SlideShare a Scribd company logo

Mc

Download as PPTX, PDF
A
Ankit Anand

wap

Education
1 of 9
MOBILE COMPUTING BY, KRISHNAVENI P GANGADHARAN ROLL NO:40 IT B
WAP SECURITY  Wireless Application Protocol(WAP)  WAP is a specification for a set of communication protocols to standardize the way that wireless devices, such as cellular telephones and radio transceivers, can be used for Internet access, including e-mail, the World Wide Web, newsgroups, and instant messaging. While Internet access has been possible in the past, different manufacturers have used different technologies. In the future, devices and service systems that use WAP will be able to interoperate.   The WAP layers are:  1) 1. Wireless Transport Layer Security (WTLS) 2) 2. Wireless Transport Layer (WTP) 3) 3. Wireless Session Layer (WSL) 4) 4. Wireless Application Environment (WAE) 
 WAP Architecture 
 Transport-level security. This aspect deals with the communication between the client applications and the enterprise servers. This involves two protocols: WTLS is used over the air, while SSL or TLS is used over the wire. This change in protocols is the basis of the major WAP security problem.   Application-level security. This aspect deals with the security of the client application. This involves digital signatures and encryption.
 Transport Level security  Transport-level security, also known as channel security, deals with the point-to-point communication between a wireless client and the enterprise data source. This involves communication over both wireless and wireline channels.   With WAP, data is encrypted during over-the-air transport using Wireless Transport Layer Security (WTLS) protocol, and over- the-wire transport using Internet security protocols such as SSL and TLS.   This creates major security issue on WAP
 Wireless Transport Layer Security (WTLS) protocol was developed to address the unique characteristics of wireless networks, namely low bandwidth and high latency. It is a variation of the Transport Layer Security (TLS) protocol, which is the IETF standard for security on Internet. Unfortunately, TLS cannot be used directly because it is not efficient enough for a wireless environment. WTLS improved on the efficiency of the protocol while adding new capabilities aimed at wireless users.  WTLS also introduced three levels of authentication between the client and the gateway. They are listed in ascending order: Class I WTLS:Anonymous interactions between the client and WAP gateway; no authentication takes place. Class II WTLS:The server authenticates itself to the client using WTLS certificates. Class III WTLS:Both the client and the WAP gateway authenticate to each other. This is the form of authentication used with smartcards. GSM Subscriber Identity Modules (SIM), for example, can store authentication details on the device for two-way authentication. WTLS
WAP GAP  Unfortunately, at the same time WTLS improved on TLS for wireless communication, it also caused a major problem: Now that both TLS and WTLS are required within the WAP architecture, there is a point at which a translation between the two protocols occurs. It is from this point, not from the WTLS protocol itself, that the security issues arise. The translation occurs on the WAP gateway: From the client device to the WAP gateway, WTLS is used; from the gateway to the enterprise server, TLS is used. At this point, the WTLS content is decrypted and then re-encrypted using TLS. The content exists as plaintext while this transfer takes place, creating the so-called WAP gap.  There are two options for alleviating the WAP gap: 1. Accept that the gateway is a vulnerable point and make every effort to protect it using firewalls, monitoring equipment, and a stringent security policy. 2. Move the WAP gateway within your corporate firewall and manage it yourself.
Application Level security  With so much attention given to the WAP gap and transport-level security, developers often forget about application-level security altogether. Application-level security is important for two main reasons: (1) when security is required past the endpoints of transport- level security, and (2) when presentation content needs to be accessed but enterprise data does not. This can happen during transcoding, that is, when another markup language (often HTML) is being transformed into WML.  1. The first scenario can be addressed using the techniques provided in the WML specification. In general, the default settings are set to the highest security.  2. The second scenario can be addressed using WMLScript and the Crypto API. Using this signText function in the API, digital signatures can be created, opening the door for wireless PKI to manage and issue public key certificates. This technology allows for end-to-end encryption between the content provider (usually the enterprise) and the client.
THANK YOU

