CONTROLLING TRANSMISSION OF GROUP-ADDRESSED DATA

Background

[0001 ] Electronic devices can communicate over wired or wireless networks.

Wireless networks can include a wireless local area network (WLAN), which includes one or more wireless access points (APs) to which devices are able to wirelessly connect.

[0002] In a wireless network, an AP can send a message targeted to multiple recipient wireless devices. This form of communication can include a broadcast of the message (which is targeted at all wireless devices within range of the AP or that satisfies some other condition) or a multicast of the message (which is targeted at wireless devices within a specified group regardless of whether they are in range of the AP). Broadcast and multicast transmissions can more generally be referred to as“group-addressed transmissions”, where the“group” of wireless devices targeted can be all wireless devices within range of the transmitting device or that satisfies some other condition, or a group that is associated with a specified address (e.g., a multicast address). Controlling group-addressed transmissions in a WLAN can be associated with various challenges.

Brief Description of the Drawings

[0003] Some implementations of the present disclosure are described with respect to the following figures.

[0004] Figs. 1 , 1 A and 1 B are block diagrams of example arrangements each including wireless devices that are able to communicate group-addressed data according to some implementations of the present disclosure.

[0005] Fig. 2 is a message flow diagram of a process relating to a wireless device sending group-addressed data, in some implementations of the present disclosure.

[0006] Fig. 3 is a message flow diagram of an access point (AP) sending group- addressed data to a wireless device, according to further implementations of the present disclosure. [0007] Figs. 4 and 5 are block diagrams of portions of messages to support Multicast Group Temporal Key (MGTK) according to further implementations of the present disclosure.

[0008] Fig. 6 is a block diagram of a wireless device according to some

implementations of the present disclosure.

[0009] Throughout the drawings, identical reference numbers designate similar, but not necessarily identical, elements. The figures are not necessarily to scale, and the size of some parts may be exaggerated to more clearly illustrate the example shown. Moreover, the drawings provide examples and/or implementations consistent with the description; however, the description is not limited to the examples and/or implementations provided in the drawings.

Detailed Description

[0010] In the present disclosure, use of the term“a,”“an”, or“the” is intended to include the plural forms as well, unless the context clearly indicates otherwise. Also, the term“includes,”“including,”“comprises,”“compri sing,”“have,” or“having” when used in this disclosure specifies the presence of the stated elements, but do not preclude the presence or addition of other elements.

[001 1 ] In a wireless local area network (WLAN), wireless devices may communicate with one another. A wireless device can include an endpoint device or a wireless access point (AP). A wireless AP (or more simply, an AP) can refer to a

communication device to which a wireless device can establish a wireless

connection to communicate with other endpoint devices. WLANs can include wireless networks that operate according to the Institute of Electrical and Electronic Engineers (IEEE) 802.1 1 or Wi-Fi Alliance Specifications.

[0012] Examples of endpoint devices include stations (ST As), access points (APs), computers (e.g., tablet computers, notebook computers, desktop computers, server computers, etc.), handheld devices (e.g. smart phones, personal digital assistants, etc.), wearable devices (smart watches, electronic eyeglasses, head-mounted devices, etc.), game appliances, health monitors, vehicles (or equipment in vehicles), cargo transportation units (e.g., trailers, containers, etc.), Internet of Things (loT) devices, roadside units (RSUs) (such as devices in traffic lights, traffic signs, etc., that are able to transmit information to vehicles or other devices), storage devices, communication nodes, or other types of endpoint or user devices that are able to communicate wirelessly. Endpoint devices can include mobile devices and/or fixed position devices. More generally, an endpoint device can refer to an electronic device that is able to communicate wirelessly.

[0013] An IEEE 802.1 1 Broadcast Services (BCS) task group (IEEE 802.1 1 be) is working to improve the efficiency and applicability of broadcast services. The broadcasting or multicasting of information according to“broadcast services” refers to broadcasting or multicasting information that may be different from control information used for associating a device with a network or establishing a connection with a network. For example, broadcasting or multicasting of information according to“broadcast services” can refer to broadcasting or multicasting data, such as user data, application program data, vehicle-related data (e.g., data relating to vehicles, vehicular traffic, road conditions, etc.), and/or other types of data.

[0014] The following are some examples of broadcast services.

[0015] A downstream broadcast service involves a source wireless device (e.g., an AP or another wireless device) broadcasting or multicasting information to any device capable of receiving the information. The information may be secured, so that only devices with an established security association to the source wireless device can correctly decode the information. Security association is established when a device has successfully authenticated and has been authorized to communicate. Example use cases of downstream broadcast services include any or some combination of the following: live streaming of data, advertisements (such as of services or products or other information), billboards, emergency information, and so forth.

[0016] A vehicular broadcast service involves a source wireless device (e.g., a roadside unit or RSU, a vehicle, or other wireless device) broadcasting or multicasting information to any device capable of receiving the information. The vehicular broadcast service differs from the downstream broadcast service in that either the source or receiving wireless device may be moving at high speed relative to each other. Example use cases include any or some combination of advanced railroad grade crossing, broadcast of traveler information, and so forth.

