|Get this Security+ CertiGuide for your own computer.|
Use coupon code "certiguide" to save 20%!
|Also available: 300-question Security+ practice test!|
|Get It Here!|
The Wireless Application Protocol
is another wireless technology that was created for wireless resources
with limited capability such as a cellular phone. Among the protocols
within WAP is the security layer, Wireless Transport Layer Security
(WTLS), which provides privacy, data integrity and authentication for
WAP communication. It is an evolution of the TLS/SSL protocols
specifically suited for the low-bandwidth, high-latency, less robust,
wireless scenario. It uses both conventional symmetric and public key
As pointed out by Markku-Juhani Saarinen232 at the University of Jyvaskyla, Finland the WTLS
protocol design limits the effectiveness a Certificate Authority such
as VeriSign can have while supporting WTLS. It appears that this research
has been taken to heart as seen in the papers available from the wapforum.org233. If you visit the site you may notice the group
is in the process of quietly renaming itself to the Open Mobile Alliance.
WAP (Wireless Application Protocol) is a protocol for communication between low-bandwidth, high-latency wireless devices.
WTLS (Wireless Transport Layer Security) is the WAP security protocol that provides privacy, data integrity and authentication for WAP communication.
Better Wireless Security234
The Wi-Fi Alliance's specification, called WPA (Wireless Protected Access), includes mechanisms from the emerging 802.11i standard for both data and network access control. For encryption, WPA has TKIP (Temporal Key Integrity Protocol), which uses the same algorithm as WEP but constructs keys in a different way. For access control, WPA will use the IEEE 802.1X protocol, a recently completed standard for controlling entry to both wired and wireless LANs.
With WPA, each user will have his or her own encryption key, and that key can be set to change periodically. In enterprises, user authentication will be handled by an authentication, a system that can be expanded to handle more users much more easily than could WEP.
In the future some enterprising firm may use digital infrared235 for short range communication.
|If you find CertiGuide.com useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider buying an inexpensive PDF equivalent of the CertiGuide to Security+ from StudyExam4Less.com. (Use coupon code "certiguide" by December 31, 2004 to save 20%!) Thanks for your support!|
Table Of Contents - Contact Us
CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004
Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version © Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.