WAP.

Slides:



Advertisements
Similar presentations
Wireless Markup Language
Advertisements

Mobile Communication MMS.
Mobile IP and Wireless Application Protocol
SESSION : Pltaforms for Mobile Applications
Cryptography and Network Security
Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.
 WAP WAP  Foundation Of WAP Foundation Of WAP  Benefits… Benefits…  Architecture… Architecture…  Layers of WAP protocol stack Layers of WAP protocol.
S3IWT02 24 May 2002 Dragomanov Andon :: Paunovski Ognen Introduction to Wireless Application Protocol (WAP) and WAP 2.O Standard Presented by Dragomanov.
Wireless Application Protocol and i-Mode By Sridevi Madduri Swetha Kucherlapati Sharrmila Jeyachandran.
Wireless Application Protocol Intro (Continued) WebTP Meeting H. Wilson So 28 Feb, 2000.
Wireless Application Protocol John Bollen MBA 651.
CM2502 E-Business Mobile Services. Desktop restrictions Mobile technologies Bluetooth WAP Summary.
WAP-Wireless application Protocol
Mobile IP and Wireless Application Protocol
WAP: Wireless Application Protocol Mike Mc Ardle ACSG April, 2005.
WAP Wireless Application Protocol CSI 668 Professor Meihua, Chen Presented by Min, Wu April 04,2001.
Chapter 8 Web Security.
Wireless Application Protocol (WAP) Reference: Chapter 12, section 2, Wireless Communications and Networks, by William Stallings, Prentice Hall.
Network and Internet Security
Wireless Application Protocol(WAP) Presented By: Swati Shukla.
CPET 565 Mobile Computing Systems Mobile Device Connectivity Protocols Lecture 14 Hongli Luo Indiana University-Purdue University Fort Wayne.
UNIT 4 MOBILE TCP/IP & WAP.
Presentation on Osi & TCP/IP MODEL
Lectured By: Vivek Dimri Assistant Professor, CSE Dept. SET, Sharda University, Gr. Noida.
Cosc 4765 SSL/TLS and VPN. SSL and TLS We can apply this generally, but also from a prospective of web services. Multi-layered: –S-http (secure http),
TECHNICAL SEMINAR Presented by :- Satya Prakash Pattnaik TECHNICAL SEMINAR By Satya Prakash Pattnaik EC Under the guidance of Mr.
Cryptography and Network Security (CS435) Part Fourteen (Web Security)
Web Security : Secure Socket Layer Secure Electronic Transaction.
WIRELESS APPLICATION PROTOCOL Definition It is universal, open standard developed by the WAP Forum to provide mobile users of wireless phones and other.
Internet Security. 2 PGP is a security technology which allows us to send that is authenticated and/or encrypted. Authentication confirms the identity.
1 Security Protocols in the Internet Source: Chapter 31 Data Communications & Networking Forouzan Third Edition.
Wireless Application Protocol “Wireless application protocol (WAP) is an application environment and set of communication protocols for wireless devices.
Wireless Application Protocol CSCI 465 Nathaniel Samson Alison White Steve MacNeil Michael Pyne James Snow.
IT 284 Unit 4 Seminar.
Components of the WAP Standard Layers of WAP divided into 3 groups Bearer Adaptation Hides the differences in the signaling and channel protocols used.
Overview of cellular system
WAP – Wireless Application Protocol RAJEEV GOPALAKRISHNA CS590F Fall 2000.
WAP Architecture Presented by, Nithya Inbamani. WAP Background Wireless Application Protocol – secure specification. Wireless Application Protocol – secure.
WWW Programming Model. WWW Model The Internet WWW architecture provides a flexible and powerful programming model. Applications and content are presented.
Wireless Application Protocol (WAP) William Thau CSC 8560 Dr. L. Cassel.
Lecture 7 (Chapter 17) Wireless Network Security Prepared by Dr. Lamiaa M. Elshenawy 1.
SSL: Secure Socket Layer By: Mike Weissert. Overview Definition History & Background SSL Assurances SSL Session Problems Attacks & Defenses.
PRESENTATION ON SECURE SOCKET LAYER (SSL) BY: ARZOO THAKUR M.E. C.S.E (REGULAR) BATCH
Wireless Network PMIT- By-
Network Infrastructure Services Supporting WAP Clients
Wireless Application Protocol (WAP)
GSM SECURITY AND ENCRYPTION
Cryptography and Network Security
Mobile IP and Wireless Application Protocol
Secure Sockets Layer (SSL)
MOBILE PAYMENT SYSTEM.
Mobile IP and Wireless Application Protocol
Telemedicine.
Visit for more Learning Resources
Understanding the OSI Reference Model
Originally by Yu Yang and Lilly Wang Modified by T. A. Yang
WAP Public Key Infrastructure
Mark A. Shaw CS 522 Project Presentation
Cryptography and Network Security
Cryptography and Network Security
SSL (Secure Socket Layer)
The Secure Sockets Layer (SSL) Protocol
TCP/IP Protocol Suite: Review
Wireless and Instant Messaging
Mobile Phone Technology
CSCI {4,6}900: Ubiquitous Computing
Unit 8 Network Security.
Electronic Payment Security Technologies
Cryptography and Network Security
Security in Wide Area Networks
Presentation transcript:

WAP

WAP is Communication protocol that enables wireless mobile devices to have an access to the Internet.

