1. Trang chủ
  2. » Công Nghệ Thông Tin

Enabling Technologies for Wireless E-Business phần 3 pps

41 278 0

Đang tải... (xem toàn văn)

Tài liệu hạn chế xem trước, để xem đầy đủ mời bạn chọn Tải xuống

THÔNG TIN TÀI LIỆU

Thông tin cơ bản

Định dạng
Số trang 41
Dung lượng 1,68 MB

Nội dung

3 W i re l ess Secur i ty 69 3.4.3 WWAN S ecur i t y In f rastructure Thi s sect i on ta lk s a b out t h e most use d GSM commun i cat i on system an d t h e cur - rent most popular 3G s y stems. There are man y standards for the 3G s y stems, but we p ick Universal Mobile Telecommun i cations S y stem (UMTS) for its compati- bility with GSM, to better demonstrate how the server assisted security mecha- nism o p erates. T h e S ecur i ty A rc hi tecture W WAN covers a very b roa d serv i ce area i n a hi erarc hi ca l structure cons i st i ng o f many V i s i te d Locat i on Reg i sters ( VLRs ) . W i t h suc h vast amount of VLRs, t h e ir computation and stora g e abilit y are na t urall y limited b y c o s t, causin g it infeasible t o store all the subscriber data, and a more p owerful centralized server is calle d f or, which is HLR/AuC (Home Location Register/ Authentication Center). Fig. 3.16 shows the GSM communication infrastructure and, in general, the Au C wou ld b e attac h e d to a HLR i n a secure env i ronment. Th e Aut h ent i cat i on Center ( AuC ) secure l y stores t h e secret k eys of a ll su b- scribers for later user authentication pu rposes. Other personal information not in- u u volved wi t h a u t he nt ic at io n is s t o r ed o n th e HLR. Bes id es, i t i s assume t h at t h ere i s a secure channel between HLR/AuC and the v isited network for delivering sensi - tive information, such as user authentication i nformation for assisting visited net - w or k prov id ers i n aut h ent i cat i ng t h e user. Th e VLR, w hi c h i s t h e v i s i te d networ k prov id ers, aut h ent i cates t h e user b ase d o n t he i nf o rmat io n ob ta i ne d from HLR / Au C . It i s no d ou b t t h at HLR / Au C i s t h e k e y to successfu lly aut h ent i cate b ot h t h e MS an d t h e VLR. T h e aut h ent i cat i n g ca - p abilit y of the HLR/AuC comes from the ke y share d w ith MS. Based on the knowled g e of this ke y , the correspondin g authenticator can b e de ri ved t o co n v in ce F ig. 3.16 . GSM communication infrastructure GS M A ut h ent i cat i on F ig . 3.17 ill ustrates t h e GSM a ut h ent i cat i on process. T h e c h a ll en g e / response secu- r i t y mec h an i sm i s use d for aut h ent i cat i on i n t h e GSM. Because t h e HLR / AuC s hares a secret ke y Ki with the MS, the HLR/AuC can retrieve the MS’s secret ke y Ki and g enerate a random number RAND to help the VLR verif y the MS locall y when the MS is checking in the visited network. t o t h e VLR t h at t h e MS i s t h e a ll ege d one. T hi s way, t h e user i s approve d to access t h e resources w i t hi n v i s i te d n etwor k w i t h out o b stac l e. 70 Below shows the associated p rocedure. 1 . App l y t h e secret k ey K i an d t h e ran d om RAND to t h e A3 a l gor i t h m to 2. App ly t h e secret k e y K i an d t h e ran d om RAND to t h e A8 a lg or i t h m to com p ute K C = A8(Ki, RAND), where the A8 is also an algorithm known between the HLR/AuC and the MS. F i g. 3.17. GS M aut h ent i cat i on Th e HLR / AuC transm i ts t h e tr i p l et ( RAND, XRES, K C ) to t h e VLR. W i t h t h e u se of the triplet, the procedure f or the VLR to verif y the MS is as follows. 1 . T he VLR sends the RAND as a challen g e to intend the MS to send back an appropr i ate response. 