Sony Ericsson P802 manual Browser Security, World Wide Web, WAP Security, Certificates

Page 43

For Internal Use Only

P800 Smartphone

 

White Paper, May 2002

Browser Security

World Wide Web

The P800 supports the TLS/SSL to provide a secure encrypted link between the browser and the website. This method is commonly used for secure transactions on the WWW.

WAP Security

When using certain WAP services the user may want a secure connection between the phone and the WAP gateway, for example when using banking services. An icon in the display indicates when a secure connection is used. The P800 is based on the WAP 2.0 specifications where security functionality is specified with a technology called Wireless Transport Layer Security (WTLS).

The WAP protocols that handle the connection, its transport and its security are structured in protocol layers. The security is handled by the WTLS layer operating above the transport protocol layer. There are 3 WTLS classes that define the levels of security for a WTLS connection:

WTLS class 1 involves encryption with no authentication.

WTLS class 2 involves encryption with server authentication.

WTLS class 3 involves encryption with both server and client authentication

Server authentication

Requires a server certificate stored at the server side and a root

 

certificate stored at the client side.

Client authentication

Requires a client certificate stored at the client side and a trusted

 

certificate stored at the server side.

A Wireless Identity Module (WIM) can contain both trusted and client certificates, private keys and algorithms needed for WTLS handshaking, encryption/decryption and signature generation. The WIM module can be placed on a SIM card and will then be referred to as a SWIM card.

Certificates

To use secure connections, the user needs to have certificates saved in the phone. There are two types of certificates:

Certificate authority

A certificate used to verify that a WAP site is genuine. If the phone

 

has a stored certificate of a certain type, it means the user can trust

 

all WAP gateways which present a certificate that can be verified by

 

the trusted certificate. Certificates can be preinstalled in the phone,

 

pre-installed in the SWIM, or downloaded from the trusted supplier’s

 

WAP page.

User certificate

A personal certificate that verifies the user’s identity. A bank that the

 

user has a contract with may issue this kind of certificate. User

 

certificates can be pre-installed in the SWIM card.

43

Page 42 Page 44
Image 43
Page 42 Page 44
Contents P800/P802 Smartphone Preface Model Markets CharacteristicsContents Receiving a multimedia message on other terminals Gprs Maximum Data Rates kbps Hscsd Maximum Data Rates kbps For Internal Use Only P800 Standard Version and P802 Chinese Version P800/802 Smartphone OverviewP800 Standard Version P800c/P802 Chinese version General Features and Specification SummaryIntegrated Browser AccessoriesP800 Controls and Operation P800 ConnectorsFlip Closed FC mode Flip Open FO mode Flip Removed Application MMI Outline Status Bar User Storage Phone Phone and PIM ApplicationsFor Internal Use Only Contacts Tasks CalendarClock, Voice Memo and Calculator JotterBuilt-In CommuniCam ImagingImage Viewer Using ImagesVideo Playback and Streaming 3GPP PSS Packet Switched Streaming StandardMPEG-4 Standard User scenarios ApplicationsStandards, architecture and protocol Locally Stored Clips P800 Video PlayerStreaming Support in the P800 Sounds and melodies EMS Enhanced Messaging ServiceMessaging EMS more than just wordsNew possibilities with messaging Examples of EMS contents and applicationsFor Internal Use Only EMS in the P800 Benefits MMS Multimedia Messaging ServiceMMS objects Pictures Smil presentationsText AudioNotification TemplatesInteroperability and Conformance Standard Media Confor Render Type Media Object SummaryComposing a multimedia message Receiving a multimedia message on other terminals Receiving a multimedia messageMessage conversion MMS technical featuresMail OTA configurationArchitecture Services Browser, M-Services and MeTMeT Mobile electronic Transactions MeT Example P800 Browser Content Types SupportedBrowser MMI Certificates Browser SecurityWorld Wide Web WAP SecurityWIM Locks PIN Codes Push ServicesService Indication SI Service Loading SLOpen Environment Symbian OS Operating SystemPersonalJavaTM JavaSandbox J2ME CLDC/MIDPSony Ericsson Basic Developer Support Developer SupportSecurity Sony Ericsson Advanced Developer SupportScreen Saver CustomisationUser Customisation Wallpaper and Application ShortcutsOther Audio Customisation Over-The-Air OTA CustomisationPicture Phone Book RingtonesFactory Customisation Sony Ericsson WAP ConfiguratorBenefits of Bluetooth wireless technology in the P800 BluetoothTM Wireless TechnologyMobile Devices Bluetooth Usage Cases with the P800Bluetooth Headset Laptop PC / PDASyncML An Open Standard for Synchronisation What is SyncML?Designed for the requirements of the wireless world Synchronization & Data TransferApplication Remote Local Which information can be synchronized?Remote Synchronisation Bluetooth, Infrared or CableLocal Synchronisation Compatibility Backup and RestoreAutomatic synchronization Intelligent processApplication Data Type Bearer BluetoothObject Exchange ‘Send As’ MailGPRS, Hscsd and CSD Connections Using the P800 as a ModemFor Internal Use Only Technical Explanation of CSD, Hscsd and Gprs Circuit Switched Data CSDHigh Speed Circuit Switched Data Hscsd 6kbps per 14.4kbps per Timeslot Gprs Analogue and Isdn V110 Bearer Service Types36.2 53.6 CS-1 05kbps CS-2 13.4kbps13.4 For Internal Use Only FC Character Input P800c/P802 In DetailProduct Name and Languages Input MethodsVirtual Keyboard FO Character InputHandwriting Recognition Lunar Calendar Chinese DictionaryWuZiQi Five Stone Chess Service Description SIM-AT Services supported by the P800SIM Application Toolkit Profile Download Consumer Kit and CD-ROM DPY Kit ContentsP800 Standard Version Language SupportP800c/P802 Chinese Version CD-ROM Contents 3GPP Terminology and AbbreviationsFor Internal Use Only JVM RAS VPN Related Information MMS Useful ReferencesTrademarks and Acknowledgements Technical Specifications Third Party Application Support KeypadInput MMI LanguagesImage Viewer TelephonyPersonal Organiser Integrated CommuniCamImage Editor User Customisation Integrated browser technical dataServices MeTRemote Synchronisation Bluetooth Wireless Technology technical dataInfrared Transceiver technical data PC Connectivity SolutionsLocation Based Services Remote ConfigurationSecurity
Top Page Image Contents