| Recent years have witnessed the rapid growth of Internet technology and wireless communication technology. The combination of both is called mobile Internet. Some services can be provided based on mobile Internet, including the mobile e-commerce.Because the mobile e-commerce is based on wireless communication networks whose security is weak, security is the key factor for the success of the mobile e-commerce. In this case, WAP FORUM proposed WPKI specification, which is the optimized version of PKI according to the characteristics of wireless communication networks.The main motivation of this paper is to research some existed standards and specifications of WPKI, and give my own further views about optimization. Furthermore, the WPKI application models in mobile e-commerce are discussed simply.This paper is organized into six sections. The first section is an introduction of wireless communication networks security. In this section we expound the insecurity elements, security operation, security technology of wireless communication networks. The second section introduces the WAP specification, including the advantage of the WAP technology and the architecture of the protocol stacks of WAP. The third section researches four components (WTLS, WMLScript, WIM and WPKI) of the WAP security framework. The framework and principle of WPKI, the certificate policy of WPKI and the key technologies of WPKI are analyzed emphatically.In WPKI, it is a complex problem that how to authenticate whether a server certificate has been revoked or not in a wireless terminal equipment. A new solution is proposed in the fourth section, called proxy OCSP solution. It is a modification over OCSP, and can obtain timely information regarding the revocation status of a server certificate ata low cost. Its design is given in detail, and compared with other solutions.In modern times, people may own some devices which need identical certificates and associated private keys, there are several disadvantages in present schemes attempting to make certificates (including associated private keys) mobile. A new scheme is proposed in the fifth section, whose main idea is that after collecting certificates and associated private keys in a roam server, users can download them when they are needed, the frame of the scheme is given, and its security is analyzed in detail. The sixth section discusses the WPKI application models in mobile e-commerce, which emphasizes the J2ME model. |
PDF Full Text Request