| There have come two well-known remarkable expansions since 1990'---- the booming development of Mobile Phone and application ofInternet. After redesignation of current IP(Internet Protocal), WAP(Wireless Application Protocol) technology is brought about as more applicable to specific wireless environment with the step of combination of Internet and Communication technology.WAP(Wireless Application Protocol), is an open and international standard , which is set up by WAP FORUM. With the combination of WAP and E_business (such as Mobile Phone Bank and Mobile Phone Stock Dealing, etc), customer could take free and quick response to the fluctuating market at any time and any place.Security is always an important issue whether to Internet or to Wireless Network. There would be no prosperity of Internet if without security. WTLS (Wireless Transport Layer Security), based on the industry-standard TLS protocol, is widely used to deal with Internet transaction. Although, WTLS technology has developed for many years abroad, it is at the very beginning of the developing course in China.After introduction of the principle concepts and theory of WAP and WAP Gateway, WTLS is brought about based on the programming mode of WAP. Protocol of WTLS then is described. Also, this thesis will discuss the advantage and limitation of WTLS. Meanwhile, it will point out its developing trend, security weakness and related solution. Finally, the feasibility, reality and necessity of construction about WAP gateway based on WTLS will be studied.Then, taking advantage of the prevailing technology nowadays, including non-secured WAP gateway, digital signatures and public-key cryptosystems, the author will propose the optimum combination of the algorithm for WTLS under the current economic and material conditions.This combination is composed of Diffie-Hellman as the Key-exchange algorithm, DES as cryptosystem and SHA as MAC algorithm. Linux as OS, GNU C as programming environment, meanwhile, are chosen to implement WTLS effectively, which guarantees the security of both client and server.
|
PDF Full Text Request