Security Issues, Concepts and

Strategies in Wireless And

Mobile Systems
By: Imad Jawhar

Outline
Introduction
The wireless environment and systems
Concepts and terminologies used in wireless
security
Some commonly used wireless and mobile
systems and protocols
Wireless application protocol (WAP)

 Wireless transaction protocol (WTP)

Wireless transport layer security (WTLS)
protocol
Some additional concerning WAP security
Some research and future directions in
wireless system security
Conclusions

The Wireless Environment

Communications in the wireless environment has
its own issues and challenges.
Generally, it has the following characteristics:
Relatively low bandwidth and data rate.
Relatively high error rates.
Need for low power consumption to preserve battery
life of mobile systems.
Mobility of the nodes adds more complexity because of
topology changes.

Signal fading.
Handoff issues.
And other challenges.
All of these issues affect design and design for
security

 There exists many forms of wireless

communications and networking, and the
number of these forms dynamically
increasing.
The following is a list of the some very
popular forms of wireless communications.

 Satellite Communications:
Uses microwave links and provides global
connection of many network infrastructures.
Three types of satellites:
GEO: Geostationary Earth Orbit Satellites.
MEO: Medium Earth Orbit Satellites.
LEO: Low Earth Orbit Satellites.

 Cellular Networks:
Widely used recently. Quickly increasing in
popularity all over the world.
Geographic area is divided into cells.
Each cell is serviced by a base station (BS).
Several stations are served by a Mobile
Telecommunications Switching Office
(MTSO), or a similar structure.

 Base station connects mobile users to MTSO.

MTSO connects base station (BSs) to
telephone switching office.
The first generation of systems was AMPS
(Advanced Mobile Phone Service) which used
analog communications

 The second generation uses digital traffic

channels, encryption, error detection,
correction, and allow channel access to be
dynamically shared by all users.

 Third generation systems will have:

Voice quality that is comparable to public
switched telephone networks.
Higher data rates.
Symmetrical and asymmetrical data
transmission rates.
Support for both packet and circuit switched
data services.

 Adaptive interface to the Internet to reflect

common asymmetry between inbound and
outbound traffic.
More efficient use of available spectrum
Support for wide variety of mobile .equipment.
More flexibility to accept new services and
techniques.

 Cordless Systems:
Used inside homes and buildings.
Allow wireless communications between
cordless devices such as a telephone to a single
multiple base stations using TDMA (Time
Division Multiple Access) and TDD (Time
Division Duplex) communications.

 Wireless Local Loop (WLL):

Increasingly more popular way to provide
wireless last mile connections between the end
user and the local switching telephone center.
Allows reduction in installation cost, and time.
Selective installation is possible (only install
when customer desires service, not in
anticipation of the customer desiring service).

 Mobile IP:
Allows nomadic access to the Internet from
different access points.
A user is able to maintain connectability to the
Internet while moving from one access point to
another.
It uses process registration, agent solicitation,
move detection, and tunneling to achieve this
objective.

 Wireless Local Area Networks (WLANs):

Rapidly becoming very popular.
This is due to many characteristics such as:

Need for mobility.

Cost effectiveness.
Convenience.
Rapid deployment ability.

 Decrease in size of electronic and digital equipment.

Speed of mobile computing devices.

 There are four types of wireless LANs

LAN Extension:
Provide wireless connections of mobile
computing units to a wired network.
Used in manufacturing, stock exchange, and
warehouses.

 Cross-building Interconnect:
Used to provide wireless connections between
buildings.
Uses microwave communications with dish
shaped antennas.
More of a link than a LAN.

 Nomadic Access:
Used to provide connectivity from mobile units
such as a laptop, PDA or other computing
devices to a fixed campus network per example.

 Ad Hoc Networking:
Also called rapidly deployable networks.
An increasingly popular form of establishing
networks between mobile computing devices,
such as laptops, computers inside moving
vehicles.
The temporary wireless network is established
dynamically on the fly.

 Very dynamic in nature because topology

changes while nodes move from one location to
another, and nodes dynamically move in and
out of each others range and are added and
deleted to the network all together.

