Browse Prior Art Database

End to End WTLS Security Model for WAP

IP.com Disclosure Number: IPCOM000016778D
Original Publication Date: 2003-Jul-15
Included in the Prior Art Database: 2003-Jul-15

Publishing Venue

IBM

Abstract

Industry research suggests that the most significant factor influencing the take-up of mobile Internet solutions is security concerns [Yan00]. This paper surveys the components of security used in WAP 1.x based solution. This includes SSL, TLS, WTLS, and the GSM security protocols: A2/A4, A3, A5, and A8. A list of the security exposures are outlined including the key exposure at the WAP gateway where WTLS is converted to SSL. Several techniques for how these exposures are mitigated are described, together with an end-to-end security model using a WDP-UDP Datagram gateway to eliminate the security exposure at the WAP gateway.