{"title":"移动通信中的WAP协作和安全问题","authors":"A. Swamy, D. Reddy","doi":"10.1109/CTS.2007.4621776","DOIUrl":null,"url":null,"abstract":"The World Wide Web (WWW) has enjoyed phenomenal growth over recent years. It has been widely embraced as a standard infrastructure over which a variety of applications can be deployed. We are witnessing a growing number of professionals relying upon the Internet to perform their work. Collaboration tools enable teams of workers in disparate locations to work together using a variety of approaches. A similar revolution to that of the WWW is taking place within the mobile telecommunications domain, with a burgeoning requirement for wireless Internet access, via the wireless application protocol (WAP). The wireless application protocol (WAP) has been proposed as a way to get Internet (or a sort of Internet) to the small wireless and mobile devices, e.g. mobile phones, while accommodating for the special characteristics of such devices. Originally, WAP was designed with a gateway in the middle, acting as the interpreter between the Internet protocol stack and the wireless application protocol stack. The WAP gateway forwards web content to the mobile phone in a way intended to accommodate the limited bandwidth of the mobile network and the mobile phonepsilas limited processing capability. However, the gateway introduces a security hole, which renders WAP unsuitable for any security-sensitive services. Through a set of standard releases, primarily version 1.2.1 (June 2000) and version 2.0 (July2001), security issues have been addressed. This paper presents a framework that enables two or more mobile users to collaborate and exchange messages using mobile devices. The system is described provides on-line multi-user collaboration service based on the IRC (Internet relay chat) protocol, transmitted via WAP that offers a WML interface and We also discuss the security hole and the gateway-based design that has led to it, including the business and architectural considerations underlying the design. A number of ways to correct the situation are discussed, including application level security, which still hasnpsilat been fixed in the WAP 2.0 standard of the July 2001 release. Finally we observe, that although version 2.0 allows skipping the gateway thereby tightening security, the added cost is not negligible.","PeriodicalId":363805,"journal":{"name":"2007 International Symposium on Collaborative Technologies and Systems","volume":"338 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2007-05-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"WAP collaboration and security issues in mobile communication\",\"authors\":\"A. Swamy, D. Reddy\",\"doi\":\"10.1109/CTS.2007.4621776\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The World Wide Web (WWW) has enjoyed phenomenal growth over recent years. It has been widely embraced as a standard infrastructure over which a variety of applications can be deployed. We are witnessing a growing number of professionals relying upon the Internet to perform their work. Collaboration tools enable teams of workers in disparate locations to work together using a variety of approaches. A similar revolution to that of the WWW is taking place within the mobile telecommunications domain, with a burgeoning requirement for wireless Internet access, via the wireless application protocol (WAP). The wireless application protocol (WAP) has been proposed as a way to get Internet (or a sort of Internet) to the small wireless and mobile devices, e.g. mobile phones, while accommodating for the special characteristics of such devices. Originally, WAP was designed with a gateway in the middle, acting as the interpreter between the Internet protocol stack and the wireless application protocol stack. The WAP gateway forwards web content to the mobile phone in a way intended to accommodate the limited bandwidth of the mobile network and the mobile phonepsilas limited processing capability. However, the gateway introduces a security hole, which renders WAP unsuitable for any security-sensitive services. Through a set of standard releases, primarily version 1.2.1 (June 2000) and version 2.0 (July2001), security issues have been addressed. This paper presents a framework that enables two or more mobile users to collaborate and exchange messages using mobile devices. The system is described provides on-line multi-user collaboration service based on the IRC (Internet relay chat) protocol, transmitted via WAP that offers a WML interface and We also discuss the security hole and the gateway-based design that has led to it, including the business and architectural considerations underlying the design. A number of ways to correct the situation are discussed, including application level security, which still hasnpsilat been fixed in the WAP 2.0 standard of the July 2001 release. Finally we observe, that although version 2.0 allows skipping the gateway thereby tightening security, the added cost is not negligible.\",\"PeriodicalId\":363805,\"journal\":{\"name\":\"2007 International Symposium on Collaborative Technologies and Systems\",\"volume\":\"338 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2007-05-25\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2007 International Symposium on Collaborative Technologies and Systems\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CTS.2007.4621776\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2007 International Symposium on Collaborative Technologies and Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CTS.2007.4621776","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
WAP collaboration and security issues in mobile communication
The World Wide Web (WWW) has enjoyed phenomenal growth over recent years. It has been widely embraced as a standard infrastructure over which a variety of applications can be deployed. We are witnessing a growing number of professionals relying upon the Internet to perform their work. Collaboration tools enable teams of workers in disparate locations to work together using a variety of approaches. A similar revolution to that of the WWW is taking place within the mobile telecommunications domain, with a burgeoning requirement for wireless Internet access, via the wireless application protocol (WAP). The wireless application protocol (WAP) has been proposed as a way to get Internet (or a sort of Internet) to the small wireless and mobile devices, e.g. mobile phones, while accommodating for the special characteristics of such devices. Originally, WAP was designed with a gateway in the middle, acting as the interpreter between the Internet protocol stack and the wireless application protocol stack. The WAP gateway forwards web content to the mobile phone in a way intended to accommodate the limited bandwidth of the mobile network and the mobile phonepsilas limited processing capability. However, the gateway introduces a security hole, which renders WAP unsuitable for any security-sensitive services. Through a set of standard releases, primarily version 1.2.1 (June 2000) and version 2.0 (July2001), security issues have been addressed. This paper presents a framework that enables two or more mobile users to collaborate and exchange messages using mobile devices. The system is described provides on-line multi-user collaboration service based on the IRC (Internet relay chat) protocol, transmitted via WAP that offers a WML interface and We also discuss the security hole and the gateway-based design that has led to it, including the business and architectural considerations underlying the design. A number of ways to correct the situation are discussed, including application level security, which still hasnpsilat been fixed in the WAP 2.0 standard of the July 2001 release. Finally we observe, that although version 2.0 allows skipping the gateway thereby tightening security, the added cost is not negligible.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