2. U pon receivin g the RAND, the MS computes SRES and K C a s th e s am e a s HLR / AuC’s process, an d t h en sen d s t h e resu l t b ac k to t h e VLR. After rece i v i n g t h e SRES returne d from t h e MS, t h e VLR w ill ver i f y w h et h e r t he responded SRES matches the expected XRES. Because the secret ke y is onl y k nown by t h e HLR / AuC an d t h e MS, t h e VLR can b e conv i nce d t h at t h e MS i s a uthentic onl y if the secret ke y is well-protected and SRES=XRES. Furthermore, to secu r e t he co mm u n ic at io n be t wee n th e MS an d VLR, a sess i on k e y K C c an al so W B. L e e compute XRES = A3(Ki, RAND), where the A3 is an al g orithm known b etween t h e HLR / AuC an d t h e MS. 3 W i re l ess Secur i ty 71 b e d er i ve d an d ver i f i e d i n t h e aut h ent i cat i on process. After t h at , t h e transm i tte d messa g e can be encr y pted and decr y pted b y A5 with the session ke y K C . Bec a use of the secrec y of the session ke y , the confidentialit y between MS and VLR can be g uaranteed. V ulnerabilities T he problems with native GSM security are summarized as follows [3.35, 3.36, 3 .37 ] . 1 . SIM/ME interface: SIM/ME interface of MS lacks p ro p er p rotection an d can be potentiall y exploited t o cause messa g es to be leaked out. However, t he system’s security is yet guarded b y the SIM algorithm. 2 . Attacks on the algorith m A 3/8: In April 1998, Wagner and Goldberg suc - cessfu ll y crac k e d COMP-128 w hi c h ma d e use of A3 / 8. W i t h aroun d 160,000 chosen plaintext attack attempts launched, Ki could be compro- t mi sed. Attacks on the algorithm A5/1: A5/1 has also been found to contain a weak- n ess. Biryukov and Shamir [3 . 38] devised the metho d o f “time-memory trade - off”, w hi c h exp l o i ts connect i ons b etween a l gor i t h m state an d k ey stream sequence to d er i ve Kc. U MT S A ut h ent i cat i on Thi r d g enerat i on ( 3G ) mo bil e p h ones ar e c h aracter i se d by high er rates of d at a transm i ss i on an d a r i c h er ran g e of serv i ces an d Un i versa l Mo bil e Te l ecommun i ca- tions System (UMTS) is one of the new 3G systems. An important characteristic of UMTS is that the new radio access network is connected to an evolution of the GS M core networ k . Th e pr i nc i p l es of UMTS secur i ty are, t h erefore, bu ild on t h e secur i ty of GSM by a d opt i n g t h e secur i t y features from GSM t h at h ave prove d to b e nee d e d an d t h at are ro b ust, an d correct i n g t h e pro bl ems w i t h GSM by a dd ress i n g secur i t y w eaknesses [ 3.35, 3.38 ] . T he new securit y features for UMTS, not addressed in GSM, are listed as fo ll ows. 1 . P r ovide m u t u a l a u t he nt ic at io nan d i nte g r i t y protect i on of cr i t i ca l s ig na lli n g p roce d ures to gi ve g reater protect i on a g a i nst fa l se b ase stat i on attac k s. 2 . 3. Encrypt i on term i nates at t h e ra di o networ k contro ll er. 4. U MTS adopts the same architecture as GSM; embracin g its benefits and re- p lacin g the existin g securit y problems. Like GSM, UMTS also emplo y s a server Establish a cipher ke y and inte g rit y ke y and assure user that cipher / inte g rit y ke y s’ freshness. Ad opt open d es i gn a l gor i t h m s f1 to f9 w i t h l ong e r k ey l engt h ( 128- bi t ) i nstea d of m y ster y A3, A5, an d A8 a lg or i t h ms. 72 ass i ste d secur i ty mo d e l . T h erefore, HLR / AuC i s respons ibl e for oversee i ng i n - with independent MS. For a specific security service the pre-shared master key is used in accompanying with a dedicated algorithm, to generate a corresponding s erv i ce k ey. Because on l y MS an d HLR / AuC h o ld s t h e master k ey, on l y t h ey w ill b e a bl e to generate t h e serv i ce k eys, an d s i nce HLR / AuC w ill su b sequent l y b e- s tow the possession of the service ke y s to the VLR, VLR and MS will be able to l ocall y authenticate each other to initiate the services. 