 Require robust communications algorithms and

protocols, which have the following
characteristics:
Can quickly adapt to the changing network
topology.
Maintain efficient connectivity and routing between
various nodes while wireless links are lost and
established dynamically as nodes move in and out of
each others range.

 There are numerous applications for Ad Hoc

Networks, such as:

Tactical military operations.

Conferences.
Campus and classroom environments.
Disaster recovery.
Search and rescue operations.
And so on.

 Bluetooth:
A wireless communications protocol.
Originally started by Ericsson.
Quickly became adopted by a consortium of
companies in the computer industry.
Grew from a few companies to thousands
including all of the major companies in the
industry.

 Designed to establish and maintain connections

between various computing devices and
electronic equipment such as: Computers,
cellular phones, PDAs, and so on.
This is done wirelessly avoiding the need for
wires to establish the connections.
Intended to work in a close proximity
environments such as homes, offices,
classrooms, hospitals, airports, etc.

 Connections are established by designating

master and slave nodes.
It uses profiles for different devices, which
characterize the applications.
There are types of communication links which
are multiplexed over the same RF (Radio
Frequency):
Synchronous Connection-oriented (SCO) for voice.
Asynchronous connectionless (ACL) links for data.

 Uses Frequency-hopping spread spectrum with

a high rate 1600 hops/sec to reduce
interference, and provide low power, and low
cost of radio communications.
Operates in the ISM band at 2.45 GHz with a
transmission of 1 to 100 mW, and a range of 10
to 100 meters, and a maximum bit rate of 1
Mbps, and an effective data transfer rate of 721
Kbps.

802.11 wireless standard

This is a wireless LAN standard.
which is increasingly being adopted by
many wireless devices to establish
communications at the physical and data
link layers of the OSI model.
In 2000 vendors sold around a million
802.11 network interface cards, and sales
are expected to go up to 3.9 million in 2004

Security Issues
Importance of wireless systems.
In every aspect of our lives.
Sensitivity of information shared on
wireless systems (increasingly important)
financial, personal, social, confidential, etc.
example: wireless cameras (watching nanny
and baby in housethe whole block
watching).

Security services needed

(especially in e-commerce transactions)
User authentication: The process of
proving to the system that the user is whom
he/she says he/she is.

 Data authentication: It is further subdivided into

two sub-services.
The first is data integrity, which is the process of
guaranteeing to the receiver that the data was not
changed during the transmission process.
The second is data origin authentication is the
process of proving to the receiver that the data was
actually sent by the stated sender.

 Data confidentiality: It ensures that

unintended parties are not able to read the
data while in transit. Encryption is used to
achieve this objective.

 Authorization:
It is the process of ensuring that only authorized users are
allowed to access the data/resources. In a closed system
a user is not allowed access without explicit authorization.
Typically, this is the desired model of secure systems. On
the other hand, in an open system a user is allowed
access (implicit authorization) unless specifically
deauthorized by the system. The latter model is
undesirable for the design of secure systems, unless
absolutely necessary because of the nature of the
application (a public library, etc.)

 Audit: An audit trail is used to keep track

of who, when, what, and how transactions
took place in a system. This audit trail can
be an essential tool for after the fact
analysis in cases intentional or unintentional
security attacks. It can also be used by
intrusion detection algorithms to detect and
prevent current and future attacks.

 Non-repudiation: This is an important

service that is essential for the proper
operation of certain e-commerce
transactions. It is the process of
guaranteeing that a certain user actually did
issue a certain order or required a certain
transaction. Non-repudiation is usually
implemented using digital signatures,
which are unique to users and provide proof
that a particular user initiated a particular
transaction.

 Some Commonly Used Mobile and

Wireless and Mobile Systems and
Protocols:
802.11
Bluetooth
Mobile IP

IEEE 802.11
This is a wireless LAN standard.
which is increasingly being adopted by
many wireless devices to establish
communications at the physical and data
link layers of the OSI model.
In 2000 vendors sold around a million
802.11 network interface cards, and sales
are expected to go up to 3.9 million in 2004

 The 802.11 architecture uses the wired

equivalent privacy protocol (WEP).
Data is encrypted with WEP to protect the
wireless link between clients and access
points.
Network administrators distribute a WEPalgorithm-based key for authorized users,
which prevents access by unauthorized
users.