[0017] An uplink broadcast service involves a source wireless device (e.g., a sensor or other wireless device) broadcasting or multicasting information (in an uplink) to any device capable of receiving the information. The uplink broadcast service differs from the downstream broadcast service or the vehicular broadcast service as the source wireless device may be a transmit-only device and have restricted

capabilities (e.g., the source wireless device can include an loT device, etc.).

Example use cases include transmission of sensor data and so forth.

[0018] In a WLAN according to IEEE 802.1 1 , association between a wireless device and the WLAN refers to the establishment of a connection between the wireless device and another wireless device (e.g., an AP) that already has a connection to the WLAN. A“pre-associated state” of a wireless device refers to a state of the wireless device before the wireless device has established a connection with a WLAN. This state is also referred to as the unauthenticated, unassociated state or State 1.

[0019] Other states defined by IEEE 802.1 1 include an authenticated, unassociated state (State 2), an authenticated, associated state, but pending Robust Security Network (RSN) authentication (State 3), and an authenticated, associated with RSN association established state (State 4).

[0020] As used here, the broadcasting or multicasting of data can normally be referred to as group-addressed communications of group-addressed data. A“group” of wireless devices targeted in group-addressed communications can be all wireless devices within range of the transmitting device or that satisfy some other condition, or a group that is associated with a specified address (e.g., a multicast address).

[0021 ] Group-addressed transmissions in a WLAN can be associated with various issues. For example, traditional techniques or systems cannot address how transmission of group-addressed data can be performed in relation to unassociated wireless devices. Having a wireless device perform association with a WLAN so that transmissions of group-addressed data can occur can be inefficient, since it can take a relatively long time to perform the association, and the association can involve an exchange of a number of messages between the wireless device and the WLAN, which can take up communication resources.

[0022] Another issue relates to sending group-addressed data to a wireless device that is in a power-save mode (also referred to as a“doze state” or a“sleep state”).

In the power-save mode, various components of the wireless device are powered off to reduce power consumption at the wireless device as compared to when the components are powered on. In some cases, if no differentiation is made between broadcast data and multicast data, a wireless device that is operating in a power- save mode may be signaled to wake up to receive multicast data that is not targeted to the wireless device. This results in wasted power consumption of the wireless device in waking up from the power-save mode to receive multicast data that the wireless device then determines is not targeted to the wireless device.

[0023] In some cases, when there are wireless devices in a power-save mode belonging to a Basic Service Set (BSS) of an AP, the AP may cache (or store) group-addressed data that are targeted to the wireless devices in the power-save mode, and can later deliver the data in a unicast transmission to each of the wireless devices as the wireless device transition out of the power-save mode. A BSS typically refers to a group of wireless devices associated with one another, where one wireless device is an AP. If there are a large number of wireless devices, sending data in unicast transmissions can lead to replication of a large number of data frames to be transmitted in unicast transmissions to the corresponding wireless devices. Such unicast transmissions can be inefficient.

[0024] A further issue relates to security of group-addressed data. In some examples, security in a BSS provides an encryption key (or more simply, a“key”) for encrypting a data frame, where the key is based on a pairwise association between a wireless device and another wireless device (e.g., an AP). A group key can also be defined for group-addressed data frames in the BSS, where the group key is shared among all wireless devices in the WLAN. However, defining a group key that is shared by all wireless devices in the WLAN does not provide flexibility in cases where multiple keys may have to be used for different streams of group-addressed data or different groups of wireless devices.

[0025] Fig. 1 is a block diagram of an example network arrangement that includes a WLAN 102. The WLAN 102 includes one or more APs 106 with which one or more endpoint devices 104 are able to wirelessly communicate. The WLAN 102 can include multiple APs, and there may be multiple endpoint devices to communicate with the one or more APs of the WLAN 102.

[0026] In some examples according to Fig. 1 , the AP 106 can be a source wireless device that is able to broadcast or multicast information (in a group-addressed transmission 108) according to a broadcast service, and the endpoint device 104 can be a recipient wireless device to receive broadcast or multicast information according to the broadcast service. In other examples, the endpoint device 104 can be a source wireless device that can send broadcast or multicast information (in a group- addressed transmission 1 10) according to a broadcast service to one or more recipient wireless devices.

[0027] In further examples, another wireless device (not shown) can be coupled to the WLAN 102 that can act as a source wireless device or a recipient wireless device to communicate group-addressed data according to a broadcast service with either the endpoint device 104 or the AP 106.

[0028] More generally, a“wireless device” can refer to either an endpoint device or an AP. A wireless device can perform group-addressed transmission of group- addressed data to other wireless devices.

