End to End WTLS Security Model for WAP
Original Publication Date: 2003-Jul-15
Included in the Prior Art Database: 2003-Jul-15
Industry research suggests that the most significant factor influencing the take-up of mobile Internet solutions is security concerns [Yan00]. This paper surveys the components of security used in WAP 1.x based solution. This includes SSL, TLS, WTLS, and the GSM security protocols: A2/A4, A3, A5, and A8. A list of the security exposures are outlined including the key exposure at the WAP gateway where WTLS is converted to SSL. Several techniques for how these exposures are mitigated are described, together with an end-to-end security model using a WDP-UDP Datagram gateway to eliminate the security exposure at the WAP gateway.