Wireless Transport Layer Security

The purpose of wireless transport layer security (WTLS) is to provide transport layer security between a WAP client and the WAP Gateway/Proxy. WTLS is a security protocol based on the industry standard transport layer security (TLS) protocol with new features such as datagram support, optimized handshake, and dynamic key refreshing. The WTLS layer is modular and depends on the required security level of the given application, or characteristics of the underlying network, whether it is used or not. WTLS is optional and can be used with both the connectionless and the connection mode WAP stack confi guration. In addition, WTLS provides an interface for managing secure connections. The primary goal of WTLS is to provide the following features between two communicating applications:

● Data integrity: WTLS contains facilities to ensure that data sent between the terminal and an application server are unchanged and not corrupted.

● Privacy: WTLS contains facilities to ensure that data transmitted between the terminal and an application server is private and cannot be understood by any intermediate parties that may have intercepted the data stream.

● Authentication: WTLS contains facilities to establish the authenticity of the terminal and application server.

● Denial-of-service protection: WTLS contains facilities for detecting and rejecting data that are replayed or not successfully verifi ed. WTLS makes many typical denialof service attacks harder to accomplish and protects the upper protocol layers.

WTLS protocol is optimized for low-bandwidth bearer networks with relatively long latency. These features make it possible to certify that the sent data have not been manipulated by a third party, that privacy is guaranteed, that an author of a message can be identified, and that both parties cannot falsely deny having sent their messages.

Source of Information : Elsevier Wireless Networking Complete

Wireless Transport Layer Security