 The protocol has authentications,

deauthentication (this service is invoked
whenever an existing authentication is to be
terminated), and privacy provisions [1] [3].
Authentication (and deauthentication)
services are used for establishing identity of
a station.
The standard does not specify any particular
authentication scheme.

 Privacy services are used to prevent the

content of messages from being read by
other than intended recipients [3].

Bluetooth
This is a wireless communications protocol,
which was originally started by Ericsson.
quickly became adopted by a consortium of
companies in the computer industry.
The consortium grew from a few companies
to thousands including all of the major
companies in the industry.

 It is designed to establish and maintain

connections between computing devices,
and electronic equipment, such as
computers, PDAs, cell phones, and so on,
wirelessly avoiding the need for wires.
It is intended to work in a close proximity
environment, such as homes, offices,
classrooms, hospitals, airports, etc.

 Connections are established using

designated master and slave nodes.
It uses profiles for different devices, which
characterize the applications, synchronous
connection-oriented (SCO) for data, and
asynchronous connectionless (ACL) links
for voice, which are multiplexed on the
same RF link.

 Frequency-hopping spread spectrum with a

high 1600 hops/sec rate is used to reduce
interference, and provide low power, low
cost radio communications.
It operates in the ISM band at 2.45 GHz
with a transmission power of 1 to 100 mW
and a range of 10 to 100 meters, and a
maximum bit rate of 1 Mbps, and an
effective data transfer rate of 721 Kbps.

 Up to 8 devices can communicate in a

Piconet with one device acting as the master
and the other devices as slaves. Several
Piconet in one area can form a Scatternet
in which all nodes use the same frequency
range with each Piconet using a different
hop sequence.

 The bluetooth baseband specification

defines a facility for link security between
any two Bluetooth devices, consisting of the
following elements [3]:
- Authentication
- Encryption (privacy)
- Key management and usage.

 The security algorithms use four

parameters:
Unit address: The 48-bit device address,
which is publicly known.
Secret authentication key: A secret 128-bit
key.
Secret Privacy key: A secret key of length
from 4 to 128 bits.

 Random number: A 128-bit random number

derived from a pseudorandom generation
algorithm executed in the Bluetooth unit.

The two secret keys are generated and

configured with the unit and are not
disclosed.

 The authentication process is used to

provide verification of the claimed identity
of one of the two Bluetooth devices
involved in an exchange.
Authentication is done by verifying that the
two devices share the same preconfigured
authentication key.

 Encryption of packet payload can be used to

protect user information. The access code
and the packet header are never encrypted.
The encryption is done using an encryption
algorithm known as E0 [3]. For each packet
transmission, a new encryption key is
generated.

 The algorithm generates a one-time payload

key by combining in a complex fashion a
random number, which is sent to the slave,
the master's address, the current clock value
and a shared secret key. Because the clock
value changes for each encryption, a
different encryption key is used each time,
enhancing security.

Mobile IP
It is used to enable computers to maintain
Internet connectivity while moving from
one Internet attachment point to another.
It uses the concept of home and foreign
networks and home and foreign agents.
Messages intended for a certain node, which
are sent to its home network, are forwarded
to a care of address to the mobile node at
the foreign network where it is registered
previously when the move was detected.

 The forwarding process uses datagramtunneling and encapsulation options, which

include IP-within-IP, minimalencapsulation, or Generic routing
encapsulation (GRE) [3].
Mobile IP has security features, which are
essential to its operation. This is because a
wide variety of attacks could be used by an
unauthorized user to access information of
another user.

 It uses message authentication, registration

request and reply contain authentication
extensions with security parameter index
(SPI) and authenticator.
Authentication procedures are carried out to
secure mobile-home (mobile node/home
communication), mobile-foreign (mobile
node/foreign agent communications), and
foreign-home (foreign agent/home agent
communications).