[0029] As shown in Fig. 1 , the endpoint device 104 includes a group-addressed transmission control engine 1 12 that is able to control the communication of group- addressed data. Similarly, the AP 106 includes a group-addressed transmission control engine 1 14 that is able to control the transmission of group-addressed data. [0030] As used here, an“engine” can refer to a hardware processing circuit, which can include any or some combination of a microprocessor, a core of a multi-core microprocessor, a microcontroller, a programmable integrated circuit, a

programmable gate array, a digital signal processor, or another hardware processing circuit. Alternatively, an“engine” can refer to a combination of a hardware processing circuit and machine-readable instructions (software and/or firmware) executable on the hardware processing circuit.

[0031 ] Group-addressed transmission from a wireless device to infrastructure

[0032] In some examples, as shown in Fig. 1 A, a wireless endpoint device 104, such as a non-AP station (STA), can perform group-addressed transmissions 1 10 to one or more other wireless devices 120 that are part of a network infrastructure (e.g., the WLAN 102). The“network infrastructure” can include an AP or another wireless device that is part of a network. In some examples, the wireless device that performs group-addressed transmissions can include a sensor device, an RSU, a vehicle, or any other type of wireless device. In some cases, it is desired that the wireless device performs the group-addressed transmissions while the wireless device is in the unassociated state (State 1 of IEEE 802.1 1 as discussed above). Thus, a source wireless device can send a group-addressed transmission to one or more other recipient wireless devices that are within range of the source wireless device.

[0033] In examples where the endpoint device 104 includes sensor data to send, the sensor data can be encoded and transmitted to devices (e.g., monitoring devices) that subscribe to a stream of the sensor data. A“stream” refers to a flow of data that is separately identifiable. In some examples, the stream can be sent in an Outside the Context of a BSS (OCB) mode or an Independent BSS (IBSS) mode.

[0034] The OCB mode is defined by IEEE 802.1 1. The OCB can be used within 10 and 20 megahertz (MHz) wide channels in the 5.9 gigahertz (GHz) band for a vehicular environment. No authentication or association between the endpoint device 104 and an AP has to be performed for communications between the endpoint device 104 and the AP 106. In OCB operation the AP (106) is treated as a peer STA. A parameter to be configured is the channel (central frequency and bandwidth) to communicate on, which can be configured beforehand.

[0035] An enhanced OCB mode is also being defined by IEEE 802.1 1 bd. This may allow operation of enhanced OCB devices outside of the 5.9 GHz band (e.g., in the rest of the 5 GHz band) and also provide the ability to use other channel bandwidths, apart from 10 and 20 MHz.

[0036] In other examples, the endpoint device 104 can be operated in an IBSS mode. An IBSS refers to an ad-hoc network that is without an AP. In IBSS mode, a source IBSS wireless device can perform a group-addressed transmission to one or more other IBSS wireless devices.

[0037] Group-addressed transmission start procedure

[0038] Fig. 2 is a message flow diagram of an example process performed between the endpoint device 104 (that supports the signaling depicted in Fig. 2) and the AP 106 (to allow the endpoint device 104 to start a group-addressed transmission of data). Note that the AP 106 may already have be involved in receiving group- addressed transmissions from one or more other wireless devices, some of which may not support the signaling depicted in Fig. 2. Although Fig. 2 shows the AP 106 as being a recipient wireless device for the receipt of group-addressed data from the endpoint device 104, it is noted that in other examples, other wireless devices can receive the group-addressed data from the endpoint device 104. Such other wireless devices can receive the group-addressed data directly from the endpoint device 104, or the other wireless devices can receive the group-addressed data forwarded by the AP 106 after the AP 106 has received the group-addressed data from the endpoint device 104.

[0039] To start the group-addressed transmission, the endpoint device 104 sends (at 202) a Broadcast Request message. The Broadcast Request message is broadcast by the endpoint device 104 for receipt by any APs within the range of the endpoint device 104. The Broadcast Request message may be sent by the group- addressed transmission control engine 1 12 (Fig. 1 ), for example. In the OCB case, the Broadcast Request message can be sent to another endpoint device instead of an AP.

[0040] The Broadcast Request message is sent with a group-addressed destination address and a group-addressed BSS identity (BSSID), for indicating that a group- addressed transmission is requested by the endpoint device 104. The message contains information about the stream or streams the device is advertising to send in a group-addressed transmission. A“stream” refers to a flow of data that is separately identifiable. The sending of the Broadcast Request message is an example of how a wireless device can subscribe to one or more streams that are sent in group-addressed transmission(s).

[0041 ] Optionally the content/payload of the Broadcast Request message is secured (encrypted or signed) using keys set ahead of time. The signing and/or encrypting can be based on IEEE 1609.2 certificates, such as IEEE 1609.2 certificates.

Examples of information in the Broadcast Request message can include metadata such as any or some combination of the following: a stream identifier (e.g., a name, identifier, or address to identify a stream), stream channel number (to identify a channel in which the stream is communicated), a stream camera angle (indicating an angle of a camera in examples where the endpoint device 104 is a camera), a video resolution and/or frame rate (in examples where the endpoint device 104 is a camera), an audio/video encoding bitrate in examples where the endpoint device 104 captures audio and/or video), a track number (to identify a track in examples where data is sent in multiple tracks), and so forth.