Recommended

Identifying How WAP Can Be Used For Secure mBusiness
Identifying How WAP Can Be Used For Secure mBusinessIdentifying How WAP Can Be Used For Secure mBusiness
Identifying How WAP Can Be Used For Secure mBusinessOliver Pfaff
 
Vpn(virtual private network)
Vpn(virtual private network)Vpn(virtual private network)
Vpn(virtual private network)sonangrai
 
VPN, Its Types,VPN Protocols,Configuration and Benefits
VPN, Its Types,VPN Protocols,Configuration and BenefitsVPN, Its Types,VPN Protocols,Configuration and Benefits
VPN, Its Types,VPN Protocols,Configuration and Benefitsqaisar17
 
Firewall and It's Types
Firewall and It's TypesFirewall and It's Types
Firewall and It's TypesHem Pokhrel
 
Gateway and firewall
Gateway and firewallGateway and firewall
Gateway and firewallvinayh.vaghamshi _
 
Vpn presentation
Vpn presentationVpn presentation
Vpn presentationstolentears
 
Firewall and its Types
Firewall and its TypesFirewall and its Types
Firewall and its Typescrisma baby mathew
 
Virtual Private Network VPN
Virtual Private Network VPNVirtual Private Network VPN
Virtual Private Network VPNFarah M. Altufaili
 

Recommended

Identifying How WAP Can Be Used For Secure mBusiness
Identifying How WAP Can Be Used For Secure mBusinessIdentifying How WAP Can Be Used For Secure mBusiness
Identifying How WAP Can Be Used For Secure mBusinessOliver Pfaff
 
Vpn(virtual private network)
Vpn(virtual private network)Vpn(virtual private network)
Vpn(virtual private network)sonangrai
 
VPN, Its Types,VPN Protocols,Configuration and Benefits
VPN, Its Types,VPN Protocols,Configuration and BenefitsVPN, Its Types,VPN Protocols,Configuration and Benefits
VPN, Its Types,VPN Protocols,Configuration and Benefitsqaisar17
 
Firewall and It's Types
Firewall and It's TypesFirewall and It's Types
Firewall and It's TypesHem Pokhrel
 
Gateway and firewall
Gateway and firewallGateway and firewall
Gateway and firewallvinayh.vaghamshi _
 
Vpn presentation
Vpn presentationVpn presentation
Vpn presentationstolentears
 
Firewall and its Types
Firewall and its TypesFirewall and its Types
Firewall and its Typescrisma baby mathew
 
Virtual Private Network VPN
Virtual Private Network VPNVirtual Private Network VPN
Virtual Private Network VPNFarah M. Altufaili
 
Types of firewall
Types of firewallTypes of firewall
Types of firewallPina Parmar
 
Virtual private network
Virtual private networkVirtual private network
Virtual private networkSowmia Sathyan
 
WLAN:VPN Security
WLAN:VPN SecurityWLAN:VPN Security
WLAN:VPN Security@zenafaris91
 
Virtual private network feature and benefits
Virtual private network feature and benefitsVirtual private network feature and benefits
Virtual private network feature and benefitsAnthony Daniel
 
Presentation vpn
Presentation vpnPresentation vpn
Presentation vpnAreeba Gill
 
VPN
VPNVPN
VPNShiraz316
 
Come ti "pusho" il web con WebSockets: da 0 a SignalR
Come ti "pusho" il web con WebSockets: da 0 a SignalR Come ti "pusho" il web con WebSockets: da 0 a SignalR
Come ti "pusho" il web con WebSockets: da 0 a SignalR Alessandro Melchiori
 
Virtual Private Network
Virtual Private NetworkVirtual Private Network
Virtual Private NetworkRajendra Dangwal
 
The vpn
The vpnThe vpn
The vpnAbhinav Dwivedi
 
Types Of Firewall Security
Types Of Firewall SecurityTypes Of Firewall Security
Types Of Firewall Securityiberrywifisecurity
 
Firewall & types of Firewall
Firewall & types of Firewall Firewall & types of Firewall
Firewall & types of Firewall BharathiKrishna6
 