3.5 Summary In t hi s c h apter, we out li ne d var i ous pract i ca l so l ut i ons t h at can b e use d to over- co m e th ose intrin s i c r es tri c ti o ns that ar e inh e r e nt in th e m ob il e dev i ces an d th e w ir e l ess e n v ir o nm e nt t o r e aliz e th e man y securit y requirements. We discussed the wireless equivalent of public key cryptosys t e m; the use of WPKI certificate to re- s olve verification of p ublic key’s ownership. Furthermo r e, we introduced elli p tic curve cryptograp h y, an a l ternate approac h to convent i ona l pu bli c k ey cryptogra- ph y, w hi c h i s su i ta bl e for app li cat i ons un d er resource-constra i ne d con di t i ons. Des p ite so, several p ractical issues concernin g ECC still remain t o be r eso l ved. For instance, findin g an efficientl y wa y to determine an appropriate base poin t G and a suitable elliptic curve is still undergoing more research. And ever since Koblitz demonstrated, in the 2 0 01 EuroCrypto, the e ffectiveness of the Weil Par- i ng property on t h e Super S i ngu l ar E lli pt i c Curve for h an dli ng aut h ent i cat i on p ro bl ems, a dil emma b etween c h oos i ng t h e more secure Non-S i ngu l ar E lli pt i c Curve or the relatively less secure but of fering the Paring property Super Singular f f E lliptic Curve, has emer g ed. Finally, due to the mobility characteristics, mobile devices will invariably face authentication difficulties whe n entering a foreign visited network. With the hel p of t h e server, muc h of t h e aut h ent i cat i on comp li cat i on can b e re li eve d . Additionally, if we want to enjoy the ad vantages of a broader coverage area and d d b etter mo bili t y transm i ss i on performa n ce from b ot h WWAN an d WLAN, t h e i n- teropera bili t y amon g t h ese two h etero g eneous networ k s must b e so l ve d . W i t hi n the sever-assisted model, the role of a server is the answer to this p roblem. O f course, the vulnerabilities inh e r ited from the underlying environments must be a l so carefu ll y eva l uate d to fac ili tate t h e poss ibl e so l ut i on. For t h e t i me b e i ng, t h e top i c of m obil e secur i ty w hil e not o b s truct i ng t h e prac - t i ca l d eman d of eff i c i enc y w ill rema i n as an area of act i ve researc h for man y y ears t o co m e. W B . L e e di v id ua l ’s secur i t y requ i rements: mutua l aut h ent i cat i on, i nte g r i t y , an d anon y- m i t y . T h e wa y to accomp li s h t hi s g oa l i s t h rou gh g uar di n g of a master k e y s h are d All th e co mm u ni c ati o n n e t wo rk s d i scussed in thi s sec ti o n used v ari ous l eve l s of server assistance with the common g oal of achievin g the different securit y mec h an i sms. 3 W i re l ess Secur i t y 7 3 References 1. R. Rivest, A. Shamir and L . Adleman (1978) A me t h od for obtainin g di g ital si g natures and public ke y cr y ptos y st e m s, Communications of the ACM, 21, pp . 120 - 126 . 2. W. Barker ( 1991 ) Introdu c tion to the Analysis of t he Data Encryption Stan - d ar d ( DES ) . Laguna H ill s, C A: Aegean Par k Press. 3. J. Daemen an d V. R ij men ( 2001 ) R ij n d ae l : T h e A d vance d Encrypt i on Stan- d ar d. Dr . D obb s Journal. ’ ’ 4 . Public-Ke y Infrastructure (X.509) PKIX, h t tp://www.ietf.or g /html.charters / p kix-charter.html 5. Internet X.509 Public Key Infrastructure Certificate and CRL Profile, 6 . WPKI, W i re l ess Pu bli c Key Infrastructure Def i n i t i on, WAP Forum, 24 Apr il 2001. 7. Internet X.509 Pu bli c Ke y Infrastructure Cert i f i cate an d CRL Prof il e, 8 . Internet X.509 Public Key Infrastructu r e – On-line Certificate Status Proto- co l - OCSP , IETF RFC 2560 , M. Myers, R. An k ney, A. Ma l pan i , S. Ga l per i n, an d C. A d ams, June 1999. 9. N. Ko bli tz ( 1987 ) E lli pt i c Curve Cr y ptos y stem, Mat h emat i cs of Computa - ti on , 48 , 203-209. 1 0. W. Diffie and M. E. Hellmn ( 1976 ) New Directions in Cr y pto g raph y , IEEE T ransactions on Information Theor y. V. IT-22, n.6, pp . 644-654. 1 1. B. Do d son an d A. Lenstra ( 1995 ) NF S w i t h four l arge pr i mes: an exp l os i ve experiment, Advances in Cryptology-CRYPTO’ 9 5. ’ ’ 1 2. A.M. O dly z k o ( 1995 ) T h e future o f i nte g er factor i zat i on, Cr y ptoB y tes, l( 2 ) . 