Sony Ericsson T628, T630 manual Security using the WAP, Configuration of WAP settings

Page 31

White Paper T630/T628

Security using the WAP

For certain WAP services, such as banking serv- ices, a secure connection between the phone and WAP gateway is necessary. An icon in the display of the T630/T628 indicates when a secure connec- tion is in use.

The T630/T628 is based on the WAP 2.0 (WML 1.3) specification suite, in which security functionality is specified by a technology called Wireless Transport Layer Security (WTLS). The WAP protocols for han- dling connection, transport and security are struc- tured in layers, with security handled by the WTLS layer, operating above the transport protocol layer. WTLS classes define the levels of security for a WTLS connection:

WTLS class 1 – encryption with no authentica- tion.

WTLS class 2 – encryption with server authenti- cation.

WTLS class 3 – encryption with both server and client authentication.

Server authentication requires a server certificate stored at the server side and a trusted certificate stored at the client side.

Client authentication requires a client certificate stored at the client side and a trusted certificate stored at the server side.

A Wireless Identity Module (WIM) can contain both trusted and client certificates, private keys and algorithms needed for WTLS handshaking, encryp- tion/decryption and signature generation. The WIM module can be placed on a SIM card and is then referred to as a SWIM card.

Certificates

To use secure connections, the user needs to have certificates stored in the phone. There are two types of certificates:

Trusted certificate

A certificate that guarantees that a WAP site is gen- uine. If the phone has a stored certificate of a cer- tain type, it means that the user can trust all WAP gateways that use the certificate. Trusted certifi- cates can be pre-installed in the phone, in the SWIM or they can be downloaded from the trusted supplier’s WAP page.

Client certificate

A personal certificate that verifies the user’s iden- tity. A bank that the user has a contract with may issue this kind of certificate. Client certificates can be pre-installed in the SWIM card.

WIM locks (PIN codes)

There are two types of WAP security locks (PIN codes) for a SWIM, which protect the subscription from unauthorized use. The PIN codes should typi- cally be provided by the supplier of the SWIM.

Access lock

An access lock protects the data in the WIM. The user is asked to enter the PIN code the first time the SWIM card is accessed when establishing a connection.

Signature lock

A signature lock is used for confirming transac- tions, much like a digital signature.

In the T630/T628, the user can check which trans- actions have been made with the phone when browsing. Each time the user confirms a transac- tion with a signature lock code, a contract is stored in the phone. The contract contains details about the transaction.

Configuration of WAP settings

An easy way to perform WAP configuration in the T630/T628 is to use the step-by-step WAP config- urator available on http://www.SonyEricsson.com. The configurator utilizes OTA provisioning.

Manual configuration is done using the menu sys- tem in the phone. This is described in the User’s guide.

31

October 2003

Page 30 Page 32
Image 31
Page 30 Page 32
Contents T630/T628 Preface Contents Built-in GSM data modem technical data T630/T628 Product overview Main View My friendsAdding contacts to My friends Sony Top 10’ Access to the chatroomManaging My friends Built-in camera QuickShare TMOperator benefits Actions and options DisplayNew and innovative user interface Keys to efficiencyMore Features Multimedia in T630/T628 PicturesGraphics Mail MMS Multimedia Messaging ServiceAudio ThemesMMS objects Benefits MMS technical featuresArchitecture OTA configuration EMS Enhanced Messaging ServiceMessage conversion Messaging using EMS Internet e-mail alerts Ring signalsUsing WAP, WAP and SMS for download Unified messagingSandbox security concept Optional download featuresJava Supported protocolsMophun RTE GamesGeneral information MophunSecure gamelets Gaming APICertification and deployment Game file sizesGetting started Game controls Midi Musical Instrument Digital InterfaceGameboard EGB-10 Composing Fun, personalization, music application Music DJBluetooth wireless technology Polyphonic ring signalsHierarchical phone book with contacts Using Bluetooth wireless technology in the T630/T628Synchronize calendar and phone book Key benefits includeSyncML background What is SyncML? Device manufacturers Service providersBenefits of a common synchronization protocol End usersLocal synchronization XTNDConnect PC WAP services Using the WAP browser XTNDConnect for Sony EricssonDirect Links Push servicesProvide settings Using standard toolsWAP profiles Bearer type characteristicsGateway characteristics Improve productivityConfiguration of WAP settings Security using the WAPService Loading SL Push servicesOver-the-air provisioning of WAP settings Service Indication SIMobile positioning General Packet Radio ServicesMobile Internet Data connectionsUsing Gprs in the T630/T628 Interruption of Gprs data account Modem and AT commandsGprs enables constant connection and high speed GSM data communicationOnline Developer Resources AT commands supportInfrared transceiver Sony Ericsson Developer SupportConnection via infrared Connection via cable Chinese versionsFacts and figures Page Page TBD ALS SMSSMS and EMS messaging Network-dependent featuresFixed dialling and Restricted calls SIM application toolkitMode Support SIM AT services supported by the T630/T628Polling OFF Launch BrowserMore Time Play ToneSET UP Menu SET UP CallSET UP Event List SET UP Idle Mode TextUser interaction with SIM AT Feature Support in the T630/T628 for m-commerce Security and M-commerce technical dataTerminology and abbreviations Browsing session Bluetooth BookmarkBearer BFTPSyncML Service providerPhone book SIM cardTrademarks and acknowledgements Related informationDocuments SoftwareTechnical specifications Exterior description General technical dataSupported Man-Machine Interface MMI languages Ambient temperaturesCurrent consumption, talk and standby times Cell broadcast serviceAcelp Page Feature Support in the T630/T628 Short message serviceSMS Wbmp Enhanced message serviceFeature ODIFeature Message priority Multimedia message serviceAMR Instant messaging/ ChatPerformance and technical characteristics Bluetooth technical dataDimension GSM 900/E-GSM Gmsk Tone and percussion maps in the T630/T628Tone map TdmaTone map Tone map Percussion name Percussion mapJPG Feature Support in the T630/T628 WAP browserWAP/WML WAP When creating WML applications, it is recommended that you Security mechanism WAP Operator technical dataFeature Support in the T630/T628 for WAP WAP Browser WAP ProvisioningTechnologies Feature Support in the T630/T628 for WAPContent types Applicative provisioningUser agent profile WAP solutionsFeatures SecurityElements Object formatsNOM I, II Gprs technical dataDimension Support in the T630/T628 PccchSIM AT+CGDATA ENT AT+CGATT Packet Domain Service Attach Or DetachRequested Mail client technical data Built-in GSM data modem technical dataFeature Support in the T630/T628 e-mail client POP3, IMAP4, Smtp BIG5Images downloading to phone Ussd technical dataImage format technical data Feature File typeMMS GIF, Wbmp Infrared transceiver technical data SyncML technical dataFeature Support for Sync ML in the T630/T628 Page Numerics IndexSMS
Top Page Image Contents