Virtual Private Networks (VPN) ppt
Virtual Private Networks (VPN) pptVirtual Private Networks (VPN) ppt
Virtual Private Networks (VPN) pptOECLIB Odisha Electronics Control Library
 
Firewall and Types of firewall
Firewall and Types of firewallFirewall and Types of firewall
Firewall and Types of firewallCoder Tech
 
Virtual Private Network(VPN)
Virtual Private Network(VPN)Virtual Private Network(VPN)
Virtual Private Network(VPN)Abrish06
 
Vp npresentation 2
Vp npresentation 2Vp npresentation 2
Vp npresentation 2Swarup Kumar Mall
 
A Review on security issues in WiMAX
A Review on security issues in WiMAXA Review on security issues in WiMAX
A Review on security issues in WiMAXEditor IJMTER
 
Firewalls
FirewallsFirewalls
FirewallsMunesh Kumar
 
Firewall in Network Security
Firewall in Network SecurityFirewall in Network Security
Firewall in Network Securitylalithambiga kamaraj
 
Report File On Virtual Private Network(VPN)
Report File On Virtual Private Network(VPN)Report File On Virtual Private Network(VPN)
Report File On Virtual Private Network(VPN)Rajendra Dangwal
 
Ch20 book
Ch20 bookCh20 book
Ch20 bookamitnitttr
 
Posting 1 Reply Required What concerns should be underst.docx
Posting 1 Reply Required What concerns should be underst.docxPosting 1 Reply Required What concerns should be underst.docx
Posting 1 Reply Required What concerns should be underst.docxharrisonhoward80223
 
Wireless Application Protocol ppt
Wireless Application Protocol pptWireless Application Protocol ppt
Wireless Application Protocol pptgo2project
 

More Related Content

What's hot

Types of firewall
Types of firewallTypes of firewall
Types of firewallPina Parmar
 
Virtual private network
Virtual private networkVirtual private network
Virtual private networkSowmia Sathyan
 
Virtual private network feature and benefits
Virtual private network feature and benefitsVirtual private network feature and benefits
Virtual private network feature and benefitsAnthony Daniel
 
Presentation vpn
Presentation vpnPresentation vpn
Presentation vpnAreeba Gill
 
Come ti "pusho" il web con WebSockets: da 0 a SignalR
Come ti "pusho" il web con WebSockets: da 0 a SignalR Come ti "pusho" il web con WebSockets: da 0 a SignalR
Come ti "pusho" il web con WebSockets: da 0 a SignalR Alessandro Melchiori
 
Firewall & types of Firewall
Firewall & types of Firewall Firewall & types of Firewall
Firewall & types of Firewall BharathiKrishna6
 
Firewall and Types of firewall
Firewall and Types of firewallFirewall and Types of firewall
Firewall and Types of firewallCoder Tech
 
Virtual Private Network(VPN)
Virtual Private Network(VPN)Virtual Private Network(VPN)
Virtual Private Network(VPN)Abrish06
 
A Review on security issues in WiMAX
A Review on security issues in WiMAXA Review on security issues in WiMAX
A Review on security issues in WiMAXEditor IJMTER
 
Report File On Virtual Private Network(VPN)
Report File On Virtual Private Network(VPN)Report File On Virtual Private Network(VPN)
Report File On Virtual Private Network(VPN)Rajendra Dangwal
 

What's hot (20)

Types of firewall
Types of firewallTypes of firewall
Types of firewall
 
Virtual private network
Virtual private networkVirtual private network
Virtual private network
 
WLAN:VPN Security
WLAN:VPN SecurityWLAN:VPN Security
WLAN:VPN Security
 
Virtual private network feature and benefits
Virtual private network feature and benefitsVirtual private network feature and benefits
Virtual private network feature and benefits
 
