There are two types of certificate are categorize by WiMAX standard: one is for Subscriber Station (SS) certificates and the other is for manufacturer certificates but there is no provision for Base Station (BS) certificates. A manufacturer certificate identifies the manufacturer of a WiMAX device. It can be a self signed certificate or subjected to any third party. A Subscriber certificate identifies a particular Subscriber Station and enclosed its MAC address in the subject field. Manufacturers normally create and sign Subscriber Station certificates.
Generally the Base Station (BS) uses the manufacturer certificate’s public key to validate the Subscriber Station (SS) certificate, and therefore identify the device as genuine. This design assumes that the Subscriber Station (SS) keeps the private key related to its public key in a sealed storage, preventing attackers from easily compromise it. The major drawback of the WiMax security design is the lack of a Base Station (BS) certificate. The only approach to defend the client against forgery or replay attack is to offer a scheme for mutual authentication. In 802.16e, EAP can be verified with specific authentication methods such as X.509 certificate. (D Johnston, J Walker, 2004)