Security and the Wireless Application Protocol

Lillian N. Cassel and Cynthia Pandolfo, Villanova University

The Wireless Application Protocol

The Current Situation

Mobile Access to the World Wide Web and Other Data Resources

Standards

Security

WAP Identity Modules

WML Script Crypto API

WAP Transport Layer Security

Certificates

WAP Gateway

WAP Security Gap

Transport Layer e2e

WAP Public Key Infrastructure Looking Ahead

Expectations for Mobile Computing

The Role of the Wireless Application Protocol

Glossary

Cross References

References

Further Reading

THE WIRELESS APPLICATION PROTOCOL

The wireless application protocol (WAP) is a collection of protocol standards whose purpose is to enable communication between handheld wireless devices and Internet-based service providers. Mobile devices vary greatly in capability. Some are compact, but fully powerful, computers. These are not the subjects of this chapter. WAP exists to accommodate the limitations of very small devices, generally mobile phones. Limited amounts of memory, both RAM and ROM, impact the performance characteristics of these devices. Applications and utilities, including security elements, must be optimized for the restricted environment. The service providers include Web servers providing content formatted especially for small wireless devices and other service providers who target the wireless devices exclusively.

This set of standards builds on existing standards, reusing or modifying where necessary to address the special ...