1 3. IEEE P1363, Stan d ar d Spec i f i cat i ons for Pu bli c Ke y Cr y pto g rap hy , b a ll o t draft, 1999. Drafts available at http:// g rouper.ieee.or g / g roups/1363 / i n de x . html . 1 4. ISO / IEC 14888-3 , Informat i on Tec hn o l ogy - Secur i ty Tec h n i ques - D i g i ta l S i gnatures w i t h Appen di x - Part 3: Cert i f i cate Base d - Mec h an i sm , 1998. 1 5. ANSI X9.62, Pu bli c Ke y Cr y pto g rap hy for t h e F i nanc i a l Serv i ces In d ustr y : Th e E lli pt i c Curve D igi ta l S ig n a t ure A lg or i t h m ( ECDSA ) , 1999. 1 6. ANSI X9.63, Public Ke y Cr y pto g raph y for the Financial Services Industr y : E lliptic Curve Ke y A g reement and Ke y Transport Protocols, workin g draft, August 1999. 1 7. National Institute of Standards a nd Technology, Digital Signature Standard, FIPS Pu bli cat i on 186-2 , Fe b ruar y 2000. Ava il a bl e at h ttp: // cstc.n i st. g ov / f i ps. 1 8. WAP W i re l ess Transport La y er Secur i t y Spec i f i cat i on, WAP Forum, 5 No- vember 1 999 . 1 9. P.L. Mont g omer y (1985) Modular Multiplication without trial division, Mathematics of Com p utati o n, 44 , pp . 5 19 -5 21 . R. Housle y , et al., Januar y 1999. R. Hous l ey, et a l ., January 1999. 7 4 W B . L e e 20. Menezes, T. O k amoto an d S. Vanstone ( 1993 ) Re d uc i n g e lli pt i c curve l o g a - rithms to lo g arithms in a finite field, IEEE Tran s a c ti o n s o n Inf o rmati o n T heor y , 39, pp . 1639-1646. 21. S emaev ( 1998 ) Evalu a tion of discrete logarithms in a g roup of p-torsio n p oints of an elli p tic curve in c h a racteristic p , Mathematics of Com p utation, 6 7, pp. 3 5 3 - 3 5 6 . 22. N. Smart ( 1999 ) T h e d i screte l o g ar i t h m pro bl e m on e lli pt i c curves of trace one, Journal of Cr y ptolo gy , 12, pp. 193-196. 23 . T . Satoh and K. Araki ( 1998 ) Fermat q uotients and the po l y nomial time dis- crete log algorithm for anomalous elli p tic curves, Comme n t arii Mathematici Universitatis Sancti Pauli , 4 7, pp . 81 - 92 . 24. D. S h an k s ( 1971 ) C l ass num b er, a t h eor y of factor i zat i on an d g enera. In 19 6 9 Num b er T h eor y Inst i tute ( Proc. S y mpos. Pure Mat h . , Vo l . XX , State Univ. New York, Ston y Brook, N y . 196 9 ), pp . 415-440. Amer. Math. Soc., Providence, RI. 2 5 . C erticom ECC Challenge, Novemb e r 1997, htt p ://www.certicom.com. 26. T om Karygiannis and Les Owens ( 2002) Wireless Network Security: 802.11 , B l uetoot h an d Han dh e ld Dev i ces, NIST Spec i a l Pu bli cat i on 800- 48 . 2 7. IEEE P802.11i/D10.0 (2004) Medium Access Control (MAC) Securit y En - hancements, Amendment 6 to IEEE Standard for Information technolo gy – T elecommunications and information ex c h ange between systems – Local and metro p olitan area netw o rks – S p ecific re q uirements – Part 11: Wireless Me di um Access Contro l ( MAC ) an d P h ys i ca l Layer ( PHY ) Spec i f i cat i ons. 28. L . B l un k an d J. Vo llb rec h t ( 1998 ) PPP Ext e ns ibl e Aut h ent i cat i on Protoco l (EAP), IETF RFC 2284. 2 9. W ireless LAN Securit y White Paper, Cisco S y stems, http://www.cisco. com/war p / p ublic/cc/ p d/witc/ao1 2 00ap/prodlit/wswpf_wp.pdf. 30 . H. Andersson, S. Josefsson, G. Z orn, D. Simon, and A. Palekar (2002) Pro- Z Z t ecte d EAP Protoco l ( PEAP ) , IETF. 31. B. A b o b a an d D. S i mon ( 1999 ) P P P EAP TLS Aut h ent i cat i on Protoco l, IETF RF C 2716. 32 . C . He an d J.C. M i tc h e ll ( 200 4 ) Ana ly s i s of t h e 802 . 1 1 i 4-Wa y Han d s h a k e, Proceedings of the 2004 ACM workshop on Wireless security, pp. 43-50. 33 . C . He and J.C. Mitchell, Security Analysis and Improvements for IEEE 802.11 i, h ttp: // www. i soc.org /i soc / conferences / n d ss / 05 / procee din g s / papers / NDSS05 - 1107. p df, 2005. 