[0042] In response to the Broadcast Request message, the group-addressed transmission control engine 1 14 in the AP 106 sends (at 204) a Broadcast Response message. The Broadcast Response message is a unicast message sent by the AP 106 (or another wireless device) that received the Broadcast Request message from the endpoint device 104. The Broadcast Response message 204 is directed at the endpoint device 104.

[0043] The Broadcast Response message includes an accept or reject indication. In the case where the Broadcast Request message identified multiple streams of group-addressed data, the Broadcast Response message can contain one or more stream indications (e.g., information elements, etc.) to indicate which one or more of the streams the recipient wireless device (the AP 106 in the example of Fig. 2) has chosen to receive. The Broadcast Response message may contain a time limit indication (a time duration or end time) during which the recipient wireless device has chosen to receive the stream(s) of group-addressed data.

[0044] In response to receiving the Broadcast Response message, and assuming that the Broadcast Response message accepted the transmission of one or more streams of group-addressed data, the endpoint device 104 sends (at 206), in an uplink, one or more group-addressed transmissions of the stream(s) chosen by the AP 106 as indicated by the one or more stream indications in the Broadcast

Response message.

[0045] In some examples, the group-addressed data is not acknowledged by the AP 106 (or other recipient wireless device). Note that the group-addressed

transmissions (206) can be periodic transmissions (transmitted every regular time period) or intermittent transmissions (transmitted when triggered by an event, such as a temperature going outside a specified range, etc.).

[0046] Each group-addressed transmission (206) can include one or more group- addressed frames (e.g., a data frame and/or a management frame). In each data frame, a destination address is set to a multicast address or broadcast address.

[0047] For communication while the sender wireless device (e.g., 104) is in the unassociated state, the following three addresses in a header of a frame are set: a source address, which can be a source MAC address, of the sender wireless device; a destination address, which can be a group address (broadcast or multicast address representing a group-addressed stream); and a group-addressed BSSID set to a specified value, such as FF-FF-FF-FF-FE (or another address with an l/G bit set to G). [0048] A recipient wireless device can choose to process a received frame as a broadcast or multicast stream based on all three of the addresses above, or just a subset.

[0049] As an example, the endpoint device 104 can include a temperature sensor, a pressure sensor, and a humidity sensor. Temperature data from the temperature sensor is to be sent in a temperature data stream, pressure data from the pressure sensor is to be sent in a pressure data stream, and humidity data from the humidity sensor is to be sent in a humidity data stream (three streams in this example). The Broadcast Request message includes information about the three streams. The Broadcast Response message indicates which of the three streams the AP 106 has chosen to receive.

[0050] The group-addressed transmission control engine 1 12 of the endpoint device 104 can consider the selection of which streams were selected by the AP 106 for receipt when the group-addressed transmission control engine 1 12 decides which streams to start sending. Note that there may be more than one recipient wireless device for the streams within the broadcast service area (BSA), such that the group- addressed transmission control engine 1 12 can take into account Broadcast Response messages from more than one recipient wireless device when deciding which streams to transmit. For example, recipient wireless device 1 may choose stream 1 but not streams 2 and 3, but recipient 2 may choose streams 1 and 2 but not stream 3. In such examples, the group-addressed transmission control engine 1 12 can decide to transmit streams 1 and 2, but not stream 3.

[0051 ] Note that the device (e.g., the AP 106 in Fig. 2) that receives the Broadcast Request message may not be the endpoint of a stream of data. The AP 106 may forward the stream of data to another entity in the network. The IEEE 802.1 1 three address format may include a destination address that exists elsewhere behind the AP 106 in the LAN/WLAN. In such examples, the AP 106 can rebroadcast or re multicast the data frames of a stream on the entire LAN, or the AP 106 may unicast the data frames of the stream to Internet Group Management Protocol (IGMP)- snooped recipient(s) wireless devices. [0052] Group-addressed transmission stop procedure

[0053] At some point, the AP 106 (the recipient wireless device) (or another wireless coupled to the AP 106) may decide that the AP 106 wishes to stop receiving group- addressed data. The AP 106 sends (at 208) a Broadcast Stop Request message to the endpoint device 104. The Broadcast Stop Request message can be a unicast message individually addressed to the endpoint device 104.

[0054] The Broadcast Stop Request message may indicate the specific one or more streams to cease transmitting. This may be identified by a stream identifier, such as a group-addressed MAC address, a group-addressed IP address, or another identity. The endpoint device 104 considers the information in the Broadcast Stop Request message when deciding whether or not to stop the group-addressed transmission of a given stream. If for example there are multiple recipient wireless devices of a stream, the group-addressed transmission control engine 1 12 of the endpoint device 104 may continue to transmit the stream even though one of the recipient wireless devices sent a Broadcast Stop Request message to stop the stream.

