Bluetooth

What is Bluetooth? A cable-replacement technology that can be used to connect almost any device to any other device Radio interface enabling electronic devices to communicate wirelessly via short range (10 meters) ad-hoc radio connections a standard for a small , cheap radio chip to be plugged into computers, printers, mobile phones, etc 關於Bluetooth的介紹

What is Bluetooth? Uses the radio range of 2.45 GHz Theoretical maximum bandwidth is 1 Mb/s Several Bluetooth devices can form an ad hoc network called a “piconet” In a piconet one device acts as a master (sets frequency hopping behavior) and the others as slaves Example: A conference room with many laptops wishing to communicate with each other 關於Bluetooth的介紹

History Harald Bluetooth : 10th century Danish King, managed to unite Denmark and Norway Bluetooth SIG (Special Interest Group) : Founded in 1998 by : Ericsson, Intel, IBM, Toshiba and Nokia Currently more than 2500 adopter companies Created in order to promote, shape an define the specification and position Bluetooth in the market place Current specification : Bluetooth 2.1 介紹Bluetooth的歷史 在西元十世紀時的挪威，有個維京國王名叫『哈拉德藍芽』（Harald Bluetooth），他統一了丹麥王國，創造了維京人的盛世，將整個北歐帶進了統一的時代而名留青史，一千年後的今天，易利信（Ericsson）、諾 基亞（Nokia）、IBM、英代爾（Intel）和東芝（Toshiba）等五家藍芽技術的發起者，認為他們在無線網路領域中，統一了消費性電子商品世界所做的頁獻可以媲美 Harald Bluetooth 國王，所以 Bluetooth（藍芽）之名因此而產生。

Bluetooth Architecture Piconet Each piconet has one master and up to 7 simultaneous slaves Master : device that initiates a data exchange. Slave : device that responds to the master Scatternet Linking of multiple piconets through the master or slave devices Bluetooth devices have point-to-multipoint capability to engage in Scatternet communication. 介紹Bluetooth的連線模式，分別為Piconet以及Scatternet 1. Piconet：由一個master和最多七個slave的Bluetooth裝置來組成；master掌管此一個piconet通訊協定的運作；當然master也可以是其他piconet的slave， slave也可以是其他piconet的master。 2. 一個區域內，每個裝置可以依照應用上的需求同時加入多個piconet，這種多個piconet重疊的架構稱為Scatternet。

Piconet All devices in a piconet hop together Master gives slaves its clock and device ID Non-piconet devices are in standby M S P SB Piconet：由一個master和最多七個slave的Bluetooth裝置來組成；master掌管此一個piconet通訊協定的運作；當然master也可以是其他piconet的slave，slave也可以是其他piconet的master。 Standby Mode：在任何連結建立之前，所有的units都是在Standby狀態 Park Mode：當Slave不需要再參與Piconet，但是仍需要與Piconet維持同步時，便可以進入Park Mode。 Hold Mode：若沒有資料要傳送，可以保持在HOLD的狀態，而隨時可以重新啟動傳輸資料，Unit將會保持連結狀態且在一個低功率消耗的狀態， 所以HOLD通常使用在當連結多個piconet的時候。 SNIFF mode和 HOLD mode都會保留使用中的Address，但SNIFF mode是比較耗電的模式。 PARK mode則會將Address release出來給其他的device使用，而PARK mode比HOLD mode來得省電。 Hop (跳舞) M=Master P=Parked S=Slave SB=Standby

Scatternet Devices can be slave in one piconet and master of another S SB S M 一個區域內，每個裝置可以依照應用上的需求同時加入多個piconet，這種多個piconet重疊的架構稱為Scatternet。 M S SB P SB S

Physical links Between master and slave(s), different types of links can be established. Two link types have been defined: Synchronous Connection-Oriented (SCO) link Asynchronous Connection-Less (ACL) link 實體連線方式，分為SCO(語音)和ACL(資料)