34 . Dictionar y Attack on Cisco LEAP Vulnera b ilit y , Reversion 2.1, Cisco S y s - tems, http://www.cisco.com/war p/public/707/cisco-s r r n-20030802-lea p . p df. 35 . P.S. Pagliusi (2002) A Contemporary Foreword on GSM Security, Proceed - i ngs of t h e Internat i ona l Conference on Infrastructure Secur i ty, LNCS No. 243 7, pp. 12 9-144, Spr i nger-Ver l ag. 3 Wireless Securit y 7 5 36. K. Boman, G. Horn, P. Howar d an d V. N i em i ( 2002 ) UMTS Secur i t y , E l ec - tron i cs & Commun i cat i on En gi neer i n g Journa l , 14 ( 5 ) , pp. 191-204. 37. G.M. Koien (2004) An Introduction to Access Security in UMTS, IEEE W i re l ess Commun i cat i on, 11 ( 1 ) , pp. 8-18. 38. B i ryu k ov, A. S h am i r, an d D. Wagner ( 2002 ) Rea l T i me Cryptana l ys i s of A5/1 on a PC, in FSE 2000, LNCS No. 1978, S p . 4 Wireless Application Protocol W . Kou I SN National Ke y Laborator y , Xidian Universit y , P.R. China 4.1 Introduction T he wireless a pp lication pr otocol ( WAP ) is a suite of emerging standards to en- able mobile Internet a pp lications. The WAP standards have been created as a re - s ult of the WAP Forum that was formed i n June 1997 by Ericsson, Motorola, an d Nokia. The WAP Forum is designed to assist the convergence of t two fast-grow i ng networ k tec h no l og i es, name l y, w i re l ess commun i cat i ons an d t h e Internet. T h e convergence i s b ase d on rap idl y i ncreas i ng n um b ers of mo bil e p h one users an d t h e d ramati c e ff ec t o f e - bus in ess ove r th e In te rn e t . Th e co m b inati o n o f th ese t wo technolo g ies will have a bi g impact on current e-business practice, and it will create hu g e market potential. In this cha p ter, a detailed intr o duction to WAP is p rese n ted, including the appli- cation environment and various protocols. The security aspect in the present Inter- net env i ronment i s d ea l t w i t h i n S ect. 4.3. 4.2 Wireless Application Protocol 4.2.1 Overv i ew T he WAP standards consist of a varie t y of architecture components, including an tt app li cat i on env i ronment, scr i pt i ng an d ma rk up l anguages, networ k protoco l s, an d s ecur i ty features. T h ese components an d features t oget h er d ef i ne h ow w i re l ess d ata h an d sets commun i cate over t h e w i re l ess networ k, an d h ow content an d ser - vices are delivered. With the WAP standards, a wireless data handset can establish a connection to a WAP-com p liant wireless infrastructure, re q uest and receive the content and services, and p resent them to t h e end user. This WAP-com p liant wire - l ess infrastructure may include the han d s et, the server side infrastructure, such as the proxy server (WAP gateway), t h e Web server, the a pp lication server, and the network operator (telecommunication company). The WAP architecture is shown i n F i g. 4.1. T he WAP architecture can also be p resented throu g h t h e WAP p rotocol stack shown in Fi g . 4.2. The WAP protocol stack covers the complete picture fro m 4 Wireless A pp lication Protocol 77 Fi g. 4. 2 . T h e WAP p rotoco l stac k b earers to app li cat i ons. T h e b earers are t h e var i ous w i re l ess networ k s t h at W AP c urrent ly supports. T h e transport l a y er i s an i nterface common to t h e un d er lyi n g w ireless network, and it provides a constant service to the upper la y ers in the W AP stack, such that the bearer services are transparent to the upper la y ers. In o t h er wor d s, w i t h t h e transport l ayer, t h e spec i f i c networ k c h aracter i st i cs can b e m as k e d . T h e secur i ty l ayer prov id es secur i ty for t h e transport l ayer, b ase d on t h e thi n c li ents. T h e sess i on l ayer prov id es th e app li cat i on l ayer w i t h t h e capa bili ty to select connection-oriented or connectionless services. The application la y er deals wi t h a genera l -purpose env i ronment for a ppli cat i ons. T h e WAP protoco l s i n F i g. 4.2 i nc l u de w i re l ess a ppli cat i on env i ronmen t (WAE), wireless session p rotocol (WSP), wireless transaction p rotocol (WTP), i n d ustry stan d ar d protoco l an d t h e tr a nsport l ayer secur i ty ( TLS ) protoco l . T h e tran- saction la y er provides a li g htwei g ht transa c t ion-oriented p rotocol for mobile 78 W . Kou w i re l ess transport l ayer secur i ty ( WTLS ) ,an d w i re l ess d atagram protoco l ( WDP ) . In Sects. 