Wireless Application Protocol

(WAP)
This is an open standard, which provides
mobile users of wireless terminals such as
wireless phones, pagers, and PDAs access
to telephony and information services [3].
It is designed to work with all wireless
network technologies such as GSM,
CDMA, and TDMA.
It is based on existing Internet standards
such as IP, XML, HTML, and HTTP [3]
[10] [9] [12].

 The WAP forum is an industry association

of over 500 members that has developed
the de-facto world standard for wireless
information and telephony services on
digital mobile phones and other wireless
terminals [16].
In the latest class of secure wireless
protocols from the WAP Forum, client-side
certificates are specified and used as part of
client-side authentication and nonrepudiation services [10].

 Users are able to access e-commerce sites

from new wireless devices such as PDAs
and mobile phones.

The WAP Specification:

WAP defines an open, standard
architecture, and a set of protocols for the
implementation of wireless access to the
Internet.
The WAP specifications include [14] [3]:

 An XML-type markup language, Wireless

Markup Language (WML): It has text and
image support with formatting layout and
commands.
Deck/card organizational metaphor (documents
subdivided into cards which specify one or more
units of interaction), and support for navigation
among cards and decks.

 A sample of WML code, consider the following

simple deck with one card [20].

<wml>

<card id=card1>

<p>

Hello WAP World.

</p>

</card>

</wml>

 The tags <wml>, <card>, and <p> enclose the

deck, card, and paragraph, respectively. When a
wireless device receives this code, it will display
the message Hello WAP World on the
terminals screen.
The book in [3] has a table with all of WML tags,
which are divided into eight functional groups:
Deck Structure, Content, Formatting, User Input,
Variables, Tasks, and Task/Event Bindings. Refer
to [3] [12] for more information on the WML
language.

 A microbrowser specification: It
defines how WML and WMLScripts are
determined in the wireless device.
A lightweight protocol stack: Wireless
Session Protocol is equivalent to HTTP in a
compressed format. Designed to minimize
bandwidth use allowing different wireless
networks, with varying bandwidth
capacities, to run WAP applications.

 Framework for Wireless Telephony

Applications (WTA): It provides access to
traditional telephony services (such as Call
Forwarding) through WMLScripts.
Provisioning: It allows Service Providers to
reconfigure mobile devices remotely using
Short Messaging System (SMS), which is a
GSM standard [17].

Components of the WAP

Architecture
The WAP model consists of three elements:
the client, gateway, and original server.
This is shown in figure 1.
The gateway serves as a proxy, which
connects the wireless device/s to the
original server.
HTTP is used to communicate between the
gateway and the original server.

 The WAP gateway performs functions,

which are spared from the relatively less
capable processor in the wireless devices.
It provides DNS service, converts between
the WAP protocol stack (protocols that have
been optimized for low bandwidth, low
power consumption, limited screen sized,
and limited storage) and the traditional
WWW stack which includes HTTP and
TCP/IP.
encodes/decodes information from the
wired web to more compact form.

 which is more easily digested and displayed

by the more limited wireless device.
This reduces the amount of data
communicated wirelessly.
The gateway also reduces communication
overhead and latency by caching recently
requested web pages and information.

Client

Gateway
Encoded requests

WAE user agent

Encoded response

Original Server
Requests

Encoders and
Decoders

Response (content)

Figure 1 The WAP Programming Model.

CGI
Scripts, etc.

Content

 WAP specifications have several

components to provide secure
communications.
These components include the WTLS
protocol, WAP identity module (WIM)
smart cards for storing user certificates, and
functions such as Crypto.signText(), which
is used for signing of WAP transactions.

 As shown in figure 2, the WAP Protocol

Stack is a layered architecture which
consists of several protocol layers.
We will briefly describe each of the layers
and focus on the the WTP and WTLS layers
in this paper.
On top is the Wireless Markup Language
(WML) (described later), and WMLScript
layer, which is a scripting language with
similarities to JavaScript.

 Below WML and WMLScript is the

Wireless Application Environment (WAE)
layer, which specifies an application
framework for wireless devices such as
mobile phone, pagers, and PDAs.
WAE consists of tools and formats that are
designed to ease the task of developing
applications and devices supported by
WAP.

