"CSC8530 Distributed Systems", Summer 2002 2Introduction What is WAP ? –Wireless Application Protocol What is its Purpose ? –Defines standards for wireless application environment (WAE) Who coordinates the WAP standard meetings? –WAP forum(www.wapforum.org) not IETF What part of OSI does WAP standards address? –Session, Presentation and Application What are the main ingredients of WAP? –WDP:WAP Datagram Protocol –WTLS:Wireless Transport Layer Security –WTP:Wireless Transaction Protocol –WSP:WAP Session Protocol –WML:Wireless Markup Language
"CSC8530 Distributed Systems", Summer 2002 3 Introduction (contd.) WAP Applications: –Wireless Web hosting –Location Based Services with WAP Push Technology –Secure Mobile Connectivity to enterprise networks Example: Nokia Activ Server 2.1 Mobile Financial Services with Nokia Activ Server Mobile Reservation systems
"CSC8530 Distributed Systems", Summer 2002 5 Introduction (contd..) Protocol Diagram at a WAP Gateway:
"CSC8530 Distributed Systems", Summer 2002 6 WAP with reference to Distributed Systems WAP needs to operate across different Air Interface Technologies. Example: CDMA, IS 95, IS 136 etc. DNS lookups of the servers by the WAP Gateway WAP gateway contacting different Application Servers based on Client Requests.
"CSC8530 Distributed Systems", Summer 2002 7 WAP with reference to Distributed Systems (contd.) IS 136 GSM MSC WAP Gateway
"CSC8530 Distributed Systems", Summer 2002 9 WAP interface to various Air Interface Technologies
"CSC8530 Distributed Systems", Summer 2002 10 Brief Description of WAP stack Elements of WAP Stack compared Internet Stack –WML vs. HTML –WSP vs. HTTP –WTP vs. TCP –WTLS vs. TLS –WDP vs. UDP –WCMP vs. ICMP
"CSC8530 Distributed Systems", Summer 2002 11 WML vs. HTML WML: Wireless Markup Language WML is an XML based markup language. XML and HTML are based on Structured Generalized Markup Language (SGML). To support WML requirements, W3C created XHTML standard. WAP 2.0 uses XHTML. Freeware available for converting HTML pages to XHTML/XML pages. –Example: http://www.vbxml.com/wap/articles/htmlwml/default. asp
"CSC8530 Distributed Systems", Summer 2002 12 WSP vs. HTTP WSP: Wireless Session Protocol WSP defines two protocols: –one provides connection-mode session services over a transaction service –To provide non-confirmed, connectionless services over a datagram transport service. WSP recodes existing RFC-822 style request and response messages in their own binary tokenization format WSP cannot support IETF's Proposed Standard for distributed authoring over HTTP (WebDAV) WSP does content-negotiation not by Content-Type:, but with explicitly deprecated User-Agent: WAP 2.0 adopts HTTP/1.1 as a session layer protocol.
"CSC8530 Distributed Systems", Summer 2002 13 WTP vs. TCP WTP: Wireless Transaction Protocol WTP tries to solve a mix of transport- and application-layer problems. WTP optionally offers segmentation and re- assembly and selective acks. (WDP ??) WTP offers three application message models : –Class 0: Unreliable invoke message with no result message –Class 1: Reliable invoke message with no result message –Class 2: Reliable invoke message with one reliable result message WTP is the heart of an independent WAP Gateway server project, such as APiON's. WTP is the lowest layer the microbrowser absolutely requires WAP 2.0 features TCP/IP for wireless networks supporting Data over IP.
"CSC8530 Distributed Systems", Summer 2002 14 WTLS vs. TLS WTLS: Wireless Transport Layer Security WTLS Requirements: –Both datagram and connection oriented transport layer protocols must be supported –To cope with long round-trip times of wireless networks –Support limited bandwidth of some bearer networks –Match the processing power of mobile terminals –Match the memory requirements of mobile terminals
"CSC8530 Distributed Systems", Summer 2002 15 WTLS vs. TLS (contd.) TCP/IP stack offers security at the packet- and transport-layers with two technologies –Ipsec for unreliable datagram transport (UDP) –TLS for reliable transport (TCP) WTLS applies TLS to both individual datagrams and socket connections WTLS defines three levels of security capabilities; only Class 1 is mandatory-to- implement.