4.2.2–4.2.6, we discuss these p rotocols with s p ecial focus on WAE. 4.2.2 Wireless A pp lication Environment W AE cons i sts of a set of stan d ar d s t h at co ll ect i ve ly d ef i ne a g roup of formats fo r w i re l ess app li cat i ons an d d own l oa d a bl e content. WAE spec i f i es an app li cat i on f ramework for wireless devices, such as c ellular phones, pagers, and PDAs. WAE has two logical layers, namely, user-agent layer and format-and-service layer. The components of the user-agent layer in c lude browsers, phone books, message edi- tors, an d ot h er i tems on t h e user d ev i ce s id e, suc h as w i re l ess te l ep h ony app li cat i on ( WTA ) agent. T h e components of t h e format-an d -serv i ce l ayer i nc l u d e common el ements an d formats access ibl e to t h e user agents, suc h as WML, WMLScr i pt, an d WAP bi nar y XML content format ( WBXML ) . A WAP m i cro b rowser h as t h e fo ll ow i n g capa bili t i es: • Submission of re q uests to the server • Rece p tion of res p onses from the server • Conversion of and p arse the data • Interpretat i on from WML an d WMLScr i pt f il es • A bili t y to i nteract w i t h th e appropr i ate WAP l a y er • L oca l cac h e an d var i a bl e mana g emen t • W ireless session p r o tocol processin g • E ffective management of local hardware resources, such as RAM, ROM, s ma ll screen, an d i nput an d output W i re l ess Mar k up Language Wi re l ess mar k up l anguage ( WML ) i s a l anguage b ase d on t h e extens ibl e mar k up l anguage ( XML ) . WML i s opt i m i ze d for sma ll screens an d li m i te d memory capac- ity, and for content intended for light weight, wireless devices such as mobile t t ph ones an d persona l digi ta l ass i stants ( PDAs ) . A WML d ocument i s ca ll e d d ec k . A pa g e of a WML d ocument i s ca ll e d car d . A dec k co n s i s t s o f o n e or mo r e c ar ds. Ea c h deck is identified b y an individual URL address, similar to an HTML pa g e. A WML deck requires a browser tha t w ill f o rmat th e dec k f o r t h e be n e fit o f th e use r . Th e b r owse r de t e rmin es th e final sh ape of t h e d ec k . Somet i mes, peop l e use th e ana l ogy of HTML to exp l a i n WML. In t h e ana l ogy, a WML d ec k correspon d s to an HTML page. However, t h ere are di fferences b etween a WML d ec k an d an HTML page. W hil e eac h HTML f il e i s a si n gl e v i ewa bl e pa g e, a WML d ec k ma y c onta i n mu l t i p l e car d s, eac h of w hi c h i s a s eparate v i ewa bl e ent i t y . WML f il es are store d as stat i c text f il es on a server. Dur - i n g the transmission fr o m the server to the browser, the WML files are encoded in b inar y format b y the wireless connection g atewa y an d th e n se nt t o th e b r owse r . T his is also different from HTML, where there is no need for such an encodin g p rocess. [...]... available mobile devices to perform the computation of public-key encryption is ongoing For example, elliptic curve cryptography (ECC) requires far fewer resources y and it looks very promising for wide deployment to CPU-starved wireless devices 4.4 Summary The convergence of wireless technologies and the e-business over the Internet has led to emerging and fast growth of wireless e-business, including mobile... a result, wireless e-business has attracted increasing attention of academic researchers and business leaders Being able to conduct e-business anywhere and anytime is becoming a reality However, because of the limitations that wireless has, conducting e-business in the wireless world is more difficult than in the wired world Understanding the wireless application protocol that the wireless e-business. .. control and information exchange The ISO 18000 series of standards comprise: f • Part 1: definition of parameters to be standardized Part 2: parameters for air interface communications below 135 kHz • • Part 3: parameters for air interface communications at 13. 