14.4.1999
Mintunkukka Paukkunen
Department of Computer Science
Helsinki University of Technology
spaukkun@cc.hut.fi
While Internet continues growing and gaining popularity among crowd, mobility
represents new challenges to web designers. Wireless access is a new,
challenging mission in the current Internet era, with different demand of
information by using less efficient terminals and networks.
Wireless Application Protocol is the first universal open standard providing
the users with the wireless access and the value-added services. Also
the need of improved security factors propagated by mobility is introduced in WAP.
Shortly, WAP based services, including banking services, stock exchange, hotel
reservations, bus schedules, Internet access and e-mail, will be accessible by
general mobile phones.
With the growing need for wireless Internet access, the web designers are now encountering a new challenge in creating support for mobility. Also, mobile access is based on different demand of information than conventional web usage. Getting bus time tables right in the mobile phone while waiting for a next bus on the way to work, reading e-mails by gsm before entering the office and checking the web pages of a customer firm just before first meeting are all examples of the need of mobile access to Internet and other web services.
Wireless Application Protocol enables easy fast delivery of relevant information and services to mobile users with wireless terminals with limited displays and data transfer capabilities. It is a specification for a set of communication protocols to standardize the way in which cellurar devices use Internet access, including www, newsgoups, e-mail and IRC. [6]
In february 1998, the founding members of WAP Forum published the first draft of the WAP specification. The goal of WAP Forum is to bring together companies for creating a global wireless protocol specification which will operate both with differing types of wireless device and network technologies. It was established in 1997 by Ericsson, Motorola, Nokia and Unwired Planet and now has over than 90 members, which together represent over 90 % of the global handset market. [6]
The objectives of the WAP Forum are:After publishing the first draft, WAP Forum held many open meetings to discuss the draft specification. The completed WAP version 1.0 specification is based on proposals suggested in meetings held in Miami and Tokyo, as well as feedback got via the WAP web site. Now finalished version 1.0 specification is available via WAP Forum web site with proposals for version 1.1. [6]
Having the performance and data transfer capacities of the common desktop computers in mind, the web designers constructed the Internet technology for devices as powerfull as those computers. Hand-held wireless devices present more a constrained computing environment with less powerful CPU's, less memory, restircted power consumption, smaller displays and different input devices. Similarly, wireless data networks have less bandwith, more latency, less connection stability and less predictable availability than conventional wired networks. Also, the operators aim to provide the users advanced services in more a usable and attractive way. [6]
The WAP specification meets the mobile network characteristics and operators needs by filling the special requirements of hand-held wireless terminals by using existing network technology and introducting new technology where appropriate. [6]
The WAP programming model is similar to the Internet model. This provides some benefits, including the familiar architecture and programming environment as well as the ability to use existing tools. Not only Internet standards have been used where possible, but also optimisations and extensions have been made. [7]
WAP specifies two essential elements of wireless communication: an end-to-end application protocol and an application environment based on a browser. The application protocol is a layered communication protocol that is embedded in each WAP user agent. The network side includes a server component implementing the other end of the protocol that is capable of communicating with any WAP user agents. The role of the server component is also to act as a gateway to route the request of a user agent to an application server. Physically the gateway can be located in a telecom or a computer network, in order to build a bridge between the two different networks. [4]
WAP provides a standard to enable running the same application in different user agents. The standard consists of a browser and a script interpreter. The browser acts like a conventional web browser but instead of HTML, it understants content written in Wireless Markup Language or briefly, WML. Also instead of JavaScript interpreter, WAP browser has a build in script interpreter for running applications written in a script language called WMLScript. Furthermore the browser includes some libraries to allow the application to use certain services of the user agents. Both WML and WMLScript are designed to be used in wireless networks with narrowband data transfer rates, so they are both binary encoded to optimise the data transmission efficiency.[4]
