Study On Double Encrypt Security Model Of Mobile Commerce Based On The WAP. presented by Abebe Tora and Sisay Tekile.
graduate student @ wolaita sodo university. 2024
Study On Double Encrypt Security Model Of Mobile Commerce Based On The WAP.
1. WOLAITA SODO UNIVERSITY
SHOOL OF INFORMATICS
DEPARTMENT OF INFORMATION TECHNOLOGY
MSC-INFORMATION TECHNOLOGY REGULAR
Article Review On:- Study On Double Encrypt Security
Model Of Mobile Commerce Based On The WAP.
Authors:- Yan Li, Fenfen Wan, and Xiaoqiang Hu,
Group Members ID-NO
1. Sisay Tekle Pgr/82841/15
2. Abebe Tora Pgr/82835/15
3. Tseganesh Firewu Pgr/62941/14
Submitted To: - Temesgen Mengistu (Asst. Prof. In IT)
Sub. Date: - December 19/2023
2. 2
Introduction
ā¢ The study explores the security model for mobile commerce
using the Wireless Application Protocol (WAP).
ā¢ It addresses security challenges and proposes a double encryption
model to improve end-to-end security.
ā¢ The article explores two approaches: self-provided WAP
gateway solutions and gateway navigation type solutions,
emphasizing the importance of security for m-commerce success.
ā¢ The authors propose a double encryption security model using
Wireless TLS (WAP) for end-to-end security in m-commerce.
3. 3
Cont.,ā¦
ā¢ They highlight security weaknesses in existing WAP deployments,
particularly in communication between WAP gateway and
content providers.
ā¢ The WAP architecture includes mobile devices, gateways, and
content servers.
ā¢ The study highlights limitations of current methods and
emphasizes long-term development and user convenience, but
could benefit from more detailed implementation and evaluation
of the proposed security model. 3
4. 4
Significance of the Article
ā¢ The article addresses an important issue in the field of mobile
commerce, namely the security challenges associated with
wireless communication networks.
ā¢ By means of the increasing popularity of m-commerce and the
reliance on mobile devices for conducting business
transactions, ensuring the security of these transactions
becomes crucial.
ā¢ The article aims to propose a solution to enhance the security
of m-commerce based on the WAP protocol. 4
5. 5
Double Encrypt Security Model
ā¢ The article introduces the concept of a double encrypt security
model based on WAP.
ā¢ This model is designed to provide end-to-end security for m-
commerce transactions.
ā¢ By resources of utilizing the Wireless Transport Layer Security
(WTLS) protocol and encryption techniques, the proposed
model aims to protect data integrity, ensure data privacy, and
facilitate authentication between mobile devices and application
servers. 5
6. Cont.,ā¦
ā¢ First, some important confidential information are encrypted by Ke in
the application layer.
ā¢ Information reaches the WAP gateway, it decrypted by the WTLS of
Ke1.
ā¢ WAP gateway and content server use TLS to ensure secure connection.
At this time, the WAP gateway and content server share Ke2 and
encrypt again.
ā¢ After information arrives to the content server, it decrypted by Ke2.
7. 7
Analysis of Existing Approaches
ā¢ The article provides a critical analysis of existing approaches,
particularly focusing on content provider self-provided WAP
gateway solutions.
ā¢ By pointing out the limitations and drawbacks of these
approaches, such as the need for manual mobile phone settings
and potential user inconvenience, the authors highlight the
importance of considering long-term development and user
acceptance in implementing security solutions for m-
commerce. 7
8. WAPArchitecture & Security Construction
ā¢ The article explains the architecture of WAP, which comprises
mobile devices, WAP gateways, and content servers.
ā¢ It moreover discusses the security construction of WAP,
including the role of WTLS, WAP Identify Module, Wireless
Public Key Infrastructure (WPKI), and WML Script.
ā¢ This provides a comprehensive understanding of the
components and protocols involved in securing m-commerce
transactions.
10. Article Gaps and Future Directions
ā¢ Though the article presents a novel double encrypt security
model, it acknowledges the need for further research and
development in this area.
ā¢ The authors identify article gaps and suggest future directions,
such as evaluating the proposed model through practical
implementations and assessing its effectiveness in real-world m-
commerce scenarios.
11. 11
Article contributes to the existing body
ā¢ knowledge on mobile commerce security and proposes a viable
solution to enhance the security of m-commerce transactions.
ā¢ It provides insights into the challenges faced in securing
wireless communication networks and offers a comprehensive
analysis of existing approaches.
ā¢ The article opens avenues for further exploration and sets the
stage for future advancements in securing m-commerce based
on the WAP protocol.
11
12. Conclusion
ā¢ M-commerce is a rapidly growing e-commerce system that ensures
integrity, confidentiality, non-repudiation, and authentication of mobile
equipment and server information through multi-encrypted
transmission.
ā¢ The model necessitates an interactive process for establishing a secure
channel between mobile terminals and content servers, necessitating
faster encryption and decryption for practical application.
13. References
1. Qin Chengde, Wang Rulin. āMobile commerce,ā Beijing:
Posts & Telecom Press , 2010.03 -15.
2. Yang Qin. āMobile commerce: Theory and
Applications,ā Beijing: Tsinghua University Press , 2006.
123 -134.
3. Hu Junfeng, Li Liming. āThe Design and Analysis WAP
security model,ā Mechatronics, 2011, (2).
4. Shu Kai. āInformation security Research in M-
commerce,ā Information Technology & Standar dization,
2010, (8).
5. Cheng Yang. āStudy on security of m-commerce,ā
Shenyang Ligong University , 2008, 40-56.