Wireless Markup Language (WML)

WMLScript

Wireless Application Environment (WAE)

Wireless Session Protocol (WSP)
Wireless Transaction Protocol (WTP)
Wireless Transport Layer Security (WTLS)

UDP
Wireless Datagram Protocol (WDP)

IP

GSM

D-AMPS

IS-95

Figure 2 WAP Protocol Stack.

3G

Bluetooth

 The WAE layer is followed by the Wireless

Session Protocol (WSP).
WSP provides applications with an interface
for two session services connection-oriented
operating over the Wireless Transport
Protocol (WTP) (comparable to TCP on the
in wired networks) and connectionless
operating over the unreliable transport
protocol called Wireless Datagram Protocol
(WDP) (comparable to UDP in wired

 Basically, WSP is based on HTTP with

some modifications and additions to
optimize its use over wireless links.
Below the WSP layer, resides the Wireless
Transaction Protocol (WTP), which will be
described later.
Then below WTP, resides the Wireless
Transport Layer Security (WTLS), which
will also be discussed later.

 Below the WTLS layer, follows the

Wireless Datagram Protocol (WDP), which
in turn operates on top of the a number of
bearer service providers such as GSM, DAMPS, IS-95, 3G, Bluetooth, etc.
We will only concentrate on the WTP and
WTLS layers in this presentation.

Wireless Transaction Protocol

(WTP)
WTP manages transactions by conveying
requests and responses between a user agent
(such as a WAP browser) and an application
server for such activities as browsing and ecommerce transactions [3].
It provides reliable transport services
without the undesirable overhead of TCP,
which is the transport layer protocol, used
in wired networks.

 This results in a lightweight protocol more

suitable for implementation in thin clients
(such as wireless/mobile devices) and over
low-bandwidth wireless links.
It includes the following features:
Optional user-to-user reliability: WTP user
triggers the confirmation of each received
message.
Optional out-of-band data on
acknowledgments.

 PDU concatenation and delayed

acknowledgment to reduce the number of
messages sent.
Asynchronous transactions.
Three classes of transaction services to provide:
unreliable datagram service, reliable datagram
service, and request/response transaction
service and support the execution of multiple
transactions during one WSP session.

The Wireless Transport Layer

Security (WTLS) Protocol
The WAP protocol stack includes security
features in its Wireless Transport Layer
Security (WTLS) layer, which is directly
below the Wireless Transaction Protocol
(WTP).

WTLS
Handshake
Protocol

WTLS Change
Cipher Spec
Protocol

WTLS Alert
Protocol

WTLS Record Protocol

WDP or UDP/IP

Figure 3 WTLS Protocol Stack

WTP

 Security of WAP transactions is achieved

using the WTLS protocol [18] [3].
The WTLS protocol provides entity
authentication, data confidentiality, and data
integrity.
It is based on the IETF SSL/TLS protocols
[10][19]. WTLS provides security for
communications between the WAP wireless
device and the WAP Gateway.

 As shown in figure 3, the WTLS Protocol

Stack includes WTLS handshake protocol,
WTLS Change Cipher Spec Protocol,
WTLS Alert Protocol, and WTP at the top.
Below resides the WTLS Record Protocol,
which in turn lays on top of the WDP or
UDP/IP layer.

 The function of the WTLS Record Protocol

is to take the user data from the next higher
layer (WTP, WTLS handshake protocol,
WTLS Alert Protocol, WTLS change cipher
spec protocol) and encapsulates the data in a
PDU (Protocol Data Unit) [3].
The PDU contains the data in a compressed,
and encrypted form with a WTLS record
header appended to it. Encryption is done
using a symmetric encryption algorithm.
The allowable encryption algorithms are
DES, triple DES, RC5 and IDEA [13].

 The WTLS protocol has three different

classes of service [10]:
Class 1: This class implements
unauthenticated Diffie-Hellman key exchange
to establish the session key. Early WAP
devices only implement this level, which is
insufficient and should not be used for ecommerce transactions [21].

