6.1.2 Network Security Models

A Zigbee network can support a centralized security model (centralized security network) or a distributed security model (distributed security network). All devices except Zigbee coordinator are able to join a network supporting either model or adapt to the security conditions of the network they are joining. For more details, refer to the Zigbee Specification Revision 22 1.0 (05-3474-22).

Centralized Security Network

A centralized security network is a Zigbee network formed by a Zigbee coordinator with the functionality of a trust center. The trust center authenticates each node that joins such a network before it can operate on the network. After creating the centralized network, the Zigbee coordinator device must not attempt to join another network.

Default Global Trust Center Link Key

A link key that is supported by all devices, and is used to join a centralized security network if there is no other specific link.

In a centralized network, use the following keys to allow the devices to join.

  • Global Trust Center Link Key – Use this link key for joining centralized security networks. The value of the key is 0x5a 0x69 0x67 0x42 0x65 0x65 0x41 0x6c 0x6c 0x69 0x61 0x6e 0x63 0x65 0x30 0x39.
  • Install code link key – Is the link key derived from the install code from joining device to create unique Trust Center Link Key for joining.

Distributed Security Network

A distributed security network is a Zigbee network formed by a Zigbee router and does not have a trust center. The parent authenticates each node that joins such a network before it can operate on the network. A node designated as having a logical device type of a Zigbee router can attempt to join an existing centralized or distributed security network. However, a Zigbee router cannot form a centralized security network but can form a distributed security network. A node designated as having a logical device type of a Zigbee end device can attempt to join an existing centralized or distributed security network.

APL Layer Security

  • Transport Key service – Supports secured means to transport a key to another device or other devices. The secured transport-key command provides a means to transport link or network key from a key source (for example, the trust center) to other devices.
  • Request Key service – Supports a secure means for a device to request an end-to-end application link key or Trust Center Link Key from the trust center.
  • Verify Key service – Supports a secure means for a device to verify that the device and the trust center agree on the current value of the device’s link key.
  • Confirm Key service – Supports a secure means for a trust center to confirm a previous request to verify a link key.

For more details, refer to the PRO Base Device Behavior Specification (3.0.1).

Trust Center Link Key Exchange Procedure

Figure 6-1. Trust Center Link Key Exchange Procedure Sequence Chart

For more details, refer to the PRO Base Device Behavior Specification (3.0.1).