[0055] In response to the Broadcast Stop Request message, the group-addressed transmission control engine 1 12 of the endpoint device 104 sends (at 210) a

Broadcast Stop Response message to acknowledge the receipt of the Broadcast Stop Request message. The Broadcast Stop Response message is unicast to the AP 106. In alternative implementations, the endpoint device 104 may send the Broadcast Stop Request message to the AP 106, requesting the AP 106 to stop the group-addressed transmission of a given stream. The AP 106 would then transmit a Broadcast Stop Response message to the endpoint device 104 to acknowledge the receipt of the Broadcast Stop Request message.

[0056] Fig. 2 shows an example where in-band control signaling (i.e., control signaling exchanged over a channel of the WLAN 102) is exchanged between the endpoint device 104 and the AP 106 (in the form of the messages 202, 204, 208, and 210) for controlling the group-addressed transmission of data. In other examples, the exchange of messages for controlling the group-addressed

transmission of data can be negotiated out-of-band, i.e., over a communication link that is separate from the WLAN 102. The control messages that are exchanged can establish channel information, a data rate, and a scheduling of the group-addressed transmission of data. There can also be a subscription process where one or more recipient wireless devices, such as the AP 106, are configured with traffic

characteristics and sensor information.

[0057] In some examples, security (privacy, trust, integrity) can be implemented by provisioning a security association. A mechanism can be provided for a recipient wireless device to subscribe to a sender wireless device to receive group-addressed transmissions. Alternatively, key distribution an encryption key for encrypting group- addressed data can be performed using an out-of-band mechanism (e.g., through a higher layer protocol). In this case, the higher layer protocol negotiates the key and once a key is agreed by the sender and recipient wireless devices, encryption at layer 2 (L2) can be used.

[0058] Group-addressed transmission in the downlink from infrastructure

[0059] In further examples, as shown in Fig. 1 B, network infrastructure equipment, such as the AP 106, can transmit group-addressed data (in 108) in a downlink to one or more recipient wireless devices (e.g., ST As 130, one of which can be the endpoint device 104), such as one or more associated wireless devices (e.g., wireless devices in State 4 as discussed above) or unassociated wireless devices (e.g., wireless devices in State 1 that is in the same BSA as the AP).

[0060] Fig. 3 is a message flow diagram of a process between the endpoint device 104 and the AP 106. The message flow diagram of Fig. 3 includes a discovery phase 302, a subscription/control phase 304, and a broadcast phase 306. In the discovery phase 302, the AP 106 can advertise that the AP 106 has data to send in group-addressed transmission(s) according to broadcast services. The discovery phase 302 can use techniques as described in U.S. Application No. 16/124,847, entitled“Indicating Support for a Broadcast Service,” filed September 7, 2018.

[0061 ] In some examples, in the discovery phase 302, the AP 106 that is provisioned with the ability to send group-addressed transmission(s) sends an indication of support for a broadcast service(s). The indication of support for broadcast service(s) (hereinafter“broadcast service indication”) can be in the form of an information element (e.g., a multi-bit field or a single bit) advertising that the source wireless device (e.g., the endpoint device 104 or the AP 106) can provide a broadcast service (or multiple broadcast services).

[0062] The broadcast service indication can be included in any of various different messages. For example, the broadcast service indication can be included in a beacon that is transmitted by the AP 106 for receipt by multiple wireless devices within a wireless range of the AP. A beacon from an AP can include a Service Set Identifier (SSID) of the AP, to identify the WLAN 102. The beacon can also include other information, which according to some implementations of the present disclosure include the broadcast service indication. A beacon is a type of an IEEE 802.1 1 management frame. In other examples, another type of an IEEE 802.1 1 management frame can be used to carry the broadcast service indication.

[0063] In other examples, the broadcast service indication can be included in a response message, such as a Probe response message, an Access Network Query Protocol (ANQP) response message, and so forth.

[0064] A Probe response according to IEEE 802.1 1 is a response to a Probe request sent by the endpoint device (e.g., 204 in Fig. 2). A Probe request can be transmitted by an endpoint device for receipt by one or more APs within the range of the wireless device. The Probe request is used by the endpoint device to discover AP(s) within the wireless communication range of the endpoint device.

[0065] ANQP is a type of an advertisement protocol. ANQP operates as a simple request and response protocol that is used by a device to discover a range of information from an“Access Network” (AN) server. This AN server is either co located with an AP or is located within a LAN, which is the layer 2 network to which the AP is connected. ANQP allows a device to determine the properties of the LAN before starting an association procedure. [0066] In other examples, the broadcast service indication sent can be included in another message.

[0067] In addition, as part of the discovery phase 302, the recipient wireless device (which in this case is the endpoint device 104) can send a request to the AP 106 requesting information of further details (e.g., characteristics and/or state) of a broadcast service(s), and in response, the AP 106 responds with a response containing the requested information. Examples of information included in the response can include any or some combination of the following: a number of stream(s) the source wireless device has available to send in group-addressed transmissions, channels (or sub-channels) on which the stream(s) is (are) broadcast, time and availability of the stream(s), whether security is provided on the stream(s), and so forth.

