Identifying How WAP Can Be Used For Secure M-Business 3rd Wireless eBusiness Security Forum Barcelona. January 29-30, 2002
Contents <ul><li>Introduction </li></ul><ul><li>WAP Security Technologies </li></ul><ul><li>IT-Strategy Impact </li></ul><...
WAP - Wireless Application Protocol <ul><li>A technology to deliver Internet/WWW contents and data services to mobile devi...
(R)evolution with WAP-NG <ul><li>WAP over GSM (9,6 Kbit/sec) did not have the desired success. Commonly heart criticisms i...
WAP Generation 1 and 2 Stacks Bearer WDP WTLS WTP WSP Subnet IP TCP HTTP WSP WTP WTLS WDP Bearer Mobile device WAP gateway...
Classification of the Considered IT-Security Technologies <ul><li>Application technologies: </li></ul><ul><li>Communicatio...
Contents <ul><li>Introduction </li></ul><ul><li>WAP Security Technologies </li></ul><ul><li>IT-Strategy Impact </li></ul><...
Timeline of WAP Security Specifications WAP 1.2 WAP 1.1 WAP 1.0 Dec. 99 Jun. 99 Apr. 98 WTLS (April, 98) WTLS (Feb., 99) A...
Since WAP 1.0 WTLS - Wireless TLS WAP generation 1 stack Session   Layer (WSP) Transaction Layer (WTP) Application Layer (...
WTLS Limitations WTLS span 1 4 3 2 5 6 7 8 Mobile device Base  station Web server <ul><li>WTLS security sessions terminate...
WAP Gateway Out- vs. Insourcing Mobile device WAP gateway Web server <ul><li>Outsourced WAP gateway: </li></ul><ul><li>No ...
Since WAP 1.2 WMLScript Crypto (Aka: WMLSCrypt) <ul><li>The ‘WMLScript Crypto Library’ specification provides information-...
Since WAP 1.2 WIM - Wireless Identity Module <ul><li>WIM is a security token specification. </li></ul><ul><li>It supports ...
ICC-Based WIM Implementation Options with Respect to SIM <ul><li>WIM provided as original size ICC. </li></ul><ul><li>Inte...
Since WAP 2.0 WPKI and WAPCert <ul><li>WPKI is a PKI specification for mobile environments.  </li></ul><ul><li>It describe...
Since WAP 2.0 TLS - Transport Layer Security <ul><li>The TLS protocol (RFC 2246) is the successor of SSLv3.0.  </li></ul><...
Future WAP Security Features  Under Construction <ul><li>Following enhancements are currently being considered in the WAP ...
A Vision PTDs - Personal Trusted Devices <ul><li>Are mobile communication devices that are capable of securely storing per...
Contents <ul><li>Introduction </li></ul><ul><li>WAP Security Technologies </li></ul><ul><li>IT-Strategy Impact </li></ul><...
IT-Strategy Challenges <ul><li>Concern I: WAP 1    2 migration </li></ul><ul><ul><li>General issues: </li></ul></ul><ul><...
Application Technologies  WAP   Security Integration 1 <ul><li>WAP generation 1: </li></ul><ul><ul><li>Communication-bound...
Infrastructure Technologies  WAP   Security Integration 2 <ul><li>As of today, private key operations upon user agents are...
Contents <ul><li>Introduction </li></ul><ul><li>WAP Security Technologies </li></ul><ul><li>IT-Strategy Impact </li></ul><...
Conclusions <ul><li>To be able to support M-Commerce and M-Business services, IT-security has been an issue of WAP develop...
Abbreviations 3GPP Third-Generation Partner Project AID Application ID ASN Abstract Syntax Notation CDMA Code Division Mul...
References and Further Reading <ul><li>Cryptography : Menezes, A.J.; van Oorschot, P.C.; Vanstone, S.A.: Handbook of Appli...
Author Information Dr. Oliver Pfaff Siemens AG Information and Communication Networks Charles-De-Gaulle-Str. 2 D-81730 Mun...
