Page 179 - DCAP512_WAP_AND_WML
P. 179

Unit 12: Secure Application




                                                                                                Notes


             Notes  WDP enables mobile devices to operate independently of the design of the bearer
             network sending the data.

          WTLS

          Wireless Transport Layer Security (WTLS), an optional security layer, has encryption facilities
          that provide the secure transport service required by many applications, such as e-commerce.

          WTLS is a security protocol based upon the industry standard Transport Layer Security (TLS)
          protocol, formerly known as Secure Sockets Layer (SSL). WTLS is intended for use with the WAP
          transport protocol and has been optimized for use over narrow-band communications channels.
          WTLS provides the following features:

              Data integrity: WTLS ensures  that data sent  between the  terminal and an application
               server is unchanged and uncorrupted
              Privacy: WTLS ensures that eavesdropping of information by unauthorized persons is
               prevented.
              Authentication: WTLS ensures the authenticity of the terminal and application server.
              Denial-of-service protection: WTLS contains facilities for detecting and rejecting data that
               is replayed  or not successfully verified.  WTLS makes typical denial of service attacks
               harder to accomplish and protects the upper protocol layers.
          WTLS may also be utilized for secure communication between terminals, e.g., for authentication
          of electronic business card exchange.
          Applications are able to selectively activate or disable WTLS features based on their security
          needs and the characteristics of the underlying network. Wireless transport layer security (WTLS),
          an  optional security layer, has encryption facilities that offer the secure transport service by
          many applications, such as e-commerce.
          Similar to WTP, WLTS is enabled for suspend and resume mobile sessions. WTLS uses certificates,
          data encryption and regular renewal of encryption keys.




             Notes   Interestingly, this  protocol is  optional. Some providers may choose to sacrifice
             security for bandwidth.

          WTP

          The WAP Transaction Protocol (WTP) layer provides transaction support, adding reliability to
          the datagram service provided by WDP.
          The Wireless Transaction Protocol (WTP) runs on top of a datagram service and provides a
          lightweight transaction-oriented protocol that is suitable for implementation in “thin” clients
          (mobile stations). WTP operates efficiently over secure or non-secure wireless datagram networks
          and provides the following features:

              Three classes of transaction service
              Unreliable one-way requests
              Reliable one-way  request



                                           LOVELY PROFESSIONAL UNIVERSITY                                   173
   174   175   176   177   178   179   180   181   182   183   184