Physical links Synchronous Connection Oriented (SCO) Support symmetrical, circuit-switched, point-to-point connections Typically used for voice traffic. Data rate is 64 kbit/s. Asynchronous Connection-Less (ACL) Support symmetrical and asymmetrical, packet-switched, point-to-multipoint connections. Typically used for data transmission . Up to 433.9 kbit/s in symmetric or 723.2/57.6 kbit/s in asymmetric SCO和ACL的介紹

Bluetooth Protocol Stack Bluetooth Radio Baseband LMP L2CAP Audio RFCOMM PPP IP UDP TCP WAP WAE OBEX vCard/vCal AT- Commands TCS BIN Host Controller Interface (HCI) Bluetooth Core Protocol Adopted Protocol Cable Replacement Protocol SDP Telephony Protocol Bluetooth Protocol Stack架構圖 1. Bluetooth Radio & Baseband 層次純粹是硬體模組的設計，負責射頻處理、基頻調變的功能。 2. Link Manager protocol(LMP) & L2CAP(Logical Link Control & Adaptation Protocol)，相當於底層通訊協定的功能(如Physical Layer、MAC Layer) - Link Manager protocol(LMP)負責Baseband Connections的設定及管理，如主控不同Bluetooth元件間的連線控制、元件的連結狀態、傳輸封包的加解密 與身分辨認等。 - L2CP負責Segmentation & Reassembly、Multiplexing、Quality Of Service等服務功能。 3. Host Controller Interface(HCI)用來界定Bluetooth與host設備之間連結介面的控制指令。 4. RFCOMM(RF Communication)協定層可提供串列連線的功能，其規格是根據ETSI 07.10的標準模擬RS232介面，故會提供類似RS232的控制訊號與資料 收發的訊號。 5. TCS Binary：內容為傳輸位元的協定(Bit-Oriented Control)，包括電話連線信號的建立控制(Call Control)以及移動時的漫游管理(Mobility Management)。 6. AT-command：是用來讓手機經由Bluetooth連上Modem的介面來上網際網路，也提供傳真的指令。 7. SDP(Service Discovery Protocol)包括兩部分：第一部份包括服務的紀錄(Service Record)，裡面記載著服務的Attribute以及相對映的ID；第二部分則描述 有關服務發現後所要做的事情，主要是建立一個通話連線(Session)，所以包含了通話協定，此SDP協定可與目前微軟定義的UpnP(Universal Plug and Play)及Sun提出的JINI配合使用。 8. OBEX：物件交換協定是一個由紅外線資料協會(IrDA)為了交換物件所發展出的會議層協定。OBEX提供與HTTP類似的功能，但更簡單。它亦提供 表示物件及操作的模型。由OBEX所傳送之內容格式的例子是vCard和vCalendar，分別提供電子名片格式與個人行事曆輸入及時間表資訊。 9. WAE/WAP：藍芽將無線應用環境與無線應用協定整合到其架構中

Bluetooth Protocol Stack Bluetooth Radio : specifics details of the air interface, including frequency, frequency hopping, modulation scheme, and transmission power. Baseband: concerned with connection establishment within a piconet, addressing, packet format, timing and power control. Link manager protocol (LMP): establishes the link setup between Bluetooth devices and manages ongoing links, including security aspects (e.g. authentication and encryption), and control and negotiation of baseband packet size 1. Bluetooth Radio & Baseband 層次純粹是硬體模組的設計，負責射頻處理、基頻調變的功能。 2. Link Manager protocol(LMP)，相當於底層通訊協定的功能(如Physical Layer) - Link Manager protocol(LMP)負責Baseband Connections的設定及管理，如主控不同Bluetooth元件間的連線控制、元件的連結狀態、傳輸封包的加解密 與身分辨認等。