"CSC8530 Distributed Systems", Summer 2002 16 WTLS vs. TLS (contd.) WTLS Features Class 1Class 2Class 3 Public-key exchange MMM Server Certificates OMM Client Certificates OOM Shared Secret Handshake OOO Compression N/aOO Encryption MMM MAC MMM Smart Card Interface N/aOO
"CSC8530 Distributed Systems", Summer 2002 17 WTLS vs. TLS (contd.) WTLS specifies use of Certicom's elliptic curve public key encryption (mentioned on page 281 of course text). –Not an IETF standard –More details at http://www.certicom.com/resources/ecc_chall/challenge.html http://www.certicom.com/resources/ecc_chall/challenge.html Prone to Attacks –chosen plaintext data recovery attack –datagram truncation attack –message forgery attack, and –key-search shortcut for some exportable keys. –For more details visit http://www.cc.jyu.fi/~mjos/wtls.pdfhttp://www.cc.jyu.fi/~mjos/wtls.pdf WAP 2.0 adopts TLS protocol.
"CSC8530 Distributed Systems", Summer 2002 18 WDP vs. UDP WDP is almost equivalent to UDP Purpose: –To enable applications to operate transparently over different available bearer services Why WDP and not UDP ? –To accommodate airlink addresses ("MSISDN number [handset serial number], IP address, X.25 address or other identifier") –To overcome airlink restrictions on packet size and even character sets.
"CSC8530 Distributed Systems", Summer 2002 20 WDP vs. UDP (contd.) Services offered by WDP : –Application addressing by port numbers –Segmentation and Re-assembly (optional) –Error Detection (optional)
"CSC8530 Distributed Systems", Summer 2002 21 WCMP vs. ICMP Obsolete –Included in WAP 1.0 –Removed in WAP 1.1
"CSC8530 Distributed Systems", Summer 2002 22 Competing Technologies 3G –If a mobile can tx/rx data at ~2Mbps, what is the use of WAP Gateway in between ? –WAP is trying to survive with its WAP Push technology for location based services. Mobile IP and Wireless LAN (802.11b) Lightweight & Efficient Application Protocols (LEAP) –IETF standards, an alternative to WAP –Rejected by big players like Nokia, Motorola etc. Seems to be no development is going on in this front.
"CSC8530 Distributed Systems", Summer 2002 23 References Attacks on WTLS: http://www.cc.jyu.fi/~mjos/wtls.pdfhttp://www.cc.jyu.fi/~mjos/wtls.pdf Converting HTML to WML: http://www.vbxml.com/wap/articles/htmlwml/default.asp WAP God: http://www.wapforum.comhttp://www.wapforum.com Criticism: http://www.4k-associates.com/4K- Associates/IEEE-L7-WAP-BIG.htmlhttp://www.4k-associates.com/4K- Associates/IEEE-L7-WAP-BIG.html Possible Future: http://www.nokia.com/wap/wap.htmlhttp://www.nokia.com/wap/wap.html Brief Tutorial: http://www.w3schools.com/wap/http://www.w3schools.com/wap/ Criticism: http://www.freeprotocols.org/wapTrap/one/http://www.freeprotocols.org/wapTrap/one/ Tutorial on WML: http://www.iec.org/online/tutorials/wap/index.html http://www.iec.org/online/tutorials/wap/index.html
"CSC8530 Distributed Systems", Summer 2002 24 Summary State what has been learned –WAP Applications –WAP for Distributed Environment –WAP internals in brief –WAP evolution and changes over time –Future prospects/demise ?! Request feedback of training session