 Class 2: This class enforces server side

authentication using public key certificates
similar to SSL/TLS protocol. The WAP
Gateway uses a WTLS certificate, which is a
particular form of X.509 certificate compressed
to save bandwidth. This level is used in
currently available devices, which are being
used in several read-only access and ineconomy banking applications in Europe and
the UK [22].

 Class 3: Using this class, clients are able to

authenticate using client side certificates, which
are regular X.509 format. These certificates
can be stored either on the client or on a
publicly accessible server with a pointer to the
certificate stored in the wireless device. This
class is beginning to be used in wireless phones
[23].

 Nokia, KPN Mobile, and Interpay Nederland have

successfully tested financial transaction on a
mobile network [23], based on WIM technology,
which is a part of the WAP 1.2 (Wireless
Application Protocol) specification.
With this real time payment solution, a mobile
telecommunications network operator, a mobile
phone and infrastructure manufacturer and a
payment processor have made improvement in
security for mobile commerce transactions.

 The solution is based on WIM (Wireless Identity

Module), which is a mobile Internet technology
enabling more secure transactions.
Non-repudiation of transactions is ensured by a
digital signature. In practice, this means users can
perform transactions safely using a single PINcode.
In addition, built-in security elements in the
terminal and network ensure more secure and
reliable transactions.

 Class 3 security services, which are in the process

of being offered by different wireless device
manufacturers such as Nokia and Motorola, are
expected to allow banking institutions to enhance
their current wireless e-commerce services to
allow out-of-economy transactions.

 As shown in figure 3, the WTLS protocol

stack also contains the following protocols:
The Change Cipher Spec Protocol:
The cipher spec is associated with the current
transaction.
It specifies the encryption algorithm, the hash
algorithm used as part of HMAC, and
cryptographic attributes, such as MAC code
size. This protocol is used in the process of
establishing the cipher suite used for
subsequent communications during a session.

 The Alert Protocol:

Used to convey WTLS-related alerts to the peer
entity. Alert messages are compressed and
encrypted as well.

The Handshake Protocol in the WTLS:

It allows the server and client to authenticate
each other and to negotiate an encryption and
MAC algorithm and cryptographic keys to be
used to protect the data sent in the WTLS
record. The Handshake protocol is used to
establish the security provisions before any
application data is exchanged [3].

Some Additional Issues

Concerning WAP Security:
Research has identified some additional
issues regarding the security of WAP based
systems. The following are some of these
issues.

 About Maintenance of the WAP

Gateway:
The WAP Gateway can be maintained by the
Wireless Service Provider (WSP) or by the
Enterprise (on the server side).
If the WSP maintains the WAP gateway
however, some literature [10] refers to the
presence of a security gap caused by the
ending of the Wireless Transport Layer
Security (WTLS) session at the Gateway.

 The data is temporarily in clear text on the

Gateway until it is re-encrypted under the SSL
session established with the Enterprises web
server.
In such cases, the WAP Gateway should be
maintained at the Enterprise. A more detailed
discussion of this issue is presented in [10].

 The WAP Identity Module (WIM):

New generation of WAP phones will provide
WIM to facilitate client side authentication
[24]. WIM is used to implement WTLS
protocol Class 3 functionality.
It has embedded support for public key
cryptography. With the WIM implementation,
RSA [21] is mandatory and Elliptic Curve
Cryptography [21] is optional.

 Smart card is one possible implementation of

WIM. It could be a part of the SIM (subscriber
identity module) card in a cellular phone (in
GSM [17]) or an separate smart card (WIM
card).
A combination of SIM-WIM card is typically
called a SWIM card. The WIM card would be
configured by the manufacturer with two sets of
private-public key pairs (one for signing and
one for authentication), and two manufacturers
certificates.

 All WTLS sessions established through a WIM

and a WAP Gateway will use the same public
keys for initial session negotiations.
A WIM is able to store a number of certificates
or user certificate references, such as a URLbased reference.
A user will be required to register a certificate
at each Enterprise (such as a Bank, etc.).
The WIM must be tamper resistant to make it
not feasible to extract or change information in
the module, because it contains user private
keys, which never leave the WIM.

