"CSC8530 Distributed Systems", Summer WAP Overview Amarnath Chitti
"CSC8530 Distributed Systems", Summer Introduction What is WAP ? –Wireless Application Protocol What is its Purpose ? –Defines standards for wireless application environment (WAE) Who coordinates the WAP standard meetings? –WAP forum( not IETF What part of OSI does WAP standards address? –Session, Presentation and Application What are the main ingredients of WAP? –WDP:WAP Datagram Protocol –WTLS:Wireless Transport Layer Security –WTP:Wireless Transaction Protocol –WSP:WAP Session Protocol –WML:Wireless Markup Language
"CSC8530 Distributed Systems", Summer Introduction (contd.) WAP Applications: –Wireless Web hosting –Location Based Services with WAP Push Technology –Secure Mobile Connectivity to enterprise networks Example: Nokia Activ Server 2.1 Mobile Financial Services with Nokia Activ Server Mobile Reservation systems
"CSC8530 Distributed Systems", Summer Introduction (contd..) WAP Overview Diagram:
"CSC8530 Distributed Systems", Summer Introduction (contd..) Protocol Diagram at a WAP Gateway:
"CSC8530 Distributed Systems", Summer WAP with reference to Distributed Systems WAP needs to operate across different Air Interface Technologies. Example: CDMA, IS 95, IS 136 etc. DNS lookups of the servers by the WAP Gateway WAP gateway contacting different Application Servers based on Client Requests.
"CSC8530 Distributed Systems", Summer WAP with reference to Distributed Systems (contd.) IS 136 GSM MSC WAP Gateway
"CSC8530 Distributed Systems", Summer Typical WAP Network redrawn from WAP Architecture Document
"CSC8530 Distributed Systems", Summer WAP interface to various Air Interface Technologies
"CSC8530 Distributed Systems", Summer Brief Description of WAP stack Elements of WAP Stack compared Internet Stack –WML vs. HTML –WSP vs. HTTP –WTP vs. TCP –WTLS vs. TLS –WDP vs. UDP –WCMP vs. ICMP
"CSC8530 Distributed Systems", Summer WML vs. HTML WML: Wireless Markup Language WML is an XML based markup language. XML and HTML are based on Structured Generalized Markup Language (SGML). To support WML requirements, W3C created XHTML standard. WAP 2.0 uses XHTML. Freeware available for converting HTML pages to XHTML/XML pages. –Example: asp
"CSC8530 Distributed Systems", Summer WSP vs. HTTP WSP: Wireless Session Protocol WSP defines two protocols: –one provides connection-mode session services over a transaction service –To provide non-confirmed, connectionless services over a datagram transport service. WSP recodes existing RFC-822 style request and response messages in their own binary tokenization format WSP cannot support IETF's Proposed Standard for distributed authoring over HTTP (WebDAV) WSP does content-negotiation not by Content-Type:, but with explicitly deprecated User-Agent: WAP 2.0 adopts HTTP/1.1 as a session layer protocol.
"CSC8530 Distributed Systems", Summer WTP vs. TCP WTP: Wireless Transaction Protocol WTP tries to solve a mix of transport- and application-layer problems. WTP optionally offers segmentation and re- assembly and selective acks. (WDP ??) WTP offers three application message models : –Class 0: Unreliable invoke message with no result message –Class 1: Reliable invoke message with no result message –Class 2: Reliable invoke message with one reliable result message WTP is the heart of an independent WAP Gateway server project, such as APiON's. WTP is the lowest layer the microbrowser absolutely requires WAP 2.0 features TCP/IP for wireless networks supporting Data over IP.
"CSC8530 Distributed Systems", Summer WTLS vs. TLS WTLS: Wireless Transport Layer Security WTLS Requirements: –Both datagram and connection oriented transport layer protocols must be supported –To cope with long round-trip times of wireless networks –Support limited bandwidth of some bearer networks –Match the processing power of mobile terminals –Match the memory requirements of mobile terminals
"CSC8530 Distributed Systems", Summer WTLS vs. TLS (contd.) TCP/IP stack offers security at the packet- and transport-layers with two technologies –Ipsec for unreliable datagram transport (UDP) –TLS for reliable transport (TCP) WTLS applies TLS to both individual datagrams and socket connections WTLS defines three levels of security capabilities; only Class 1 is mandatory-to- implement.
"CSC8530 Distributed Systems", Summer WTLS vs. TLS (contd.) WTLS Features Class 1Class 2Class 3 Public-key exchange MMM Server Certificates OMM Client Certificates OOM Shared Secret Handshake OOO Compression N/aOO Encryption MMM MAC MMM Smart Card Interface N/aOO
"CSC8530 Distributed Systems", Summer WTLS vs. TLS (contd.) WTLS specifies use of Certicom's elliptic curve public key encryption (mentioned on page 281 of course text). –Not an IETF standard –More details at Prone to Attacks –chosen plaintext data recovery attack –datagram truncation attack –message forgery attack, and –key-search shortcut for some exportable keys. –For more details visit WAP 2.0 adopts TLS protocol.
"CSC8530 Distributed Systems", Summer WDP vs. UDP WDP is almost equivalent to UDP Purpose: –To enable applications to operate transparently over different available bearer services Why WDP and not UDP ? –To accommodate airlink addresses ("MSISDN number [handset serial number], IP address, X.25 address or other identifier") –To overcome airlink restrictions on packet size and even character sets.
"CSC8530 Distributed Systems", Summer WDP vs. UDP (contd.)
"CSC8530 Distributed Systems", Summer WDP vs. UDP (contd.) Services offered by WDP : –Application addressing by port numbers –Segmentation and Re-assembly (optional) –Error Detection (optional)
"CSC8530 Distributed Systems", Summer WCMP vs. ICMP Obsolete –Included in WAP 1.0 –Removed in WAP 1.1
"CSC8530 Distributed Systems", Summer Competing Technologies 3G –If a mobile can tx/rx data at ~2Mbps, what is the use of WAP Gateway in between ? –WAP is trying to survive with its WAP Push technology for location based services. Mobile IP and Wireless LAN (802.11b) Lightweight & Efficient Application Protocols (LEAP) –IETF standards, an alternative to WAP –Rejected by big players like Nokia, Motorola etc. Seems to be no development is going on in this front.
"CSC8530 Distributed Systems", Summer References Attacks on WTLS: Converting HTML to WML: WAP God: Criticism: Associates/IEEE-L7-WAP-BIG.htmlhttp:// Associates/IEEE-L7-WAP-BIG.html Possible Future: Brief Tutorial: Criticism: Tutorial on WML:
"CSC8530 Distributed Systems", Summer Summary State what has been learned –WAP Applications –WAP for Distributed Environment –WAP internals in brief –WAP evolution and changes over time –Future prospects/demise ?! Request feedback of training session