Upcoming SlideShare
Loading in …5
×

Identifying How WAP Can Be Used For Secure mBusiness

993 views

Published on

IIR Wireless eBusiness Security Forum Barcelona. January, 2002

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
993
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Identifying How WAP Can Be Used For Secure mBusiness

  1. 1. Identifying How WAP Can Be Used For Secure M-Business 3rd Wireless eBusiness Security Forum Barcelona. January 29-30, 2002
  2. 2. Contents <ul><li>Introduction </li></ul><ul><li>WAP Security Technologies </li></ul><ul><li>IT-Strategy Impact </li></ul><ul><li>Conclusions </li></ul>
  3. 3. WAP - Wireless Application Protocol <ul><li>A technology to deliver Internet/WWW contents and data services to mobile devices over wireless networks: </li></ul><ul><ul><li>Devices: cellular phones, PDAs,... </li></ul></ul><ul><ul><li>Network technologies: GSM, GPRS, UMTS, CDMA, TDMA,... </li></ul></ul><ul><ul><li>Services: entertainment, finance, information, location dependency, multi-media, retail,... </li></ul></ul><ul><li>Enables M-Commerce and M-Business services. </li></ul><ul><li>Being developed by the WAP Forum, a global industry consortium. </li></ul><ul><li>The WAP Forum specifications comprise protocol and non-protocol specifications. </li></ul>‘ Internet world‘ Wireless network ‘ Telephony world’ PSTN WAP gateway HTTP TCP/IP Web services
  4. 4. (R)evolution with WAP-NG <ul><li>WAP over GSM (9,6 Kbit/sec) did not have the desired success. Commonly heart criticisms include: </li></ul><ul><ul><li>Connection establishment delays </li></ul></ul><ul><ul><li>Latency and bandwidth issues </li></ul></ul><ul><ul><li>Costs are considered prohibitive </li></ul></ul><ul><ul><li>User experience does not meet the ‘mobile Internet’ promise </li></ul></ul><ul><li>In July 2001, the WAP Forum responded with an alignment to Internet and WWW standard protocols and formats. The WAP-NG effort introduced XHTML, HTTP, and SSL/TLS support. The resulting technology generation is called WAP 2.0. </li></ul><ul><li>WAP 2.0 succeeds the prior WAP generation 1 specification releases. A migration path for the actual WAP stack (i.e. protocol suite) exists but perspectively it has to be considered abandoned. </li></ul><ul><li>This movement also aligns WAP with the technology basis of the NTT DoCoMo service iMode (cHTML, HTTP, SSL/TLS). The WAP-NG efforts were initiated by NTT DoCoMo in late 1999. </li></ul>
  5. 5. WAP Generation 1 and 2 Stacks Bearer WDP WTLS WTP WSP Subnet IP TCP HTTP WSP WTP WTLS WDP Bearer Mobile device WAP gateway Web server TLS IP Subnet Mobile device WAP proxy Subnet TCP* TLS Subnet IP TCP* Subnet IP TCP Web server Generation 1: own protocol stack and presentation language Generation 2: alignment with Internet and WWW standards HTTP* IP TCP TLS HTTP Subnet IP TCP TLS HTTP HTTP* HTTP Remark: WAP 2.0 also supports transport proxies and IP routers as intermediate entities. WML over HTTP WBXML over WSP
  6. 6. Classification of the Considered IT-Security Technologies <ul><li>Application technologies: </li></ul><ul><li>Communication-bound security Provides transient data encapsulation as part of communication services. </li></ul><ul><li>Information-bound security Provides persistent or transient data encapsulation as part of application services. </li></ul><ul><li>Infrastructure technologies: </li></ul><ul><li>Security token Stores private keys and other crypto-graphic credentials. Optionally provides computations upon these resources. </li></ul><ul><li>Public key infrastructure Defines and manages bindings between entity identifiers and public keys. </li></ul>Public key infrastructure Entity identifier Public key Application technologies Infrastructure Application Entity Private key G o a l Security token
  7. 7. Contents <ul><li>Introduction </li></ul><ul><li>WAP Security Technologies </li></ul><ul><li>IT-Strategy Impact </li></ul><ul><li>Conclusions </li></ul>
