Wireless Application Protocol

advertisement
WAP Overview
Amarnath Chitti
1
"CSC8530 Distributed Systems", Summer 2002
Introduction





What is WAP ?
– Wireless Application Protocol
What is its Purpose ?
– Defines standards for wireless application environment (WAE)
Who coordinates the WAP standard meetings?
– WAP forum(www.wapforum.org) not IETF
What part of OSI does WAP standards address?
– Session, Presentation and Application
What are the main ingredients of WAP?
–
–
–
–
–
WDP:
WTLS:
WTP:
WSP:
WML:
WAP Datagram Protocol
Wireless Transport Layer Security
Wireless Transaction Protocol
WAP Session Protocol
Wireless Markup Language
2
"CSC8530 Distributed Systems", Summer 2002
Introduction (contd.)

WAP Applications:
– Wireless Web hosting
– Location Based Services with WAP Push
Technology
– Secure Mobile Connectivity to enterprise
networks
Example: Nokia Activ Server 2.1
 Mobile Financial Services with Nokia Activ Server
 Mobile Reservation systems

3
"CSC8530 Distributed Systems", Summer 2002
Introduction (contd..)
WAP Overview Diagram:
4
"CSC8530 Distributed Systems", Summer 2002
Introduction (contd..)
Protocol Diagram at a WAP Gateway:
5
"CSC8530 Distributed Systems", Summer 2002
WAP with reference to
Distributed Systems

WAP needs to operate across different Air
Interface Technologies. Example: CDMA, IS 95,
IS 136 etc.

DNS lookups of the servers by the WAP
Gateway

WAP gateway contacting different Application
Servers based on Client Requests.
6
"CSC8530 Distributed Systems", Summer 2002
WAP with reference to
Distributed Systems (contd.)
WAP Gateway
MSC
MSC
GSM
IS 136
7
"CSC8530 Distributed Systems", Summer 2002
Typical WAP Network redrawn
from WAP Architecture
Document
WTA Server
Cell phone
Supporting Servers
App Server
Server
Server
App Server
Comm. Tower
Master Pull Proxy
Internet
Wireless Network
App Server
App Server
Secure Full
Proxy
Secure Network
App Server
8
"CSC8530 Distributed Systems", Summer 2002
WAP interface to various Air
Interface Technologies
9
"CSC8530 Distributed Systems", Summer 2002
Brief Description of WAP stack

Elements of WAP Stack compared Internet Stack
– WML vs. HTML
– WSP vs. HTTP
– WTP vs. TCP
– WTLS vs. TLS
– WDP vs. UDP
– WCMP vs. ICMP
10
"CSC8530 Distributed Systems", Summer 2002
WML vs. HTML






WML: Wireless Markup Language
WML is an XML based markup language.
XML and HTML are based on Structured
Generalized Markup Language (SGML).
To support WML requirements, W3C created
XHTML standard.
WAP 2.0 uses XHTML.
Freeware available for converting HTML pages
to XHTML/XML pages.
– Example:
http://www.vbxml.com/wap/articles/htmlwml/default.
asp
11
"CSC8530 Distributed Systems", Summer 2002
WSP vs. HTTP
WSP: Wireless Session Protocol
 WSP defines two protocols:

– one provides connection-mode session services over a
transaction service
– To provide non-confirmed, connectionless services over a
datagram transport service.




WSP recodes existing RFC-822 style request and
response messages in their own binary tokenization
format
WSP cannot support IETF's Proposed Standard for
distributed authoring over HTTP (WebDAV)
WSP does content-negotiation not by Content-Type:, but
with explicitly deprecated User-Agent:
WAP 2.0 adopts HTTP/1.1 as a session layer protocol.
12
"CSC8530 Distributed Systems", Summer 2002
WTP vs. TCP




WTP: Wireless Transaction Protocol
WTP tries to solve a mix of transport- and
application-layer problems.
WTP optionally offers segmentation and reassembly and selective acks. (WDP ??)
WTP offers three application message models:
– Class 0: Unreliable invoke message with no result message
– Class 1: Reliable invoke message with no result message
– Class 2: Reliable invoke message with one reliable result message



WTP is the heart of an independent WAP Gateway server project,
such as APiON's.
WTP is the lowest layer the microbrowser absolutely requires
WAP 2.0 features TCP/IP for wireless networks supporting Data
over IP.
13
"CSC8530 Distributed Systems", Summer 2002
WTLS vs. TLS


WTLS: Wireless Transport Layer Security
WTLS Requirements:
– Both datagram and connection oriented transport
layer protocols must be supported
– To cope with long round-trip times of wireless
networks
– Support limited bandwidth of some bearer
networks
– Match the processing power of mobile terminals
– Match the memory requirements of mobile
terminals
14
"CSC8530 Distributed Systems", Summer 2002
WTLS vs. TLS (contd.)