Bluetooth Protocol Stack Logical link control and adaptation protocol (L2CAP): adapts upper layer protocols to the baseband layer. Provides both connectionless and connection-oriented services. Service discovery protocol (SDP): handles device information, services, and queries for service characteristics between two or more Bluetooth devices. Host Controller Interface (HCI): provides an interface method for accessing the Bluetooth hardware capabilities. It contains a command interface, which acts between the Baseband controller and link manager 1. L2CAP(Logical Link Control & Adaptation Protocol)，相當於底層通訊協定的功能(MAC Layer) - L2CP負責Segmentation & Reassembly、Multiplexing、Quality Of Service等服務功能。 2. Host Controller Interface(HCI)用來界定Bluetooth與host設備之間連結介面的控制指令。 3. SDP(Service Discovery Protocol)包括兩部分：第一部份包括服務的紀錄(Service Record)，裡面記載著服務的Attribute以及相對映的ID；第二部分則描述 有關服務發現後所要做的事情，主要是建立一個通話連線(Session)，所以包含了通話協定，此SDP協定可與目前微軟定義的UpnP(Universal Plug and Play)及Sun提出的JINI配合使用。

Bluetooth Protocol Stack TCS BIN (Telephony Control Service): bit-oriented protocol that defines the call control signaling for the establishment of voice and data calls between Bluetooth devices. OBEX(OBject EXchange) : Session-layer protocol for the exchange of objects, providing a model for object and operation representation RFCOMM: a reliable transport protocol, which provides emulation of RS232 serial ports over the L2CAP protocol WAE/WAP: Bluetooth incorporates the wireless application environment and the wireless application protocol into its architecture. 對Bluetooth Protocol Stack裡的元件作介紹 1. TCS Binary(TCS BIN)：內容為傳輸位元的協定(Bit-Oriented Control)，包括電話連線信號的建立控制(Call Control)以及移動時的漫游管理(Mobility Management)。 2. OBEX：物件交換協定是一個由紅外線資料協會(IrDA)為了交換物件所發展出的會議層協定。OBEX提供與HTTP類似的功能，但更簡單。它亦提供 表示物件及操作的模型。由OBEX所傳送之內容格式的例子是vCard和vCalendar，分別提供電子名片格式與個人行事曆輸入及時間表資訊。 3. RFCOMM(RF Communication)協定層可提供串列連線的功能，其規格是根據ETSI 07.10的標準模擬RS232介面，故會提供類似RS232的控制訊號與資料 收發的訊號。 4. WAE/WAP：藍芽將無線應用環境與無線應用協定整合到其架構中

Connection Establishment States Standby State in which Bluetooth device is inactive, radio not switched on, enable low power operation. Page Master enters page state and starts transmitting paging messages to Slave using earlier gained access code and timing information. Page Scan Device periodically enters page state to allow paging devices to establish connections. 對各個狀態作介紹

Connection Establishment States Inquiry State in which device tries to discover all Bluetooth enabled devices in the close vicinity. Inquiry scan Most devices periodically enter the inquiry scan state to make themselves available to inquiring devices. 對各個狀態作介紹

Inquiry and Page (1) ID packet (Broadcast) Standby Inquiry scan Master response Slave Connection (1) ID packet (Broadcast) (2) FHS packet (3) Paging ID packet (4) ID packet (5) FHS packet (6) ID packet (7) ID packet Standby 狀態變化處理程序圖，先Inquiry之後再Page

Bluetooth Security There are three modes of security for Bluetooth access between two devices. non-secure service level enforced security link level enforced security Device security level Trusted untrusted Service security level Authorization and Authentication Authentication only Open to all devices 介紹Bluetooth的三種安全模式，以及Device和Service的安全模式 service level-enforced security：建立連線後才根據應用的不同來決定安全性的高低. link level-enforced security：在建連結時就會啟用安全模式, 如果沒有通過則連結不會被建立.

Bluetooth Security The following are the three basic security services specified in the Bluetooth standard: Authentication verifying the identity of communicating devices. User authentication is not provided natively by Bluetooth. Confidentiality preventing information compromise caused by eavesdropping by ensuring that only authorized devices can access and view data. Authorization allowing the control of resources by ensuring that a device is authorized to use a service before permitting it to do so. 介紹三種Bluetooth的安全服務 Authentication：確認涉及資料交換的兩個藍芽裝置的身份。 Confidentiality：使用者資訊可用封包承載的加密來保護。 Authorization：兩個秘密金匙由藍芽單元產生與設定好後不公開。