  8. 8. Timeline of WAP Security Specifications WAP 1.2 WAP 1.1 WAP 1.0 Dec. 99 Jun. 99 Apr. 98 WTLS (April, 98) WTLS (Feb., 99) Approved specification releases: WMLSCrypt (Nov., 99) WIM (Nov., 99) WTLS (Nov., 99) WAP 1.2.1 WTLS (Feb., 00) Jun. 00 Jul. 01 WMLSCrypt (Nov., 99) WIM (Feb., 00) WTLS (Apr., 01) WMLSCrypt (Jun., 01) WIM (Jul., 01) WAP 2.0 WPKI (Apr., 01) TLS (Apr., 01) E2ESec (Jun., 01) WAPCert (May, 01)
  9. 9. Since WAP 1.0 WTLS - Wireless TLS WAP generation 1 stack Session Layer (WSP) Transaction Layer (WTP) Application Layer (WAE) Bearer Transport Layer (WDP) Security Layer (WTLS) <ul><li>WTLS is a security protocol to provide secure communications between WAP endpoints. </li></ul><ul><li>WTLS offers communication-bound security services: </li></ul><ul><ul><li>mutual entity authentication </li></ul></ul><ul><ul><li>transient message confidentiality </li></ul></ul><ul><ul><li>transient message integrity and authentication </li></ul></ul><ul><li>WTLS entity authentication classes: </li></ul><ul><ul><li>1: client and server unauthenticated </li></ul></ul><ul><ul><li>2: client unauthenticated, server authenticated </li></ul></ul><ul><ul><li>3: client and server authenticated </li></ul></ul><ul><li>The WTLS design follows that of TLS. But WTLS and TLS are not inter-operable. In contrast to TLS, WTLS can run above unreliable transport systems. </li></ul>
  10. 10. WTLS Limitations WTLS span 1 4 3 2 5 6 7 8 Mobile device Base station Web server <ul><li>WTLS security sessions terminate at WAP gateways, i.e. WAP clients and gateways are the ends of the WTLS security span. </li></ul><ul><li>WAP generation 1 provides following options to obviate potential security breaches: </li></ul><ul><ul><li>Supply of contents through WAP service providers. </li></ul></ul><ul><ul><li>Supply of WAP services through content providers. </li></ul></ul><ul><li>WAP 2.0 adds the so-called ‘WAP gateway navigation’ feature to the WAP stack (i.e. WSP, WTP, WTLS, WDP). The ‘WAP Transport Layer E2E Security Specification’ supports the co-existence of mobile operator and content provider WAP gateways. </li></ul>Dial-in server WAP gateway Dial-in server WAP gateway WAP gateway navigation:
  11. 11. WAP Gateway Out- vs. Insourcing Mobile device WAP gateway Web server <ul><li>Outsourced WAP gateway: </li></ul><ul><li>No additional services in the DMZ. No changes to the network configuration. </li></ul><ul><li>Certificate-based client authentication against own systems does not work. Exchange of sensitive data requires trust in independent third parties. </li></ul><ul><li>Insourced WAP gateway: </li></ul><ul><li>Enables homogeneous authentication of Web and WAP-based accesses. </li></ul><ul><li>Requires implementation and provisioning of WAP services. Requires changes to the network configuration and firewall settings. </li></ul>Enterprises supporting Web-based accesses to Intranet resources via publically reachable https-servers in the DMZ have several options to accomodate WAP gateways in order to supply WAP-based resource accesses: Backend services
  12. 12. Since WAP 1.2 WMLScript Crypto (Aka: WMLSCrypt) <ul><li>The ‘WMLScript Crypto Library’ specification provides information-bound security services. </li></ul><ul><li>Currently, it defines a signature interface signText to digitally sign application data upon mobile devices. </li></ul><ul><li>The signText script command supports signing of character strings. It can be inserted into WMLScript pages and allows to sign WML forms. </li></ul><ul><li>Conforming WAP browsers initiate the digital signing of application data on encountering signText commands. </li></ul><ul><li>This specification also defines a signature format that is called SignedContent to represent the digital signature. </li></ul>Sample WMLScript source: Sample GUI:
  13. 13. Since WAP 1.2 WIM - Wireless Identity Module <ul><li>WIM is a security token specification. </li></ul><ul><li>It supports storing and employing of user credentials (e.g. private keys, user and trusted certificates) upon mobile devices. </li></ul><ul><li>Current WIM applications are transport-layer (e.g. WTLS) and application-layer (e.g. WMLSCrypt signText ) security. </li></ul><ul><li>Tamper-resistant WIM carriers are required. ISO 7816-based ICCs are assumed to be the default WIM media. </li></ul><ul><li>WIM defines a PKCS#15-based reference system for embedded credentials as well as service primitives for applications. </li></ul><ul><li>WIM and SIM applications may be cohabitants upon a single ICC or reside on different media. </li></ul>WIM service primitives PKCS#15 interpreter (AID: WAP-WIM) ISO 7816 MF AID: WAP-WIM ICC application Security objects DF(PKCS15) Reference system WIM application WIM EF(Certificate) EF(Private key) EF(Certificate ID)
  14. 14. ICC-Based WIM Implementation Options with Respect to SIM <ul><li>WIM provided as original size ICC. </li></ul><ul><li>Integrated via external reader. </li></ul><ul><li>Phone provides telephony services. </li></ul>SIM plus WIM via external reader SIM plus WIM via internal secondary reader (‘dual-slot’) <ul><li>WIM provided as original size ICC (independent from SIM). </li></ul><ul><li>Integrated via internal reader. </li></ul>Integrated SIM/WIM card <ul><li>WIM application piggybacked on SIM cards. </li></ul><ul><li>Also known as SWIM card. </li></ul>SIM plus WIM via internal secondary reader (‘dual-chip’) <ul><li>WIM provided upon third party chip (independent from SIM). </li></ul><ul><li>Integrated via internal reader. </li></ul>
  15. 15. Since WAP 2.0 WPKI and WAPCert <ul><li>WPKI is a PKI specification for mobile environments. </li></ul><ul><li>It describes the establishment and maintenance of authentic bindings between entity identifiers and public keys. </li></ul><ul><li>Several PKI-related specifications currently exist: </li></ul><ul><ul><li>WTLS certificate Part of the WTLS specifications. Provides a simple, non-ASN.1 certificate format in an ad-hoc encoding. </li></ul></ul><ul><ul><li>WAPCert : ‘WAP Certificate and CRL Profile’ Provides a compact certificate profile on base of X.509-PKIX. </li></ul></ul><ul><ul><li>WPKI : ‘WAP PKI Definition’ Provides the framework for WPKI by defining the PKI model and operations. Supports WTLS, X.509-WAPCert, and X.509-PKIX certificates. </li></ul></ul><ul><li>Entity and message authentication services at transport-layer (e.g. WTLS) and application-layer (e.g. WMLSCrypt signText ) are the current WPKI applications. </li></ul>
  16. 16. Since WAP 2.0 TLS - Transport Layer Security <ul><li>The TLS protocol (RFC 2246) is the successor of SSLv3.0. </li></ul><ul><li>SSL/TLS are security protocols to provide secure communications between arbitrary client/server applications over reliable transports. </li></ul><ul><li>SSL/TLS offer communication-bound security services: </li></ul><ul><ul><li>mutual entity authentication </li></ul></ul><ul><ul><li>transient message confidentiality </li></ul></ul><ul><ul><li>transient message integrity and authentication </li></ul></ul><ul><li>WAP 2.0 adopts TLS as security protocol and supports the tunneling of SSL/TLS sessions through WAP proxies by means of the HTTP CONNECT primitive. </li></ul>Bearer Security Layer (SSL/TLS) Application Layer (e.g. HTTP) Network Layer (IP) Internet stack Transport Layer (TCP)
  17. 17. Future WAP Security Features Under Construction <ul><li>Following enhancements are currently being considered in the WAP Forum: </li></ul><ul><li>Communication-bound security </li></ul><ul><ul><li>TLS extensions: enhancements to support wireless environments were proposed to the IETF. </li></ul></ul><ul><li>Information-bound security </li></ul><ul><ul><li>Signature: SCONT generalizes the data types of signed contents. </li></ul></ul><ul><ul><li>Encryption: additional functions encrypt / encryptText ; encapsulation format WapEnvelopedData can be converted into CMS EnvelopedData . </li></ul></ul><ul><ul><li>XML Security: adoption of XMLDSig/XMLEnc is a matter of discussion. </li></ul></ul><ul><li>Security token </li></ul><ul><ul><li>WIM enhancements to support on-board key generation. </li></ul></ul><ul><ul><li>WIM enhancements to support 3GPP-USIM and SCP. </li></ul></ul><ul><li>Public key infrastructure </li></ul><ul><ul><li>Certificate revocation support: e.g. piggybacking OCSP responses. </li></ul></ul><ul><ul><li>WPKI roadmap with respect to XKMS: XKMS would facilitate the PKI integration of mobile clients by offloading certificate handling to XKMS servers but requires XMLDSig support (cf. above). </li></ul></ul>