56 MHz • Part 4: parameters for air interface communications at 2.45 GHz • Part 6: parameters for air interface communications at 860– 930 MHz • Part... parameters for active air interface communications at 433 MHz 104 D Kou et al Besides ISO 18000, several other standards are listed here: • Supply chain and parcel tracking: ISO 156 93/ ISO 18000 • Libraries and inventory management: ISO 156 93/ ISO 144 43/ ISO 18000 • Smart passports and visas: ISO 144 43/ ISO 18000 • Airport baggage tags: ISO 156 93 (UHF version)/ISO 18000 • Smart cards and envelopes: ISO 144 43/ ISO... storage for wireless telephony applications 3 Event handling This deals with incoming-call and call-connected events to be delivered to a wireless telephony application for processing, which may also invoke WMLScript library interfaces to initiate and control telephony operations Wireless telephony supports in WAP make WAP suitable for creating mobile applications through voice services The compact form,... structure • TC104 (for freight containers) • TC204 (for road informatics) • TC122 (for packaging) The ISO has proposed ISO 18000 for standardizing the air interface protocol, the specifications for allowing readers to communicate with tags According to m [9], ISO 18000 does not specify criteria related to data content or the physical implementation of the tags and readers ISO/IEC 18000 – RFID for Item Management... Management The ISO/IEC 18000 standard has been developed by ISO/IEC SC31 WG4, Radio Frequency Identification for Item Management The aim is to provide parameter definitions for communications protocols within a common framework for internationally useable frequencies for RFID The standard tries to determine the use of the same protocols for all frequencies such that the problems of migrating from one to... from the Ministry of Education of China References 1 2 WAP http://www.ini.cmu.edu/netbil Wireless Application Protocol Forum Ltd (1999) Official Wireless Application Protocol Wiley, New York 88 3 4 5 6 7 8 9 10 W Kou S Mann, S Sbihli (2000) The Wireless Application Protocol Wiley, New York S Singhal, et al (2001) The Wireless Application Protocol AddisonWesley, New York J Schiller (2000) Mobile Communications... important for developing and deploying wireless e-business In this chapter, our discussion was focused on wireless application protocol and related wireless security 4.5 Appendix 4.5.1 Overview of the Transport Layer Security The transport layer security (TLS) [10] is a protocol that provides privacy and data integrity between two communicating applications The TLS is application protocol 4 Wireless. .. be in the clear form at the WAP gateway Then, an SSL session will be established between the WAP gateway and the Web server for securely transmitting the credit card number over the Internet This means that there is no end-to-end security protection for the wireless transactions since there is a potential security hole in the WAP gateway Second, the CCITT X509 certificate is too large for the mobile . be g uaranteed. V ulnerabilities T he problems with native GSM security are summarized as follows [3. 35, 3. 36, 3 .37 ] . 1 . SIM/ME interface: SIM/ME interface of MS lacks p ro p er p rotection an d . l( 2 ) . 1 3. IEEE P 136 3, Stan d ar d Spec i f i cat i ons for Pu bli c Ke y Cr y pto g rap hy , b a ll o t draft, 1999. Drafts available at http:// g rouper.ieee.or g / g roups/ 136 3 / i n de x . html . . pro bl ems w i t h GSM by a dd ress i n g secur i t y w eaknesses [ 3. 35, 3. 38 ] . T he new securit y features for UMTS, not addressed in GSM, are listed as fo ll ows. 1 . P r ovide m u t u a l

