supplicant: An entity at one end of a point-to-point LAN segment that is being authenticated by an Authenticator attached to the other end of that link. (IEEE Std 802.1X-2004)
3.145 Supplicant address (SPA): The medium access control (MAC) address of the IEEE 802.1X
Supplicant.
3.146 temporal encryption key: The portion of a pairwise transient key (PTK) or group temporal key(GTK) used directly or indirectly to encrypt data in medium access control (MAC) protocol data units(MPDUs).
3.147 temporal key: The combination of temporal encryption key and temporal message integrity code(MIC) key.
3.148 temporal message integrity code (MIC) key: The portion of a transient key used to ensure theintegrity of medium access control (MAC) service data units (MSDUs) or MAC protocol data units(MPDUs).
3.149 time unit (TU): A measurement of time equal to 1024 μs.
3.150 traffic category (TC): A label for medium access control (MAC) service data units (MSDUs) thathave a distinct user priority (UP), as viewed by higher layer entities, relative to other MSDUs provided for delivery over the same link. Traffic categories are meaningful only to MAC entities that support quality of service (QoS) within the MAC data service. These MAC entities determine the UP for MSDUs belonging to a particular traffic category using the priority value provided with those MSDUs the MAC service access point (MAC_SAP).
3.151 traffic classification (TCLAS): The specification of certain parameter values to identify themedium access control (MAC) service data units (MSDUs) belonging to a particular traffic stream(TS). The classification process, performed above the MAC service access point (MAC_SAP) at aquality of service (QoS) access point (AP), uses the parameter values for a given TS to examine each ncoming MSDU and determine whether this MSDU belongs to that TS. TCLAS may also occur at nonaccess point (non-AP) QoS station (STA) with multiple streams. However, such classification isbeyond the scope of thisstandard.
3.152 traffic identifier (TID): Any of the identifiers usable by higher layer entities to distinguish mediumaccess control (MAC) service data units (MSDUs) to MAC entities that support quality of service (QoS) within the MAC data service. There are 16 possible TID values; eight identify TCs, and the other eight identify parameterized TSs. The TID is assigned to an MSDU in the layers above theMAC.
3.153 traffic specification (TSPEC): The quality of service (QoS) characteristics of a data flow to and from a non-access point (non-AP) QoS station (STA).
3.154 traffic stream (TS): A set of medium access control (MAC) service data units (MSDUs) to bedelivered subject to the quality of service (QoS) parameter values provided to the MAC in a particulartraffic specification (TSPEC). TSs are meaningful only to MAC entities that support QoS withinthe MAC data service. These MAC entities determine the TSPEC applicable for delivery ofMSDUs belonging to a particular TS using the TS identifier (TSID) value provided with those MSDUs at the MAC service access point (MAC_SAP).
3.155 traffic stream identifier (TSID): Any of the identifiers usable by higher layer entities to distinguish medium access control (MAC) service data units (MSDUs) to MAC entities for parameterized quality of service (QoS) [i.e., the traffic stream (TS) with a particular traffic specification (TSPEC)] within the MAC data service. The TSID is assigned to an MSDU in the layers above the MAC.
3.156 transition security network (TSN): A security network that allows the creation of pre-robust security network associations (pre-RSNAs) as well as RSNAs. A TSN can be identified by the indication in the robust security network (RSN) information element of Beacon frames that the groupcipher suite in use is wired equivalent privacy (WEP).
3.157 transmission opportunity (TXOP): An interval of time when a particular quality of service (QoS)station (STA) has the right to initiate frame exchange sequences onto the wireless medium (WM). ATXOP is defined by a starting time and a maximum duration. The TXOP is either obtained by the STAby successfully contending for the channel or assigned by the hybrid coordinator (HC).
3.158 transmission opportunity (TXOP) holder: A quality of service (QoS) station (STA) that has eitherbeen granted a TXOP by the hybrid coordinator (HC) or successfully contended for a TXOP.
3.159 transmit power: The effective isotropic radiated power (EIRP) when referring to the operation ofa 5 GHz IEEE 802.11 orthogonal frequency division multiplexing (OFDM) physical layer (PHY) in a country where so regulated.
3.160 trigger-enabled access category (AC): A non-access point (non-AP) quality of service (QoS)station (STA) AC where frames of subtype QoS Data and QoS Null from the non-AP STA that map to the AC trigger an unscheduled service period (SP) if one is not in progress.
3.161 unauthorized disclosure: The process of making information available to unauthorized individuals, entities, or processes.
3.162 unauthorized resource use: Use of a resource not consistent with the defined security policy.
3.163 unicast: When applied to a medium access control (MAC) service data unit (MSDU), it is anMSDU with a single recipient address as the destination address (DA). When applied to a MACprotocol data unit (MPDU) or control frame, it is an MPDU or control frame with a single recipientaddress as the receiver address (RA).
3.164 unicast address: A medium access control (MAC) address that does not have the group bit set.Syn: directed address, individual address.
3.165 uniform spreading: A regulatory requirement for a channel selection mechanism that providesuniform usage across a minimum set of channels in the regulatory domain. 3.166 unscheduled service period (SP): The period that is started when a non-access point (non-AP) qualityof service (QoS) station (STA) transmits a trigger frame to the QoS access point (AP).
3.167 uplink: A unidirectional link from a non-access point (non-AP) station (STA) to an access point(AP).
3.168 user priority (UP): A value associated with an medium access control (MAC) service data unit(MSDU) that indicates how the MSDU is to be handled. The UP is assigned to an MSDU in the layersabove the MAC.
3.169 wired equivalent privacy (WEP): A deprecated cryptographic data confidentiality algorithmspecified by IEEE Std 802.11 that may be used to provide data confidentiality that issubjectively equivalent to the data confidentiality of a wired local area network (LAN) medium thatdoes not employcryptographic techniques to enhance data confidentiality.
3.170 wireless distribution system (WDS): A mechanism for wireless communication using a fouraddress frame format specified in this standard. This standard describes such a frame format, butdoes not describe how such a mechanism or frame format would be used.
3.171 wireless local area network (WLAN) system: A system that includes the distribution syste (DS), access points (APs), and portal entities. It is also the logical location of distribution andintegration service functions of an extended service set (ESS). A WLAN system contains one ormore APs and zero or more portals in addition to the DS.
3.172 wireless medium (WM): The medium used to implement the transfer of protocol data units(PDUs) between peer physical layer (PHY) entities of a wireless local area network (LAN).