TCP/IP stack offers security at the packet- and
transport-layers with two technologies
– Ipsec for unreliable datagram transport (UDP)
– TLS for reliable transport (TCP)


WTLS applies TLS to both individual datagrams
and socket connections
WTLS defines three levels of security
capabilities; only Class 1 is mandatory-toimplement.
15
"CSC8530 Distributed Systems", Summer 2002
WTLS vs. TLS (contd.)
WTLS Features
Public-key
exchange
Server
Certificates
Client Certificates
Shared Secret
Handshake
Compression
Encryption
MAC
Smart Card
Interface
Class 1
M
Class 2
M
Class 3
M
O
M
M
O
O
O
O
M
O
N/a
M
M
N/a
O
M
M
O
O
M
M
O
16
"CSC8530 Distributed Systems", Summer 2002
WTLS vs. TLS (contd.)

WTLS specifies use of Certicom's elliptic curve public
key encryption (mentioned on page 281 of course text).
– Not an IETF standard
– More details at
http://www.certicom.com/resources/ecc_chall/challenge.html

Prone to Attacks
–
–
–
–
–

chosen plaintext data recovery attack
datagram truncation attack
message forgery attack, and
key-search shortcut for some exportable keys.
For more details visit http://www.cc.jyu.fi/~mjos/wtls.pdf
WAP 2.0 adopts TLS protocol.
17
"CSC8530 Distributed Systems", Summer 2002
WDP vs. UDP


WDP is almost equivalent to UDP
Purpose:
– To enable applications to operate transparently over
different available bearer services

Why WDP and not UDP ?
– To accommodate airlink addresses ("MSISDN number
[handset serial number], IP address, X.25 address or
other identifier")
– To overcome airlink restrictions on packet size and
even character sets.
18
"CSC8530 Distributed Systems", Summer 2002
WDP vs. UDP (contd.)
19
"CSC8530 Distributed Systems", Summer 2002
WDP vs. UDP (contd.)

Services offered by WDP :
– Application addressing by port numbers
– Segmentation and Re-assembly (optional)
– Error Detection (optional)
20
"CSC8530 Distributed Systems", Summer 2002
WCMP vs. ICMP

Obsolete
– Included in WAP 1.0
– Removed in WAP 1.1
21
"CSC8530 Distributed Systems", Summer 2002
Competing Technologies

3G
– If a mobile can tx/rx data at ~2Mbps, what is the use
of WAP Gateway in between ?
– WAP is trying to survive with its WAP Push
technology for location based services.


Mobile IP and Wireless LAN (802.11b)
Lightweight & Efficient Application Protocols
(LEAP)
– IETF standards, an alternative to WAP
– Rejected by big players like Nokia, Motorola etc.
Seems to be no development is going on in this front.
22
"CSC8530 Distributed Systems", Summer 2002
References








Attacks on WTLS: http://www.cc.jyu.fi/~mjos/wtls.pdf
Converting HTML to WML:
http://www.vbxml.com/wap/articles/htmlwml/default.asp
WAP God: http://www.wapforum.com
Criticism: http://www.4k-associates.com/4KAssociates/IEEE-L7-WAP-BIG.html
Possible Future: http://www.nokia.com/wap/wap.html
Brief Tutorial: http://www.w3schools.com/wap/
Criticism: http://www.freeprotocols.org/wapTrap/one/
Tutorial on WML:
http://www.iec.org/online/tutorials/wap/index.html
23
"CSC8530 Distributed Systems", Summer 2002
Summary

State what has been learned
–
–
–
–
–

WAP Applications
WAP for Distributed Environment
WAP internals in brief
WAP evolution and changes over time
Future prospects/demise ?!
Request feedback of training session
24
"CSC8530 Distributed Systems", Summer 2002
Download