Ngày đăng: 07/08/2014, 21:20

Nguồn tham khảo

Tài liệu tham khảo Loại Chi tiết
1. K. Finkenzeller (2003) RFID-Handbook, “Fundamentals and Applications in Contact less Smart Cards and Identification,” 2nd edition, Wiley Sách, tạp chí
Tiêu đề: Fundamentals and Applicationsin Contact less Smart Cards and Identification
12. M. Feldhofer (2004), “A Proposal for an Authentication Protocol in a Secu- rity Layer for RFID Smart Tags,” In IEEE Proceedings of MELECON 2004, Vol. 2, pp. 759–762, ISBN 0-7803-8271-4, Dubronvnik, Croatia, 12–15 May 2004 Sách, tạp chí
Tiêu đề: A Proposal for an Authentication Protocol in a Secu-rity Layer for RFID Smart Tags
Tác giả: M. Feldhofer
Năm: 2004
7. L. Geldner, P. NowiĔski (2003), RFID Reader/Writer 8. http://www.idtechex.com/products/en/articles/00000161.asp Link
10. IBM (2005) WebSphere RFID Premises Server, http://www-306.ibm. com/software/pervasive/ws_rfid_premises_server/ Link
2. S.A. Weis (2003) Security and Privacy in Radio-Frequency Identification Devices Khác
4. C. Kern (1999) RFID-Technology – Recent Development and Future Re- quirements. Proceedings of the European Conference on Circuit Theory and Design ECCTD99, 30.08.–02.09.1999, Vol. 1, pp. 25–28, Stresa, Italy Khác
6. S. Leaver (2004) Evaluating RFID Middleware, Forrester Khác
11. A. Koelle, S. Depp, J. Landt, R. Bobbett (1976), Short-Range Passive Telemetry by Modulated Backscatter of Incident CW RF Carrier Beams.Biotelemetry, 3:337–340, 1976 Khác

Xem thêm

TÀI LIỆU CÙNG NGƯỜI DÙNG

TÀI LIỆU LIÊN QUAN