[0068] The subscription/control phase 304 can include control messages exchanged between the endpoint device 104 and the AP 106 to control the group-addressed transmission of data.

[0069] In the subscription/control phase 304, the group-addressed transmission control engine 1 12 in the endpoint device 104 can send (at 308) a Broadcast Inquiry Request message to the AP 106. The Broadcast Inquiry Request message can be sent as a unicast message, and includes information indicating that the endpoint device 104 is interested in group-addressed data transmitted by the AP 106 (or another device coupled to the AP 106). In addition, the Broadcast Inquiry Request message can include identifier(s) of stream(s) of the group-addressed data that the endpoint device 104 is interested in. The Broadcast Inquiry Request message is an example of how a wireless device can subscribe to a stream.

[0070] In the subscription/control phase 304, the group-addressed transmission control engine 1 14 in the AP 106 responds to the Broadcast Inquiry Request message by sending (at 310), as a unicast message, a Broadcast Inquiry Response message. [0071 ] The Broadcast Inquiry Response message can include information useable by the endpoint device 104 in receiving a group-addressed transmission from the AP 106. For example, Broadcast Inquiry Response message can include an Orthogonal Frequency-Division Multiple Access (OFDMA) resource unit (RU), a channel, a secondary channel, or other transmission resource to use for the group-addressed transmission. The AP 106 may provide OFDMA resource allocation such that some RUs are used for group-addressed transmissions, and other RUs are used for unicast transmissions. A wireless device may receive group-addressed data frames and unicast data frames, from different source addresses in the WLAN 102, on different subchannels (or RUs) simultaneously. This type of multiple access is enabled by the OFDMA capabilities in IEEE 802.1 1 ax, for example.

[0072] Further, the Broadcast Inquiry Response message can include a Multicast Group Temporal Key (MGTK) specific to a stream that the endpoint device 104 is interested in. If the endpoint device 104 has expressed interest in multiple streams using information in the Broadcast Inquiry Request message, the Broadcast Inquiry Response message can include multiple MGTKs for the respective streams.

[0073] The group-addressed transmission control engine 1 12 in the endpoint device 104 sends (at 212), as a unicast message, a Broadcast Inquiry Confirm message to acknowledge the Broadcast Inquiry Response message received from the AP 106.

[0074] The group-addressed transmission control engine 1 14 of the AP 106 may start (or stop) a stream based on control messaging exchanged during the subscription/control phase 304. In some cases, the sender wireless device (e.g., the AP 106 or another wireless device coupled to the AP 106) may have already been transmitting a given stream to other recipient wireless devices. In such cases, the AP 106 does not have to start the transmission of the given stream, but can just provide the recipient wireless device information about the ongoing given stream (e.g., keys, channel, timing information, etc.). Flowever, if a recipient wireless device requests a stream in the Broadcast Inquiry Request that the AP 106 (or another wireless device) has not yet started transmitting, the AP 106 (or another wireless device) can start transmitting the stream. [0075] In the subscription/control phase 304, a recipient wireless device can also request the stopping of a stream. In such cases, the group-addressed transmission control engine 1 14 of the AP 106 can make a determination of whether or not to stop the stream. For example, the AP 106 (or another wireless device) may be

transmitting the stream to other recipient wireless devices; in such a scenario, the AP 106 (or another wireless device) can continue to perform the group-addressed transmission of the stream so regardless of the stop request, if one or more (e.g., a threshold number of) other wireless devices are subscribed to the stream.

[0076] The control messages exchanged in the subscription/control phase 304 can include Generic Advertisement Service (GAS) or ANQP request and response messages (according to IEEE 802.1 1 aq) or other types of messages (in state 1 or 4). In some examples, the control messages can include Current Traffic Specification (TSPEC) information, which allows one wireless device to signal its traffic

requirement to another wireless device.

[0077] In further examples, Internet Group Management Protocol (IGMP) snooping allows a network infrastructure (e.g., an AP or another network device) to determine that a wireless device (e.g., the endpoint device 104) is interested in group- addressed data. IGMP snooping can be used at the AP 106 to manage the list of streams (as group addresses in use) and the wireless devices subscribed to those streams

[0078] Once the subscription/control phase 304 is performed, the AP 106 can broadcast data in the broadcast phase 306. In the broadcast phase 306, the AP 106 (or another wireless device coupled to the AP 106) sends (at 314) group-addressed transmissions to the endpoint device 104.

[0079] Each stream that is sent in a group-addressed transmission can include streaming data, such as audio, video, or sensor data. The stream can be

transmitted periodically from the AP 106 to wireless device(s) that subscribe(s) to the stream, or can be transmitted intermittently in response to an event. [0080] Each group-addressed transmission from the AP 106 includes one or more frames (data frame and/or management frame), which can be sent to a wireless device in State 4 or State 1 . A value of one or more of the addresses in the three address MAC header of each frame may correspond to the multicast or broadcast destination address of the stream. The frames may be transmitted in a particular resource unit (RU) of an IEEE 802.1 1 ax OFDMA transmission, for example. A stream may be transmitted in a channel adjacent to another channel used for unicast data. Alternatively, a dedicated subchannel (e.g., an OFDMA RU) can be used to carry the stream.