To establish a connection between a Wap client and a server, the user presses the phone key that has a URL request assigned to it and the user agent sends the URL request to a WAP gateway using the WAP protocol. The WAP gateway then transmits a conventional HTTP request with the specified URL to the web server. Once the web server gets the request, it acts according to the request: it sends the URL file with a HTTP header back to the WAP gateway or it launches the application that the URL specifies, and then sends the output to the WAP gateway. The WAP gateway in turn verifies the HTTP header and the WML content, encodes them into binary form and sends a WAP response to the user agent, that displays the WML content to the user. [4]
If the server does not understant WAP content eg. WML, separate filters are used to translate the WWW content into WAP content. For example, extra HTML filter is used between the server and the WAP proxy to translate HTML to WML.[7]
WAP can provide end-to-end security between the two endpoints. If the browser and the server explicitly express the need to use end-to-end security, they must communicate directly in order to be able to use the WAP protocols. Also, if the WAP proxy is trusted or it is known to locate in the same physical place as the WAP client, the end-to-end security can be achieved.[7]
When one specifies an URL, all the variables that the URL uses are accessible. To overcome this security risk, WML provides elements controlling access control. The most common security risks occur when a WAP client voluntarily requests a harmful service masking it as a legitimate service. This may occur by directly accessing a card in the service that has sensitive operations, by gaining access to variables in the service that have confidental information or by clearing the variables. In order to avoid this, the service should use scripts to check that the request comes from an allowed user. [4]
WAP Protocol stack is layered in a way similar to OSI protocol stack, in which each of the layers is accessible by the layers above, as well as other services and applications. There are four major layers in the WAP protocol:
The Wireless Application Environment (WAE) is the top-most level in the WAP architecture. It is based on WWW and Mobile Telephony technologies. The primary objective of the WAE is to provide the operators and service providers an interoperable environment on which they can build applications and services which, in turn, can be used in a wide variety of hand-held client terminals. WAE includes the micro-browser that contains functionality for using not only WML and WML Script as previously stated, but also Wireless Telephony Application, namely (WTA and WTAI) -telephony services and programming interfaces as well as content formats including well-defined data formats, images, phone book records and calendar information. [7]
The Wireless Session Protocol provides the Wireless Application Environment a consistent interface with two services: connection-oriented service to operate above the Transaction Layer Protocol (WTP) and a connectionless service that operates above either secure or non-secure datagarm service (WDP).[7]
Currently theprotocols of the WSP family provide HTTP/1.1 functionality and semantics in a compact encoding, long lived session state with session suspend and resume capabilities, a common facility for reliable and unreliable data push as well as a protocol feature negotiation. These protocols are optimised to be used in low-bandwith bearer networks with relative long latency in order to connect a WAP client to a HTTP server. [7]
The Wireless Transaction Protocol operates efficiently over either secure or non-secure wireless datagram networks. It provides three different kinds of transaction services, namely unreliable one-way, reliable one-way and reliable two-way transactions. This layer also includes optional user-to-user reliability by triggering the confirmation of each received message. To reduce the number of messages sent, the feature of delaying acknowledgements can be used.[7]
The Wireless Transport Layer Security protocol is based on Transport Layer Security (TLS) or formely known as Secure Sockets Layer (SSL). It is designed to be used with other WAP protocols and to support narrow-band networks. It uses data encryption with a method that is negotiated at the start of the session to provide privacy, data integrity, authentication and denial-of-service protection. The latter is needed in cases when data is replayed or not properly verified. When that happens, WTLS detects the misuse and rejects the data in order to make many typical denial-of-service attacks harder to accomplish. [1,7]
