Wireless transport layer security and protocols

Wireless Transport Layer Security and Wireless Protocols

Wireless Transport Layer Security -- WTLS technology is a protocol used for secure communications and transaction over the wireless net work. It is being implemented on a large scale. The applications of this technology can be found in WAP servers, browsers, internet hosts and e-commerce. The protocol also issues digital certificates for the users which can be used to identify individual users and authenticate the electronic transaction. This technology also enables the identification of mobile phones and radio-based communication devices which enable the spread and reach of e-commerce and secure payment and banking transactions. (Macphee, 2001)

Wireless network have now become widespread. However the wireless local area networks -- LANs are not secure enough to prevent hacking. The weakness of the system with many ways of intrusion has necessitated the creation of protocols that can identify the user and protect the system against intruders and unauthorized users who may use the band with illegally and also steal identities and commit offenses on the wireless network. The wireless LAN technology is varied with the type of need. To create uniformity in the standards, the 802.11 set of standards is ideal to use with most networks including the Ethernet networks. Recently the Bluetooth and Infrared protocols have been introduced and it offers very short-range connectivity services and these systems are known as wireless personal area networks or WPAN. (Andress, 2003)

We know that Wireless local area networks which enable e-commerce but are vulnerable at having information hacked into. For the security of e-commerce applications Wireless Transport Layer security -- WTLS is used. This is the standard layer security which evolved into the SSL or Secure socket layer. (Nichols; Lekkas, 2002) the important factor to consider while selecting a protocol is to see which layer needs security. The link layer, network layer and the transport layer are the security requiring layers. 801X can be used for all the three and the security requirements vary from users and applications. In some instances IPSEC authentication methods and encryption for level 2 is a must. (Gast, 2005)

Wireless LAN is finding increasing applications in all aspects of human life. Wireless LANs help access network without cables and wires hence are attractive to people requiring mobility. It is also used in-house in business establishments and shop floors. The improvement in communication and efficiency has made it the most sought after medium. To enterprises it provides cost benefits and helps reach unreachable areas. Therefore in future this technology will expand, and the needs for a secure computing and transaction protocol will vary and increase with the use the technology is put to. (Nichols; Lekkas, 2002) the protocols consist of multiple security layers which have encryption capabilities. The Wireless Application Protocol -- WAP has the system called the WTLS - Wireless Transport Layer Security. The security for the layers is based on three important features, a) the encryption modes, b) the checking for data integrity and c) the authentication procedures. There must be supporting hardware to go with this system at both the server end and the terminal end. (Sklavos; Kitsos; Papadopoulos; Koufopavlou, 2006)

Security threats come in many forms. Cell phones can be jammed or blocked, data theft, overhearing and criminal use of information obtained by the interception, and surveillance adopted by agencies all make the wireless system vulnerable. The most important layer security threats today is for cell phones, which the user himself or herself uses in such a manner that vital information is given away by their conversations. Some of the important systems in use to prevent intrusions are cryptography and digital certification and authentication. (Nichols; Lekkas, 2002) Some later technology has made some of the security requirement feasible. One is the use of distributed systems which rely on short-range waves. In wireless networks, the fixed rely schemes like 'amplify-and-forward and decode-and-forward' are used. It is possible to provide, using distributed antennas, "powerful benefits of space diversity without need for physical arrays and needs." (Laneman; Tse; Wornell, 2004)

Security features today include the SSL or secured layer protocol, and the PPL or point to point protocol but for wireless applications like Bluetooth and the cell applications, new systems have evolved for creating security. SSL is an encryption protocol one can find in most browsers. The later security protocols that have recently made an entry include WiMAX, which is fast replacing SSL protocols on the internet and communication networking. The need for the security and foolproof access methods is evident when we consider transactions between the client and a bank which require encryption, authentication and security all in the same time. The mobile networks are not considered to enable facilities for end to end security and therefore the WTLS is designed to provide better security through a multiple dynamic key refreshing and optimized handshake, refreshing allows updating of the key regularly thus ensuring authentication. (Searchmobilecomputing.com, n. d.)

Wireless Protocols

The protocol can be defined as a set of details that lays down the methods of communication between devices. The set of communication protocol that is used on the internet for example is called the TCP/IP. This is a collection of many smaller protocols with unique functions, like security encryption, authentication or data transfer. The use of the protocol is dependent on the end to which the communication layer is subject to. The most important and widely used protocol is the 802.11b. (Paukkunen, 1999) Some standards like the blue tooth are new, the wireless field is exploding and new and better protocols based on application requirements are being released day by day. Mobile protocols are constantly evolving and the history of the subject goes back from the time distributed computing came in vogue. The third generation wireless protocol commonly known as 3G is used in mobile wireless and is operational in any part of the earth and is found in the cell phones, and can be used in any instrument that is portable.

When the 3G system was evolving, the use of the broad band for telephony and internet caused the evolution of the 4G or fourth generation wireless and this protocol comprise of the WiMAX and Wi-Fi. One of the greater advances in this system is the wireless broad band. (Searchmobilecomputing.com, 2007) the CDMA or Code-division multiple accesses allows multiple signals in a single channel, it uses analog to digital conversion. It is used in UHF cellular phones. The CDMA is a protocol being formulated by 'International Telecommunication Union - ITU'. (Searchmobilecomputing.com, 2007) the CDMA dispatches attain a speed of Mbps. The Frequency division multiple access has 30 channels, and the feature is that this FDMA allots one channel to a single user at a time. The other type is the generic access which can accommodate Wi-Fi, GSM and other network systems. Many other systems exist like Universal mobile telecommunications service, or the broad band, WCDMAWideband code-division multiple access and of course WiMAX or the latest Worldwide Interoperability for Microwave Access that is advanced to IEEE 802.16 standards both for broadband wireless service and the general networks. (Searchmobilecomputing.com, 2007)

Wireless Application Protocol -- WAP is considered to be the protocol which is used to bridge the gap between the internet, mobile and intranets that use a wireless access mode. It is a global standard and was founded by a group of companies that included "Ericsson, Nokia, Motorola, and Unwired Planet founded the WAP Forum in the summer of 1997 with the initial purpose of defining an industry-wide specification for developing applications over wireless communications networks." (International Engineering Consortium, n. d.) This specification consists of a number of protocols that can be divided into the major categories of "application, session, transaction, security, and transport layers" (International Engineering Consortium, n. d.)

The WAP environment -- WAE facilitated the creation and extension of the browsers, internet, broadband and e-mail and other applications to the wireless services by initiation of suited protocols for these devices. Most devises in the wireless arena are WAP-based devices. To the recent protocols have usability with the 802.11 set of standards recently the Bluetooth and Infrared protocols have been introduced and it offers very short-range connectivity services and these systems are known as wireless personal area networks or WPAN. Blue tooth protocols have limited range operability and are vulnerable to hacking and intrusion within the range of service, and will have to have separate authentication systems for the end terminal nodes. (Andress, 2003)