WAP gateway translates client request to server from WAP to HTTP and on way back from server to client, from HTTP to WAP. WAP request first originate from client mobile device, which travel to n/w carrier’s base station and from there, they are relayed to WAP gateway where conversion from WAP to HTTP takes place. WAP gateway interacts with WEB Server using HTTP protocol. WEB Server sends HTTP response to WAP gateway(gets converted to WAP response). Response goes to base station and from there on to mobile device.

Wireless Application Environment (WAE) The Wireless Application Environment (WAE) is a general-purpose application environment based on a combination of World Wide Web (WWW) and Mobile Telephony technologies. WAE includes a micro-browser environment containing the following functionality: Wireless Markup Language (WML) – a lightweight markup language, similar to HTML, but optimised for use in hand-held mobile terminals; · WMLScript – a lightweight scripting language, similar to JavaScript™; · Wireless Telephony Application (WTA, WTAI) – telephony services and programming interfaces; and · Content Formats – a set of well-defined data formats, including images, phone book records and calendar information

Wireless Session Protocol (WSP) The Wireless Session Protocol (WSP) provides the application layer of WAP with a consistent interface for two session services. The first is a connection-oriented service that operates above the transaction layer protocol WTP. The second is a connectionless service that operates above a secure or non-secure datagram service (WDP).

Long-lived session state, The Wireless Session Protocols currently consist of services suited for browsing applications (WSP/B) HTTP/1.1 functionality and semantics in a compact over-the-air encoding, Long-lived session state, Session suspend and resume with session migration, A common facility for reliable and unreliable data push, and Protocol feature negotiation.

Wireless Transaction Protocol (WTP) The Wireless Transaction Protocol (WTP) runs on top of a datagram service and provides as a light-weight transaction-oriented protocol that is suitable for implementation in “thin” clients (mobile stations). Three classes of transaction service: · Unreliable one-way requests, · Reliable one-way requests, and · Reliable two-way request-reply transactions; · Optional user-to-user reliability - WTP user triggers the confirmation of each received message; · Optional out-of-band data on acknowledgements; · PDU concatenation and delayed acknowledgement to reduce the number of messages sent · Asynchronous transactions.

Wireless Transport Layer Security (WTLS) WTLS is a security protocol based upon the industry-standard Transport Layer Security (TLS) protocol, formerly known as Secure Sockets Layer (SSL). Data integrity – WTLS contains facilities to ensure that data sent between the terminal and an application server is unchanged and uncorrupted. Privacy – WTLS contains facilities to ensures that data transmitted between the terminal and an application server is private and cannot be understood by any intermediate parties that may have intercepted the data stream. Authentication – WTLS contains facilities to establish the authenticity of the terminal and application server. Denial-of-service protection – WTLS contains facilities for detecting and rejecting data that is replayed or not successfully verified. WTLS makes many typical denial-of-service attacks harder to accomplish and protects the upper protocol layers.

Wireless Datagram Protocol (WDP) The Transport layer protocol in the WAP architecture is referred to as the Wireless Datagram Protocol (WDP). The WDP layer operates above the data capable bearer services supported by the various network types. Since the WDP protocols provide a common interface to the upper layer protocols the Security, Session and Application layers are able to function independently of the underlying wireless network.

Bearers The WAP protocols are designed to operate over a variety of different bearer services, including short message, circuit-switched data, and packet data. The bearers offer differing levels of quality of service with respect to throughput, error rate, and delays. The WAP protocols are designed to compensate for or tolerate these varying level of service.

Security in GSM

Evolution Earlier days- Advanced Mobile Phone system(AMPS) were used –Little or no security. Each mobile phone has 32 bit serial number and 10 digit telephone number in PROM. Telephone number had 3 digit area code, represented by 10 bits and 7 digit subscriber number in 24bits. When mobile is switched on, it sends out its 32bit serial and 34 bit number in clear text.

D-AMPS- digital AMPS. (used in US and Japan) GSM(Global System for Mobile Communication is used in Europe. GPRS(General Packet Radio Service) is emerging wireless data service. GSM is for Voice and GPRS for data( 2.5G)

3 Key aspects of GSM security Subscriber identity authentication Signaling data confidentiality User data confidentiality Each subscriber has unique International Mobile Subscriber Identity(IMSI) Each subscriber has unique subscriber authentication key( Ki) GSM works in such way that above information is never transmitted across mobile n/w. GSM uses challenge/response mechanism. Actual transmission encrypted with ciphering key Kc.

Security in 3 elements of GSM Infrastructure. SIM contains IMSI, Ki, ciphering key generation algorithm A8, authentication algorithm A3, Personal Identification Number(PIN) GSM Handset contains ciphering algorithm A5. Authentication Center(AUC) contains A3, A5,A8 algorithms and identification and authentication information about subscribers.

GSM Authentication-challenge/response GSM n/w sends 128 bit random number to subscriber. 32 bit signed response using A3 (authentication) and Ki(authentication key) is prepared by handset and sent back to n/w N/w retrieves Ki from DB and performs same operation using A3 algorithm on original 128 bit number and compare with one received from handset. If two match, user is authenticated. Signed response takes place inside SIM(IMSI and Ki)

GSM-Signaling and data confidentiality SIM contains A8(ciphering key generation algorithm) This is used to produce 64-bit ciphering key Kc. Kc is obtained by applying same random number as used in authentication to A8 with individual subscriber authentication key Ki. Kc is later used for secure communication b/w subscriber and mobile telephony base station.

GSM-voice and data security A5 algorithm used to encrypt voice and data traffic b/w user handset and GSM n/w Subscriber handset sends ciphering mode request to GSM n/w. GSM n/w in response starts encryption and decryption of traffic using A5 and Kc.