Gateway Characteristics

The WAP Gateway provides services in the company’s Intranet, a banking or stock trading ser- vice on the Internet, or access to other WAP applications on web addresses anywhere on the Internet. A Gateway is identified by an IP number or by a phone number, depending on access type.

Connection-oriented And Connection-less WAP

The T20e supports both connection-less and connection-oriented WAP over GSM Data. The user can select which method to use. In general, connection-oriented means that the connection between the WAP browser in the phone and the WAP Gateway is maintained in a session with error recovery services. This gives a high reliability with a reduced risk of errors in the transmis- sion, and improves efficiency in WAP browsing.

Security Using WAP

The T20e is based on the WAP 1.1 specifications where security functionality is specified with a technology called Wireless Transport Layer Security (WTLS).

The WAP protocols that handle the connection, its transport and its security are structured in protocol layers. The security is handled by the WTLS layer operating above the transport proto- col layer. The WTLS layer is modular and there are WTLS classes that indicate which security level is supported by the application.

WTLS class 1 specifies an encoding of the information.

WTLS class 2 includes class 1 and in addition a server authentication, where server certifi- cates are needed in the phone (access lock).

WTLS class 3 includes class 2 and in addition a client certification, where client certificates are needed for the user (signature lock).

The T20e supports WTLS class 2, and it is equipped with a number of certificates. An access lock is needed when accessing certain WAP sites. The user is asked to enter it before a secure WAP connection is established.

9

Page 9
Image 9
Sony Ericsson T20e manual Gateway Characteristics, Connection-oriented And Connection-less WAP, Security Using WAP