User Identification and

Authentication in WAP
The type of user identification and authentication
possible in WAP differs with the WTLS class of
service used.
Username/password identification and
authentication can be used with WML forms
exchanged between the server and the wireless
device.
It is also possible to have client-side identification
and authentication based on the public/private key
pair that is hardcoded on the WIM card and bound
with the users name in their certificate.

 Non-repudiation in WAP:
It requires client side certificates that bind the
users signing key with their name.
The WAP browser, on the WAP device,
provides WMLScript function,
Crypto.signText() [25], which achieves this
purpose using different scenarios depending on
the implementation.

Some Research and Future

Directions in Wireless Systems
Security
What is Secure Sockets Layer (SSL) ?
SSL is the most widely deployed and used
security protocol in the world.
Essentially every commercial Web browser and
server supports secure Web transactions using
SSL.
You are almost certainly using SSL every time
you buy online using secure Web pages [13].
Currently, tens of billions of dollars worth of
SSL transactions occur per year.

 SSL is mostly used for securing Web traffic

transactions, however, it is a general protocol
suitable for securing many other types of
traffic.
In addition to the World Wide Web, SSL and
its successor, Transport Layer Security (TLS),
are used in other popular applications such as
File Transfer Protocol (FTP), remote object
access (RMI, CORBA, IIOP), e-mail
transmission (SMTP), remote terminal service
(Telnet) and directory access (LDAP) to secure
their transactions.

 As will be shown later in this paper, SSL is

currently being used in different stages of the
transaction communications between wireless
devices and the wired infrastructure.

On Using SSL in Wireless

Communications
Due to the perceived relative decrease in
capabilities of wireless device CPUs and lower
bandwidth capabilities of wireless channels, there
is a drive away from SSL and toward security
architectures designed for wireless transactions
that lack end-to-end security.
However, some literature [6] show that SSL is a
practical solution for end-to-end transaction
security of wireless Internet applications even
considering the limitation of the wireless devices
and environment.

The Development of Lightweight Security

Mechanisms for Wireless Multimedia
Traffic Transmission
In addition to the above protocols, and
architectures, research is being done in
order to design lightweight encryption
algorithms for MPEG video transmission.
In [7], researchers propose to provide
encryption of video data while increasing
the decodability of the video stream in the
presence of errors.

 These algorithm explore the predictable

relationship between the I, P, and B-frames
of compressed video, and decrease the
expected number of bit errors left in the
data after encoding.
For more information on these techniques
the reader is referred to [7].

On Security of Mobile Phone

Communications
Furthermore, some research is being done
on the security management planning for
telecommunication systems, with focus on
intrusion detection and cloning mobile
phone problems.
In [8], researchers discuss mobile phone
network security management planning
with its various aspects such as access
control, confidentiality, authentication, nonrepudiation, and integrity of data

 The research also addresses intrusion

detection systems design for mobile phone
communications.
Intrusion can be classified as: (i) misuse
intrusion, i.e., well defined attacks against
known system vulnerabilities; and (ii)
anomaly intrusion, i.e., activities based on
deviation from normal system usage
patterns.

 Intrusion detection systems are considered

effective security tools to defend against
such attacks [8].
Research shows that current software in
mobile phone systems
(i) do not have an efficient scheme to verify if a
call is out of the client patterns of
communications (in most of these systems
human staffs are used to identify cloned phones
and warn their clients in such situations);

 (ii) have no efficient ways to control and

identify the impostor; and
(iii) use an experimental satisfaction to prove
the correctness of their security mechanisms.
Better, and more automated techniques for
security management and identification of
frauds, and impostors using cloned mobile
phones are needed.

 Some research uses neural network techniques

to classify phone users into groups according to
their past/current profiles. It is then relatively
easy to determine whether a call was made by
the actual subscriber, or an impostor/intruder
[8]. Such technology can be very effective in
battling and preventing cloning of mobile
devices and consequently result is substantial
savings and more security and privacy for
wireless service providers and their customers.

Concluding Remarks
Wireless systems are quickly becoming an
important and increasingly essential part of
our every day activities.
They provide unlimited potential for
convenience, more independence,
portability, availability, instantaneous, and
ubiquitous connectivity wherever we go.