[0081 ] For a wireless device in State 1 , the determination of whether a received frame is part of a stream starts by checking the 3 addresses, and whether the BSSID matches the multicast address of a particular stream.

[0082] Communication bandwidth depends on the type of stream. The AP 106 may allocate RU sizes based on requirements of the stream

[0083] The transmission of frames of a stream may be synchronized with a power save state such as Traffic indication map/Delivery traffic indicaiton map (TIM/DTIM) periods or target wake time (TWT) periods. This may be communicated from to the receiving device such that it can optimize the power saving of its receiver hardware.

[0084] TIM/DTIM periods are periods that define a general time for a wireless device to be in a power-save mode or be awake. Therefore if the transmission of group- addressed data from an AP is synchronised based on the TIM/DTIM transmissions from the same AP, then the recipient wireless device may be be awake to receive the group-addressed data. TWT periods define when a wireless device is to wake up to receive data. [0085] Security

[0086] Security in a BSS can use an encryption key for encrypting a data frame. The key can include a group key. In IEEE 802.1 1 -2016, a Group Temporal Key (GTK) that is distributed by an AP has a key identifier (Key ID) of 0 or 1 and is applied to all group-addressed data.

[0087] In accordance with some implementations of the present disclosure, multiple group keys can be used for different streams of group-addressed data or different groups of wireless devices. Such a group key can be referred to as a Multicast GTK (MGTK). One or more MGTKs can be defined. In such implementations, the IEEE 802.1 1 -2016 GTK can be referred to as a Broadcast GTK (BGTK).

[0088] To enable MGTK, a new Authentication and Key Management (AKM) (or set of AKMs) is defined that support BGTK and MGTK. Support for the new AKM or set of AKMs can be negotiated between the AP 106 and the wireless devices during the association process. When using this new AKM instead of previously defined AKM a larger number of Key IDs are enabled as described later.

[0089] The AP 106 maintains a mapping between the MGTK, a group-addressed stream, and a set of wireless devices subscribed to the group-addressed stream. Each group of wireless devices (referred to as an“MGTK group”) that employ a particular MGTK is assigned a respective identifier (referred to as an“MGTK identifier”). Different groups of wireless devices that employ respective different MTGKs are assigned different identifiers.

[0090] The AP 106 may advertise one or more group-addressed streams in beacons, Probe responses, or other messages or information elements. This advertisement includes information about the MGTK to use for each stream.

[0091 ] After a wireless device has subscribed to a group-addressed stream, the AP 106 assigns the wireless device to an MGTK group and transmits the MGTK to the wireless device in a GTK handshake exchange. [0092] The endpoint device 104 and/or the AP 106 can each advertise support for MGTK. For example, support for MGTK can be advertised as a service or an element in an ANQP message or another type of message.

[0093] When the endpoint device 104 associates with the AP 106, the endpoint device 104 and the AP 106 can negotiate support for MGTK, such as by using a 4- way handshake. For example, the negotiated MGTK can be indicated in a capability bit in a Robust Security Network Element (RSNE) in an association request, or can be included in a set of new AKM suites in the RSNE.

[0094] A control element to be modified is a Key Data Element (KDE), which can be modified as shown in Fig. 4. The KDE of Fig. 4 includes a Key ID 402, with both bits set to“1” to indicate use of MGTK. An MGTK Key ID 404 identifies an MGTK, and a GTK or MGTK field includes a GTK or an MGTK (MGTK if both bits of the Key ID 402 are set to“1”). Although example value and lengths are shown in Fig. 4, it is noted that in other examples, other values and/or lengths can be used.

[0095] The AP and wireless device(s) store the MGTK. This multiplicity of Key IDs allows a larger number of Key IDs than just 0 and 1 . This then enables an AP to maintain the multiple groups/sets of devices with different MGTKs. The

differentiating Key IDs also enables STAs to maintain keys of multiples of these groups simultaneously.

[0096] For an associated wireless device, the capability of supporting more than one group key (GTK) in the BSS is exchanged at the time of association. Each group- addressed stream can be protected with a respective different group key (GTK). A group key (GTK) can include a BGTK or an MGTK (from among multiple MGTKs).

[0097] When the AP transmits a group-addressed stream, the AP encapsulates a frame using the MGTK. The encapsulation works in one of the following ways.

[0098] In an example, the AP uses a bit in a Counter Mode with Chaining Message Authentication Code Protocol/Galois Counter Mode Protocol (CCMP/GCMP) header 500 (Fig. 5) to indicate that a stream is a group-addressed stream, and encapsulates each frame of the stream using the appropriate MGTK.