  18. 18. A Vision PTDs - Personal Trusted Devices <ul><li>Are mobile communication devices that are capable of securely storing personal credentials (e.g. private keys) and performing operations with them. </li></ul><ul><li>Intend to serve as ubiquitous personal authentication devices. </li></ul><ul><li>Nearby IT-systems (e.g. PCs) may request PTD authentication services by means of wireless ad-hoc networking (e.g. Bluetooth). </li></ul><ul><li>Represent a new paradigm for ICC employment: PTDs are for instance capable to obviate the need for PC-based smart card readers. </li></ul><ul><li>The idea of PTDs is being developed by the MeT initiative on base of WIM and WPKI technologies. </li></ul>
  19. 19. Contents <ul><li>Introduction </li></ul><ul><li>WAP Security Technologies </li></ul><ul><li>IT-Strategy Impact </li></ul><ul><li>Conclusions </li></ul>
  20. 20. IT-Strategy Challenges <ul><li>Concern I: WAP 1  2 migration </li></ul><ul><ul><li>General issues: </li></ul></ul><ul><ul><ul><li>WAP gateways become optional with WAP generation 2. </li></ul></ul></ul><ul><ul><ul><li>XHTML becomes the basis for contents. </li></ul></ul></ul><ul><ul><li>Security specific: To a large extent, WAP security resembles Web security approaches. But WAP generation 1 defines own formats, protocols, and procedures that deviate from classical Web security technologies. WAP 2.0 initiates alignments towards Web security technologies by introducing TLS support. Further alignments are pending. </li></ul></ul><ul><li>Concern II: issues beyond WAP 1  2 migration Multi-tiered service architectures serve the same business processes via different means of service provisioning such as Web and WAP. Should the security architecture complexity correlate with </li></ul><ul><ul><li>the complexity of the provided business processes or </li></ul></ul><ul><ul><li>the complexity of the service provisioning means? </li></ul></ul>
  21. 21. Application Technologies WAP Security Integration 1 <ul><li>WAP generation 1: </li></ul><ul><ul><li>Communication-bound security WTLS terminates at the WAP gateway; no straight impact on Web servers and E-/M-Business services provided through them. </li></ul></ul><ul><ul><li>Information-bound security WMLSCrypt SignedContent can be converted into PKCS#7 SignedData . User agent recognition and depending object construction and handling required. </li></ul></ul><ul><li>WAP generation 2: </li></ul><ul><ul><li>Communication-bound security Web servers serving XHTML-based data via HTTP over SSL/TLS are sufficient. </li></ul></ul><ul><ul><li>Information-bound security As above. </li></ul></ul>
  22. 22. Infrastructure Technologies WAP Security Integration 2 <ul><li>As of today, private key operations upon user agents are no common practice. This concerns Web as well as WAP-based user agents. </li></ul><ul><li>Obviously, the IT-strategy of E-/M-Businesses is significantly impacted by the advent of client-specific entity and message authentication services. </li></ul><ul><li>Separate security infrastructures (i.e. PKI and security tokens) for Web and WAP will increase costs and reduce the economies-of-scale base. </li></ul><ul><li>An appropriate solution design is required to avoid investments in separate security infrastructures when providing services via Web and WAP. Basic observations regarding its viability: </li></ul><ul><ul><li>WIMs may be integrated with non-WAP applications. </li></ul></ul><ul><ul><li>WPKI requirements may largely be accommodated at PKI border. </li></ul></ul>
  23. 23. Contents <ul><li>Introduction </li></ul><ul><li>WAP Security Technologies </li></ul><ul><li>IT-Strategy Impact </li></ul><ul><li>Conclusions </li></ul>
