Mobile Security. Security is Hard Just this year: Denial of service Credit card compromise I Love you Cost to manage security quickly becomes prohibitive.

Slides:



Advertisements
Similar presentations
Software Security & Privacy Risks in Mobile E-Commerce Kartikeya Kakarala CSCI 5939-Independent Study Wireless Application Protocols.
Advertisements

Mobile Communication MMS.
Mobile IP and Wireless Application Protocol
Cryptography and Network Security
Performance and Efficiency in Wireless Security Terry Fletcher, Senior Security Architect Chrysalis-ITS
7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, "I've Got You under My Skin“ by Cole Porter.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
 WAP WAP  Foundation Of WAP Foundation Of WAP  Benefits… Benefits…  Architecture… Architecture…  Layers of WAP protocol stack Layers of WAP protocol.
WAP Public Key Infrastructure CSCI – Independent Study Fall 2002 Jaleel Syed Presentation No 5.
A Survey of WAP Security Architecture Neil Daswani
Principles and Learning Objectives
"CSC8530 Distributed Systems", Summer WAP Overview Amarnath Chitti.
Cryptography and Network Security Chapter 17
Wireless Application Protocol and i-Mode By Sridevi Madduri Swetha Kucherlapati Sharrmila Jeyachandran.
Wireless Application Protocol Intro (Continued) WebTP Meeting H. Wilson So 28 Feb, 2000.
Wireless Application Protocol John Bollen MBA 651.
Chapter 12 USING TECHNOLOGY TO ENHANCE BUSINESS PROCESSES.
CM2502 E-Business Mobile Services. Desktop restrictions Mobile technologies Bluetooth WAP Summary.
Chapter 12 USING TECHNOLOGY TO ENHANCE BUSINESS PROCESSES.
WAP: Wireless Application Protocol Mike Mc Ardle ACSG April, 2005.
WAP Wireless Application Protocol CSI 668 Professor Meihua, Chen Presented by Min, Wu April 04,2001.
Chapter 8 Web Security.
Electronic Commerce. On-line ordering---an e-commerce application On-line ordering assumes that: A company publishes its catalog on the Internet; Customers.
Wireless Application Protocol (WAP) Reference: Chapter 12, section 2, Wireless Communications and Networks, by William Stallings, Prentice Hall.
Network and Internet Security
Best Practices in Deploying a PKI Solution BIEN Nguyen Thanh Product Consultant – M.Tech Vietnam
CPET 565 Mobile Computing Systems Mobile Device Connectivity Protocols Lecture 14 Hongli Luo Indiana University-Purdue University Fort Wayne.
E-C OMMERCE S ECURITY Presented by SAGAR CHAKRABORTY.
PKI interoperability and policy in the wireless world.
SSL / TLS in ITDS Arun Vishwanathan 23 rd Dec 2003.
WAP (Wireless Application Protocol). W – World W – Wide W -- Web W – World W – Wide W – Wireless W -- Web The Two Paradigms.
E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.
Registration Processing for the Wireless Internet Ian Gordon Director, Market Development Entrust Technologies.
Lectured By: Vivek Dimri Assistant Professor, CSE Dept. SET, Sharda University, Gr. Noida.
Public Key Infrastructures and mCommerce Baltimore’s offerings for wireless technologies.
Security Protocols and E-commerce University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
TECHNICAL SEMINAR Presented by :- Satya Prakash Pattnaik TECHNICAL SEMINAR By Satya Prakash Pattnaik EC Under the guidance of Mr.
Chapter 18: Doing Business on the Internet Business Data Communications, 4e.
Chapter 18: Doing Business on the Internet Business Data Communications, 4e.
Cryptography and Network Security (CS435) Part Fourteen (Web Security)
Web Security : Secure Socket Layer Secure Electronic Transaction.
WIRELESS APPLICATION PROTOCOL Definition It is universal, open standard developed by the WAP Forum to provide mobile users of wireless phones and other.
Wireless Application Protocol WAP Dr Alison Griffiths C203 Ext: Credit to: Justin Champion.
Wireless Application Protocol “Wireless application protocol (WAP) is an application environment and set of communication protocols for wireless devices.
1. 2 WIRELESS APPLICATION PROTOCOL (WAP) 3 Wireless Application Protocol Introduction Evolution WAP Architecture Working Uses Conclusion.
E-commerce 24/12/ Electronic Commerce (E-Commerce) Commerce refers to all the activities the purchase and sales of goods or services. Marketing,
Wireless Application Protocol CSCI 465 Nathaniel Samson Alison White Steve MacNeil Michael Pyne James Snow.
IT 284 Unit 4 Seminar.
Components of the WAP Standard Layers of WAP divided into 3 groups Bearer Adaptation Hides the differences in the signaling and channel protocols used.
Security Standards. IEEE IEEE 802 committee for LAN standards IEEE formed in 1990’s – charter to develop a protocol & transmission specifications.
WAP Architecture Presented by, Nithya Inbamani. WAP Background Wireless Application Protocol – secure specification. Wireless Application Protocol – secure.
The Different Payment Systems Different types of technologies Used for payment transactions on the Internet –SSL –SET –eDankort –MasterCard SecureCode.
Information systems and management in business Chapter 2 Electronic Business and Business Mobility.
1 Chapter 7 WEB Security. 2 Outline Web Security Considerations Secure Socket Layer (SSL) and Transport Layer Security (TLS) Secure Electronic Transaction.
Wireless Application Protocol (WAP) William Thau CSC 8560 Dr. L. Cassel.
Henric Johnson1 Chapter 7 WEB Security Henric Johnson Blekinge Institute of Technology, Sweden
SSL: Secure Socket Layer By: Mike Weissert. Overview Definition History & Background SSL Assurances SSL Session Problems Attacks & Defenses.
MOBILE PAYMENT SYSTEM.
Mobile IP and Wireless Application Protocol
WAP Public Key Infrastructure
WAP.
EMTM 553 Electronic Commerce Systems
Presentation transcript:

Mobile Security

Security is Hard Just this year: Denial of service Credit card compromise I Love you Cost to manage security quickly becomes prohibitive How do we do it?

“The wireless telegraph is not difficult to understand. The ordinary telegraph is like a very long cat. You pull the tail in New York, and it meows in Los Angles The wireless is the same only without the cat.” Albert Einstein Wireless is Complex

Speed is Everything TIME LATE TO MARKET Source: McKinsey & Co GROSS PROFIT %

Recommendations Consolidate as much as possible the security mechanisms necessary to perform commerce Standards-based, vendor neutral, global scope, legal framework Leverage the work already done in e-Business, e- Security After all, wireless is just an extension of technology

Trust in the Digital World Trust in the Physical World Trust in the Digital World PassportsCheck BooksCredit CardsPKIEncryptionAuthentication

Public Key Infrastructure(PKI) Allow unknown parties to communicate securely “Parties” can be: Employees Devices Suppliers Partners And most importantly, PKI can scale to millions of customers...

Market is Huge Source: IDC, 2000

Infrastructure Investments Yield Benefits Beyond Commerce Cisco realized $825 million in financial benefits in 1999 Customer Service $269 E-Commerce $37 Supply Chain $444 Employee Resources $55 Dell enjoying similar rewards Dell generates more working capitol than it consumes Customers pay for product before Dell pays suppliers Inventory turns over 60 times/year, 6 times/year in 1994

Wireless Network Architecture Internet Network Operator Users E-businesses

Evolution of WAP Security WTLS 1.1 WIM WTLS 1.2 Wireless PKI Telepathy PKI Validation System Telepathy WAP Security Toolkit Telepathy Digital Signature Toolkit Telepathy WAP Security Gateway Telepathy WAP Certificates Telepathy WAP CA Q1 2000Q3 2000Q4 2000Q July JanJulyOct Telepathy PKI Registration System WML Script Crypto Library WAP 1.1WAP 1.2WAP 1.2+

WTLS Layer in WAP Stack WTLS is the wireless equivalent of SSL/TLS Wireless Application Environment (WAE) Wireless Application Environment (WAE) Wireless Session Protocol (WSP) Wireless Session Protocol (WSP) Wireless Transaction Protocol (WTP) Wireless Transaction Protocol (WTP) Wireless Transport Layer Security (WTLS) Wireless Transport Layer Security (WTLS) Datagrams (UDP/IP) Application Layer Session Layer Transaction Layer Security Layer Transport Layer Network Layer Datagrams (WDP) PDC-PPCSCDMATDMA W- CDMA Etc.. Wireless Bearer Network Services and Applications HTML/Java/ JavaScript HTTP SSL/TLS TCP/IP Low-level Network Layer OSI Model WAP ModelInternet Model

Web & WAP Architecture HTML pages Web HTTP Web Server WML pages WAP Gateway Web Server WML pages

Web & WAP Session Security Secure Sockets Layer (SSL) & Transport Layer Security (TLS) Authentication - Integrity - Confidentiality Secure Sockets Layer (SSL) & Transport Layer Security (TLS) Authentication - Integrity - Confidentiality Web Web Server Wireless TLS (WTLS) Authentication - Integrity - Confidentiality Wireless TLS (WTLS) Authentication - Integrity - Confidentiality WAPWAP Gateway/ Server SSL TLS SSL TLS Web Server

WTLS Authentication Levels Three levels of authentication All levels have privacy and integrity Class I- Anonymous No authentication Class II Server authentication only Class III Client and server authentication ??  ? 

WAP gateways/server need to provide WAP certificates for authentication Need to obtain WTLS certificate Web servers use X.509 The same ones they use today Mobile users use X.509 Wireless PKI WAP GatewayWeb ServerMobile User X.509 WTLS Which Certificates Do I Use for Authentication?

How to Achieve End-to-End Security Move everything to a secure domain WAP end-to-end security solution SIM toolkit-based solution WAP application layer security

Baltimore Telepathy WAP Solution

Conclusion Partner with a leader who has the completeness of vision and the ability to execute PKI solutions can help move security from enterprise to extranet, high value customers and suppliers, and m-Commerce world

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.