| Security brings our aware and concern on wireless transaction. In 2000, WAP forum published a series of WPKI technical specifications, which are open standards, to solve the wireless security issues.The background of wireless transaction is introduced in this paper and a detailed analysis and study on WPKI-the key point of wireless security, is made, with emphases on the requirements of wireless Internet and the mainly relative technologies. In addition, user certificate management is mainly focused.General PKI technology and concepts are also detailedly explained. For the sake of orientation, policies and standards and some of the new and exciting applications that will consume PKI services are also touched on.An integrated and feasible WPKI architecture based on WAP (wireless application protocol), which suits the broadband wireless IP environment, is introduced in this paper. Optimized and compressed from the traditional X.509 certificate, the format of WPKI certificate is also proposed. The way of building a certificate authority is proposed as extending the existing CA of wired to the field of wireless. To implement the creation of WPKI certificate, a simple but efficient protocol, CMP (Certificate Management Protocol) is adopted and analyzed with formalized way to prove its validity. Making reference to the thought of HASH chain, a modification over traditional OCSP, client partially cached-OCSP, is proposed which can efficiently reduce not only the computation at the client and server side but also the band load. Finally a new way of building belief path of CA is introdued.
|
PDF Full Text Request