Presentation vpn
Presentation vpnPresentation vpn
Presentation vpn
 
VPN
VPNVPN
VPN
 
Come ti "pusho" il web con WebSockets: da 0 a SignalR
Come ti "pusho" il web con WebSockets: da 0 a SignalR Come ti "pusho" il web con WebSockets: da 0 a SignalR
Come ti "pusho" il web con WebSockets: da 0 a SignalR
 
Virtual Private Network
Virtual Private NetworkVirtual Private Network
Virtual Private Network
 
The vpn
The vpnThe vpn
The vpn
 
Types Of Firewall Security
Types Of Firewall SecurityTypes Of Firewall Security
Types Of Firewall Security
 
Firewall & types of Firewall
Firewall & types of Firewall Firewall & types of Firewall
Firewall & types of Firewall
 
Virtual Private Networks (VPN) ppt
Virtual Private Networks (VPN) pptVirtual Private Networks (VPN) ppt
Virtual Private Networks (VPN) ppt
 
Firewall and Types of firewall
Firewall and Types of firewallFirewall and Types of firewall
Firewall and Types of firewall
 
Virtual Private Network(VPN)
Virtual Private Network(VPN)Virtual Private Network(VPN)
Virtual Private Network(VPN)
 
Vp npresentation 2
Vp npresentation 2Vp npresentation 2
Vp npresentation 2
 
A Review on security issues in WiMAX
A Review on security issues in WiMAXA Review on security issues in WiMAX
A Review on security issues in WiMAX
 
Firewalls
FirewallsFirewalls
Firewalls
 
Firewall in Network Security
Firewall in Network SecurityFirewall in Network Security
Firewall in Network Security
 
Report File On Virtual Private Network(VPN)
Report File On Virtual Private Network(VPN)Report File On Virtual Private Network(VPN)
Report File On Virtual Private Network(VPN)
 
Ch20 book
Ch20 bookCh20 book
Ch20 book
 

Similar to Mc

Posting 1 Reply Required What concerns should be underst.docx
Posting 1 Reply Required What concerns should be underst.docxPosting 1 Reply Required What concerns should be underst.docx
Posting 1 Reply Required What concerns should be underst.docxharrisonhoward80223
 
Wireless Application Protocol ppt
Wireless Application Protocol pptWireless Application Protocol ppt
Wireless Application Protocol pptgo2project
 
112321 112333 wirless application protocol
112321 112333 wirless application protocol112321 112333 wirless application protocol
112321 112333 wirless application protocolJAINIK PATEL
 
Wireless application protocol
Wireless application protocolWireless application protocol
Wireless application protocolgit tech
 
Wireless application prorocol
Wireless application prorocolWireless application prorocol
Wireless application prorocol9535814851
 
Wireless application protocol
Wireless application protocolWireless application protocol
Wireless application protocolPrachi Sasankar
 
Wap architecture and wml script
Wap architecture and wml scriptWap architecture and wml script
Wap architecture and wml scriptishmecse13
 
Wireless application protocol
Wireless application protocolWireless application protocol
Wireless application protocolSrideviHV
 
WAP- Wireless Application Protocol
WAP- Wireless Application ProtocolWAP- Wireless Application Protocol
WAP- Wireless Application ProtocolSenthil Kanth
 

Similar to Mc (20)

Posting 1 Reply Required What concerns should be underst.docx
Posting 1 Reply Required What concerns should be underst.docxPosting 1 Reply Required What concerns should be underst.docx
Posting 1 Reply Required What concerns should be underst.docx
 
Wireless Application Protocol ppt
Wireless Application Protocol pptWireless Application Protocol ppt
Wireless Application Protocol ppt
 
112321 112333 wirless application protocol
112321 112333 wirless application protocol112321 112333 wirless application protocol
112321 112333 wirless application protocol
 
Wireless application protocol
Wireless application protocolWireless application protocol
Wireless application protocol
 
WAP
WAPWAP
WAP
 
Mcpp113,16,33,41
Mcpp113,16,33,41Mcpp113,16,33,41
Mcpp113,16,33,41
 
Wap model
Wap modelWap model
Wap model
 
Wirelss LAN
Wirelss LANWirelss LAN
Wirelss LAN
 
Wireless application prorocol
Wireless application prorocolWireless application prorocol
Wireless application prorocol
 