[0099] In another example, the AP indicates the MGTK Key ID in the CCMP/GCMP header of each frame transmitted to indicate the Key ID of the specific MGTK that the receiver should use to decode the data PDU carried in that frame. The

CCMP/GCMP header 500 is included as part of a data frame (a CCMP MPDU). The CCMP/GCMP header 500 includes a reserved field 502, an MGTK Key ID field 504 that includes an MGTK Key ID, an Ext IV field 506, and a Key ID field 508 (which if set to a specified value, such as both bits Ί” indicates that an MGTK Key ID is assigned in the header 500).

[00100] When an associated wireless device receives a group-addressed frame for a stream that the wireless device has not subscribed to, the wireless device drops the frame based on its multicast address, or drops the frame for which the wireless device does not have an MGTK.

[00101 ] An AP assigning a singular GTK to a STA is accomplished during a 4- way handshake once a pairwise transient key (PTK) is generated. In the case of assigning multiple GTK and MGTK this can be done in unicast messages from AP to STA secured by the PTK and MIC at any point after the 4-way handshake. The AP can set a new MGTK or update an existing MGTK by indicating the Key ID of the MGTK it is assigning a new value to. The AP can also send a frame to the STA indicating that an particular Key ID is no longer valid. In this case the STA should delete that MGTK, but since that cannot be guaranteed, the AP shall not reuse an old value of an MGTK at a later time.

[00102] General arrangement

[00103] Fig. 6 is a block diagram of a first wireless device 600 that is able to transmit or receive group-addressed data according to some examples. The first wireless device 600 can be the endpoint device 104 of Fig. 1 , for example.

[00104] The first wireless device 600 includes a communication interface 602 to communicate over a WLAN. The communication interface 602 includes a transceiver and a protocol stack including protocol layers that manage

communication according to respective communication protocols.

[00105] The first wireless device 600 includes one or more hardware processors 604. A hardware processor can include a microprocessor, a core of a multi-core microprocessor, a microcontroller, a programmable integrated circuit, a programmable gate array, a digital signal processor, or another hardware processing circuit.

[00106] The first wireless device 600 further includes a non-transitory machine- readable or computer-readable storage medium 606 storing machine-readable instructions that are executable on the one or more processors to perform respective tasks.

[00107] The machine-readable instructions can include group-addressed transmission control instructions 608 to manage communications of group- addressed data.

[00108] The group-addressed transmission control instructions 608 are executable to send, from the first wireless device 600 to a second wireless device (e.g., the AP 106), a control indication that controls transmission of group-addressed data between the first wireless device and the second wireless device over the WLAN. For example, the control indication can include a start indication (e.g., the Broadcast Request message of Fig. 2) to start a procedure for the first wireless device 600 to send group-addressed data (e.g., 206 in Fig. 2). [00109] As another example, the control indication can include another start indication (e.g., the Broadcast Inquiry Request message of Fig. 3) to cause the second wireless device to transmit the group-addressed data to the first wireless device 600.

[001 10] In response to the control indication, the first wireless device 600 receives a response indication (e.g., the Broadcast Response message of Fig. 2 or the Broadcast Inquiry Response message of Fig. 3) from the second wireless device regarding the transmission of the group-addressed data.

[001 1 1 ] In examples where the first wireless device 600 is the sender of group- addressed data, the control indication identifies a plurality of streams of group- addressed data, and the response indication from the second wireless device identifies a subset of the plurality of streams of group-addressed data that the second wireless device has selected to receive. Further, the response indication can include timing information (e.g., the time limit indication discussed in the section “Group-addressed transmission start procedure” above) relating to a timing relating to when the second wireless device has chosen to receive the group-addressed data.

[001 12] In some examples, the first wireless device 600 receives, from the second wireless device, a key for encrypting the group-addressed data, where the key is associated with a group of wireless devices, and where different groups of wireless devices are associated with different keys for data encryption. Further, the key is associated with a particular stream that includes the group-addressed data, and different streams of group-addressed data are associated with different keys for data encryption.

[001 13] The storage medium 606 can include any or some combination of the following: a semiconductor memory device such as a dynamic or static random access memory (a DRAM or SRAM), an erasable and programmable read-only memory (EPROM), an electrically erasable and programmable read-only memory (EEPROM) and flash memory; a magnetic disk such as a fixed, floppy and removable disk; another magnetic medium including tape; an optical medium such as a compact disc (CD) or a digital video disc (DVD); or another type of storage device. Note that the instructions discussed above can be provided on one computer-readable or machine-readable storage medium, or alternatively, can be provided on multiple computer-readable or machine-readable storage media distributed in a large system having possibly plural nodes. Such computer-readable or machine-readable storage medium or media is (are) considered to be part of an article (or article of manufacture). An article or article of manufacture can refer to any manufactured single component or multiple components. The storage medium or media can be located either in the machine running the machine-readable instructions, or located at a remote site from which machine-readable instructions can be downloaded over a network for execution.

[001 14] In the foregoing description, numerous details are set forth to provide an understanding of the subject disclosed herein. However, implementations may be practiced without some of these details. Other implementations may include modifications and variations from the details discussed above. It is intended that the appended claims cover such modifications and variations.