Prepared by Dr. Samia Chelloug
E-mail: [email protected]
Princess Nora Bint Abdulrahman
University
College of computer and information
sciences
Networks department
Networks Security (NET 536)
Content
1. Basics of computer and network security.
2. Impact of network architecture on network security.
3. Basics of network design.
4. Firewalls and virtual private networks.
5. Internet and wireless network security.
6. Impact of operating systems models on network security.
7. How to secure an application?
References
William Stallings, ‘Cryptography and
Network Security: Principles and practice’,
Fifth edition, 2011.
Part 6 : Wireless application protocol
• WAP: universal, open standard developed by the
WAP Forum.
• Provides mobile users of wireless phones and other
wireless terminals access to telephony and
information services, including the Internet and the
Web.
• WAP is designed to work with all wireless network
technologies (e.g., GSM,CDMA,and TDMA).
• The WAP Programming Model is based on three
elements: the client, the gateway, and the original
server.
Wireless application protocol
Wireless application protocol
• HTTP is used between the gateway and the original
server to transfer content.
• The gateway acts as a proxy server for the wireless
domain.
• The gateway provides DNS services, converts
between WAP protocol stack and the WWW stack
(HTTP and TCP/IP), encodes information from the
Web into a more compact form that minimizes
wireless communication, and in the other direction,
decodes the compacted form into standard Web
communication conventions. The gateway also
caches frequently requested information.
Wireless application protocol
Wireless application protocol
• Using WAP, a mobile user can browse Web content
on an ordinary Web server.
• The Web server provides content in the form of
HTML-coded pages that are transmitted using the
standard Web protocol stack (HTTP/TCP/IP).
• The HTML content must go through an HTML filter,
which either may be colocated with the WAP proxy
or in a separate physical module.
• The filter translates the HTML content into WML
content. If the filter is separate from the proxy,
HTTP/TCP/IP is used to deliver the WML to the
proxy.
Wireless application protocol
• The proxy converts the WML to a more compact
form known as binary WML and delivers it to the
mobile user over a wireless network using the WAP
protocol stack.
• If the Web server is capable of directly generating
WML content, then the WML is delivered using
HTTP/TCP/IP to the proxy, which converts the WML
to binary WML and then delivers it to the mobile
node using WAP protocols.
Wireless application protocol
Security services:
• Cryptographic libraries: provides service for
signing data for integrity and non-repudiation
purposes.
• Authentication: WAP provides various mechanisms
for client and server authentication. At the Session
Services layer, HTTP Client Authentication may be
used to authenticate clients to proxies and application
servers. At the Transport Services layer, WTLS and
TLS (transport layer security) handshakes may be used
to authenticate clients and servers.
Wireless application protocol
WTLS:
-Digital certificates are electronic files that are used to
identify people and resources over networks such as the
Internet. Digital certificates also enable secure,
confidential communication between two parties using
encryption.
-When you travel to another country, your passport
provides a way to establish your identity and gain
entry. Digital certificates provide similar identification
in the electronic world. Certificates are issued by a
Certification Authority (CA).
Wireless application protocol
WTLS :
A certificate typically includes:
• The name of the holder
• The holder’s public key.
• The name of the Certification Authority that issued the
certificate;
• A serial number;
• The validity period (or lifetime) of the certificate (a
start and an end date).
Wireless application protocol
WTLS :
Wireless application protocol
WTLS:
A WAP server WTLS certificate is a certificate that
authenticates the identity of a WAP site to visiting
micro-browsers found in many mobile phones on the
market.
When a micro-browser user wants to send confidential
information to a WAP server, the micro-browser will
access the server's digital certificate.
Wireless application protocol
WTLS:
Suppose Alice wants to connect to a secure WAP site,
with her mobile phone, to buy something online:
• When Alice visits a WAP site secured with WTLS her
micro-browser sends a "Client Hello" message to the
WAP server indicating that a secure session (WTLS) is
requested.
• The WAP server responds by sending Alice it's server
certificate (which includes it's public key).
Wireless application protocol
WTLS:
Alice's micro-browser will verify that the server's
certificate is valid and has been signed by a CA whose
certificate is in the micro-browser's database (and who
Alice trusts).
• If the certificates are all valid, Alice's micro-browser
will generate a one-time, unique "session" key and
encrypt it with the server's public key. Her micro-
browser will then send the encrypted session key to the
server so that they will both have a copy.
Wireless application protocol
WTLS:
The server will decrypt the message using its private
key and recover the session key. At this point Alice can
be assured of two things:
• The WAP site she is communicating with is really the
one it claims to be (its identity has been verified), and
• Only Alice's micro-browser and the WAP server have
a copy of the session key.
Wireless application protocol
WAP stack
Wireless application protocol
Handshake
Protocol
Wireless markup language
• WML (Wireless Markup Language) is the dominant
language in use with wireless devices today.
• Essentially, WML is a subset of HTML, but has its
roots in XML.
• WML pages are structured within "decks," allowing
several pages ("cards") to be defined in each WML
file.
• This deck analogy allows multiple pages to be
delivered to the mobile client at the same time,
minimizing the loading time between related pages.
Wireless application protocol
Wireless markup language
• Suppose we have three simple cards
• These cards together form a deck and are delivered to
the mobile device in one file.
Wireless application protocol
Wireless markup language
• <?xml version="1.0"?>
• <!DOCTYPE wml PUBLIC "-
//WAPFORUM//DTD WML 1.1//EN"
• "http://www.wapforum.org/DTD/wml_1.1.xml">
• <wml>
• <card id="Card1" title="Sample ">
• </card>
• </wml>
Wireless application protocol
Wireless markup language
Wireless application protocol