It is up to the applications to enable or disable WTLS features. Whether that happens, it depends to their security requirements and the characteristics of the underlying network, namely, does it use security services at the lower layer.[7]
The Wireless Datagram Protocol in WAP architecture covers the Transmission Layer Protocols in an Internet model. As a general transport service, WDP offers to the upper layers an invisible interface independent of the underlying network technology used. In consequence of the interface common to transport protocols, the upper layer protocols of the WAP architecture can operate independent of the underlying wireless network. By letting only the transport layer deal with physical network-dependent issues, global interoperability can be acquired using mediating gateways.[7]
The bearer services, over which WAP is designed to operate, include short message, circuit-switched data and packet data services. Since the bearers offer different types of quality of service with respect to throughput, error rate and delays, the WDP is designed to either compensate for or tolerate these changes. Also, WDP lists all the bearers that are supported and the techniques applied when transmitting data over a certain bearer. These lists will change with new bearers being added as the wireless market grows. [4]
Since WAP is the first standard to fill the hole that the need for communicating with wireless handheld devices provoked, it is very interesting and has a lot of potential. Soon it will represent the users the ability to make restaurant and hotel reservations, trade stocks, use banking services as well as flight and bus schedules. The attention in developing WAP has been correctly attached to the transmission times and other aspects of hand-held devices and wireless networks. Some technical points are inferior, however. Allowing WTP to be either reliable or unreliable represents a weak point in the protocol stack. It breaks the OSI model by forcing some of the retransmission functions up into the session layer. To overcome this inconvenience, connection-oriented data transmission has been added to the future work items introduced by WAP Forum.[1,4]
In March 1999, Nokia announced that many of the leading operators have begun trials for WAP-based services, using complete Nokia solutions. Nokia has signed agreements with T-Mobil in Germany, Europolitan in Sweden, NetCom in Norway, Orange in the UK, Hongkong Telecom Mobile Service and New World Mobility in Hong Kong, as well as Radiolinja and Sonera in Finland. Nokia has previously announced agreements with France Telecom Mobiles and Telia Mobile in Sweden - each are piloting new WAP value added services, such as Internet and intranet access for GSM mobile phones. To complete the solution, Nokia launched the world's first media phone based on WAP in February, 1999. [3]
At the same time Ericsson and Unwired Planet announced that the two companies have initiated interoperability testing between their WAP based products in order to make them compatible.This effort is an important step toward implementing the WAP interoperability and conformance requirements as they are formalised. Ericsson's handsets will be compatible with the Unwired Planet UP.Link Server, and handsets containing the UP.Browser software will be compatible with Ericsson's WAP Gateway. Unwired Planed started interoperability testing with Nokia in January 1999. [2]
In April 1999, Unwired Planet announced the UP.Link? Server Suite V4 product line, providing wireless network operators with a WAP version 1.1 compatible solution. Additionally, WML 1.1 content and applications can be displayed on existing UP.Browser? enabled mobile phones. V4 will bring complete WAP 1.1 compatibility to the industry-proven UP.Link Server Suite, offering wireless network operators a robust WAP Gateway and Service Platform, as well as Email and Personal Organizer Application Servers. [5]
| [1] | Diaz, Roberto: The Home Page of Roberto Diaz, an essay of WAP, 3.4.1998 [viitattu 14.3.99] <http://www.iit.edu/~diazrob/wap.html> |
| [2] | Ericsson: Corporate Press Room, 4.6.1999 [viitattu 14.3.99] <http://www.ericsson.se/pressroom/Archive/1999Q1/> |
| [3] | Nokia: Nokia Press Releases in 1999 [viitattu 14.3.99] <http://wwwdb.nokia.com/pressrel/webpr.nsf/mostrecent/> |
| [4] | Nokia: Wireless Application Protocol, 26.3.1999 [viitattu 14.3.99] <http://www.forum.nokia.com/developers/wap/wap.html> |
| [5] | Unwired Planet: Unwired Planet 1999 Press Archive, 13.4.1999 [viitattu 14.3.99] <http://www.uplanet.com/press/archive.html> |
| [6] | WAP Forum: The Home Page of the Wap Forum, 7.4.1999 [viitattu 14.3.99] <http://www.wapforum.org/> |
| [7] | WAP Forum: The Specifications of WAP version 1.0 , 13.4.1999 [viitattu 14.3.99] <http://www.wapforum.org/docs/technical.htm#Approved> |