Wireless application protocol
Wireless application protocolWireless application protocol
Wireless application protocol
 
Wap architecture and wml script
Wap architecture and wml scriptWap architecture and wml script
Wap architecture and wml script
 
Wap
WapWap
Wap
 
Unit 6
Unit 6Unit 6
Unit 6
 
It2402 mobile communication unit5
It2402 mobile communication unit5It2402 mobile communication unit5
It2402 mobile communication unit5
 
Wireless application protocol
Wireless application protocolWireless application protocol
Wireless application protocol
 
WAP- Wireless Application Protocol
WAP- Wireless Application ProtocolWAP- Wireless Application Protocol
WAP- Wireless Application Protocol
 
Wap ppt
Wap pptWap ppt
Wap ppt
 
Wap ppt
Wap pptWap ppt
Wap ppt
 
wireless mobile
wireless mobilewireless mobile
wireless mobile
 
Introduction to WAP
Introduction to WAPIntroduction to WAP
Introduction to WAP
 

More from Ankit Anand

Voice oriented data communication
Voice oriented data communicationVoice oriented data communication
Voice oriented data communicationAnkit Anand
 
Wireless gateways and mobile appl. servers
Wireless gateways and mobile appl. serversWireless gateways and mobile appl. servers
Wireless gateways and mobile appl. serversAnkit Anand
 
Internet protocol security
Internet protocol securityInternet protocol security
Internet protocol securityAnkit Anand
 
Wireless lan security
Wireless lan securityWireless lan security
Wireless lan securityAnkit Anand
 
Middleware final
Middleware finalMiddleware final
Middleware finalAnkit Anand
 
Enhanced data gsm environment
Enhanced data gsm environmentEnhanced data gsm environment
Enhanced data gsm environmentAnkit Anand
 
10 mobile agents
10 mobile agents10 mobile agents
10 mobile agentsAnkit Anand
 

More from Ankit Anand (20)

Voice oriented data communication
Voice oriented data communicationVoice oriented data communication
Voice oriented data communication
 
Wireless gateways and mobile appl. servers
Wireless gateways and mobile appl. serversWireless gateways and mobile appl. servers
Wireless gateways and mobile appl. servers
 
Internet protocol security
Internet protocol securityInternet protocol security
Internet protocol security
 
Wireless lan security
Wireless lan securityWireless lan security
Wireless lan security
 
Wtls
WtlsWtls
Wtls
 
Wap wml-6
Wap wml-6Wap wml-6
Wap wml-6
 
Data (1)
Data (1)Data (1)
Data (1)
 
Mc seminar
Mc seminarMc seminar
Mc seminar
 
Mcseminar
McseminarMcseminar
Mcseminar
 
Middleware final
Middleware finalMiddleware final
Middleware final
 
Web services
Web servicesWeb services
Web services
 
Wap wml
Wap wmlWap wml
Wap wml
 
Vpn 3
Vpn 3Vpn 3
Vpn 3
 
Vpn
VpnVpn
Vpn
 
Enhanced data gsm environment
Enhanced data gsm environmentEnhanced data gsm environment
Enhanced data gsm environment
 
Seminar gprs
Seminar gprsSeminar gprs
Seminar gprs
 
Seminar mc palm
Seminar mc palmSeminar mc palm
Seminar mc palm
 
Guided media
Guided mediaGuided media
Guided media
 
12 mobile os
12 mobile os12 mobile os
12 mobile os
 
10 mobile agents
10 mobile agents10 mobile agents
10 mobile agents
 

Recently uploaded

Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxRoyAbrique
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxmanuelaromero2013
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxpboyjonauth
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdfssuser54595a
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactdawncurless
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
MENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxMENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxPoojaSen20
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformChameera Dedduwage
 
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17Celine George
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Krashi Coaching
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxVS Mahajan Coaching Centre
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Celine George
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 

Recently uploaded (20)

Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptx
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
MENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxMENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docx
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy Reform
 
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
 
Staff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSDStaff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSD
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 

Mc

  • 1. MOBILE COMPUTING BY, KRISHNAVENI P GANGADHARAN ROLL NO:40 IT B
  • 2. WAP SECURITY  Wireless Application Protocol(WAP)  WAP is a specification for a set of communication protocols to standardize the way that wireless devices, such as cellular telephones and radio transceivers, can be used for Internet access, including e-mail, the World Wide Web, newsgroups, and instant messaging. While Internet access has been possible in the past, different manufacturers have used different technologies. In the future, devices and service systems that use WAP will be able to interoperate.   The WAP layers are:  1) 1. Wireless Transport Layer Security (WTLS) 2) 2. Wireless Transport Layer (WTP) 3) 3. Wireless Session Layer (WSL) 4) 4. Wireless Application Environment (WAE) 
  • 4.  Transport-level security. This aspect deals with the communication between the client applications and the enterprise servers. This involves two protocols: WTLS is used over the air, while SSL or TLS is used over the wire. This change in protocols is the basis of the major WAP security problem.   Application-level security. This aspect deals with the security of the client application. This involves digital signatures and encryption.
  • 5.  Transport Level security  Transport-level security, also known as channel security, deals with the point-to-point communication between a wireless client and the enterprise data source. This involves communication over both wireless and wireline channels.   With WAP, data is encrypted during over-the-air transport using Wireless Transport Layer Security (WTLS) protocol, and over- the-wire transport using Internet security protocols such as SSL and TLS.   This creates major security issue on WAP
  • 6.  Wireless Transport Layer Security (WTLS) protocol was developed to address the unique characteristics of wireless networks, namely low bandwidth and high latency. It is a variation of the Transport Layer Security (TLS) protocol, which is the IETF standard for security on Internet. Unfortunately, TLS cannot be used directly because it is not efficient enough for a wireless environment. WTLS improved on the efficiency of the protocol while adding new capabilities aimed at wireless users.  WTLS also introduced three levels of authentication between the client and the gateway. They are listed in ascending order: Class I WTLS:Anonymous interactions between the client and WAP gateway; no authentication takes place. Class II WTLS:The server authenticates itself to the client using WTLS certificates. Class III WTLS:Both the client and the WAP gateway authenticate to each other. This is the form of authentication used with smartcards. GSM Subscriber Identity Modules (SIM), for example, can store authentication details on the device for two-way authentication. WTLS
  • 7. WAP GAP  Unfortunately, at the same time WTLS improved on TLS for wireless communication, it also caused a major problem: Now that both TLS and WTLS are required within the WAP architecture, there is a point at which a translation between the two protocols occurs. It is from this point, not from the WTLS protocol itself, that the security issues arise. The translation occurs on the WAP gateway: From the client device to the WAP gateway, WTLS is used; from the gateway to the enterprise server, TLS is used. At this point, the WTLS content is decrypted and then re-encrypted using TLS. The content exists as plaintext while this transfer takes place, creating the so-called WAP gap.  There are two options for alleviating the WAP gap: 1. Accept that the gateway is a vulnerable point and make every effort to protect it using firewalls, monitoring equipment, and a stringent security policy. 2. Move the WAP gateway within your corporate firewall and manage it yourself.
  • 8. Application Level security  With so much attention given to the WAP gap and transport-level security, developers often forget about application-level security altogether. Application-level security is important for two main reasons: (1) when security is required past the endpoints of transport- level security, and (2) when presentation content needs to be accessed but enterprise data does not. This can happen during transcoding, that is, when another markup language (often HTML) is being transformed into WML.  1. The first scenario can be addressed using the techniques provided in the WML specification. In general, the default settings are set to the highest security.  2. The second scenario can be addressed using WMLScript and the Crypto API. Using this signText function in the API, digital signatures can be created, opening the door for wireless PKI to manage and issue public key certificates. This technology allows for end-to-end encryption between the content provider (usually the enterprise) and the client.