  24. 24. Conclusions <ul><li>To be able to support M-Commerce and M-Business services, IT-security has been an issue of WAP development right from the start of this effort. </li></ul><ul><li>WAP security is based on asymmetric cryptography and comprises application as well as infrastructure technologies. </li></ul><ul><li>WAP security technologies evolved over several specification releases. As of today, technology development is ongoing (e.g. certificate revocation). </li></ul><ul><li>WAP security technologies are continuing to be an issue of migration with Internet and WWW technologies: </li></ul><ul><ul><li>Communication-bound security : currently being migrated to TLS. </li></ul></ul><ul><ul><li>Information-bound security : may converge with XML security in future. </li></ul></ul><ul><ul><li>Security token : WIM is going to be a foundation for PTDs. </li></ul></ul><ul><ul><li>Public key infrastructure : may migrate towards XKMS on the long run. </li></ul></ul><ul><li>Enterprises with multi-channel business provisioning strategies should harmonize WAP-based security architectures for M-Business and Web-based security architectures for E-Business to protect their investments by future-proof architectures. </li></ul>
  25. 25. Abbreviations 3GPP Third-Generation Partner Project AID Application ID ASN Abstract Syntax Notation CDMA Code Division Multiple Access cHTML compact HTML CMS Cryptographic Message Syntax DF Dedicated File DMZ De-Militarized Zone E2E End-to-End EF Elementary File GPRS General Packet Radio Service GSM Global System for Mobile Communications HTML HyperText Markup Language HTTP HyperText Transfer Protocol HTTP* Wireless profiled HTTP(interoperable with HTTP) https HTTP over SSL/TLS ICC Integrated Circuits Card ID Identifier IETF Internet Engineering Task Force IP Internet Protocol ISO International Standards Organization IT Information Technology MeT Mobile electronic Transactions MF Master File NTT Nippon Telegraph and Telephone OCSP Online Certificate Status Protocol PDA Personal Digital Assistant PKCS Public Key Cryptography Standards PKI Public Key Infrastructure PKIX PKI-X.509 PSTN Public Switched Telephone Network PTD Personal Trusted Device RFC Request For Comment SCONT Signed Content SCP Smart Card Platform SIM Subscriber Identity Module SSL Secure Sockets Layer TCP Transmission Control Protocol TCP* Wireless profiled TCP(interoperable with TCP) TDMA Time Division Multiple Access TLS Transport Layer Security UMTS Universal Mobile Telecommunications System USIM Universal SIM W3C World Wide Web Consortium WAP Wireless Application Protocol WAP-NG WAP Next Generation WBXML Wireless Binary XML WDP Wireless Datagram Protocol WIM Wireless Identity Module WML Wireless Markup Language WMLScript WML Script WPKI Wireless PKI WSP Wireless Session Protocol WTLS Wireless TLS WTP Wireless Transaction Protocol WWW World Wide Web XHTML eXtensible HTML XKMS XML Key Management Specification XML eXtensible Markup Language XMLDSig XML Digital Signatures XMLEnc XML Encryption
  26. 26. References and Further Reading <ul><li>Cryptography : Menezes, A.J.; van Oorschot, P.C.; Vanstone, S.A.: Handbook of Applied Cryptography. CRC Press 1997 </li></ul><ul><li>MeT (personal trusted devices): http://www.mobiletransaction.org </li></ul><ul><li>NTT DoCoMo (iMode): http://www.nttdocomo.com </li></ul><ul><li>PKI : Adams, C.; Lloyd, S.: Understanding Public-Key Infrastructure. MacMillan Technical Publishing 1999 </li></ul><ul><li>Secure E-Commerce : </li></ul><ul><ul><li>Handbook: Ford, W.; Baum, M.S.: Secure Electronic Commerce (Second Edition). Prentice Hall 2001 </li></ul></ul><ul><ul><li>Radicchio (secure wireless e-commerce): http://www.radicchio.org </li></ul></ul><ul><li>WAP and WAP security : http://www.wapforum.org </li></ul><ul><li>XML security : </li></ul><ul><ul><li>XMLDSig: http://www.w3.org/Signature </li></ul></ul><ul><ul><li>XMLEnc: http://www.w3.org/Encryption </li></ul></ul><ul><ul><li>XML key and trust management: http://www.w3.org/2001/XKMS </li></ul></ul>
  27. 27. Author Information Dr. Oliver Pfaff Siemens AG Information and Communication Networks Charles-De-Gaulle-Str. 2 D-81730 Munich E-Mail: oliver.pfaff@icn.siemens.de Telephone: +49.89.722.53227 Mobile: +49.172.8250805

×