 They promise great financial gains to the

companies that invest in the development,
marketing, sales, leasing, maintenance and
use of these quickly evolving and
increasingly smaller, easily portable, and
progressively more intelligent products.
Wireless devices are expected to hold and
communicate a large amount of data and
information about every aspect of our lives.

 They are also expected to carry out

numerous, important, and sensitive financial
transactions, which can only be done in a
relatively secure and well-protected
environment.
This protection and security is required to
varying degrees depending on the
application involved.

 The authors in [6] argue that the use of proxy

based architectures in popular environments such
as WAP and Palm.Net, where a different security
protocol (incompatible with SSL) is used between
the mobile client and the proxy/gateway (e.g.
WAP uses WTLS [16] and Palm.Net uses a
proprietary protocol on the wireless link) has some
drawbacks.
This is the case, since the proxy constitutes a
man-in-the-middle which is involved in all
secure communications, in addition to being a
potential performance bottleneck.

 Some experiments show that SSL, which is a welltested and evaluated technology, is able to be
practically and efficiently used in current and the
future wireless and portable devices.
This is particularly the case considering that the
capabilities of the CPUs, memory, and bandwidth
of these devices is significantly improving every
day.

 This efficiency is achieved by carefully selecting

and implementing a subset of the protocols many
features (Full versus abbreviated SSL handshake
per example, etc.) to ensure acceptable
performance and compatibility with a large
installed base of secure web servers.
All this can be done while maintaining a small
memory footprint. This is in concert with the
concept stated by the Ice Hockey Legend, Wayne
Gretzsky who said: Dont skate to the puck;
skate to where its going [6].

 Wireless systems full potential and promise

can only be realized if the security aspects
of these systems are well considered.
Proper design and implementation must be
done according to sound security principles,
which must be employed throughout the
analysis, design, implementation, testing,
and maintenance phases of these products
and systems.

 During their initial inception and the first years of

their introduction to the market, security was not a
major concern or design objective.
However, this is quickly changing to take a proper
high priority in the design and implementation of
wireless systems.
Considerable amount of research has been and is
being done to provide for more secure wireless
systems at every level of their architecture.
This research is needed to provide security
mechanisms at the level of the portable device as
well as the supporting wired and wireless system
infrastructures.

References
1. Sandra Kay Miller, Facing the Challenge of Wireless Security, IEEE Computer. July
2001. Pages: 16-18.
2. S.F. Russell, Wireless Network Security for Users, Information Technology: Coding
and Computing, 2001. Proceedings. International Conference on, 2001. Pages: 172177.
3. William Stallings, Wireless Communications and Networks, Prentice-Hall, 2002.
4. W. Stallings, Network and Internetwork Security Principles and Practice, PrenticeHall, 1995.
5. P. Bahl, S. Venkatachary, Secure Wireless Internet Access in Public Places,
Communications, 2001. ICC 2001. IEEE International Conference on, Volume: 10,
2001. Page(s): 3271-3275.
6. V. Gupta, S. Gupta, Experiments in Wireless Internet Security, Wireless
Communications and Networking Conference, 2002. WCNC2002. 2002 IEEE, Volume:
2, Mar 2002. Page(s): 860 864.
7. A.S. Tosun, Feng Wu-Chi, Lightweight Security Mechanisms for Wireless Video
Transmission. Information Technology: Coding and Computing, 2001. Proceedings.
International Conference on, 2001. Pages: 157-161.
8. M.S.M.A.Notare, A. Boukerche, C. Westphal, Safety and security for 2000
telecommunications, EUROCOMM 2000. Information Systems for Enhanced Public
Safety and Security. IEEE/AFCEA , 2000. Page(s): 359 -363

9. D. Van Thanh, Security issues in mobile ecommerce, Database and Expert Systems
Applications, 2000. Proceedings. 11th International Workshop on, 2000. Page(s): 412 425
10. P. Ashley, H. Hinton, M. Vandenwauver, Wired versus Wireless Security: The
Internet, WAP and imode for E-commerce, Computer Society Applications
Conference, 2001. ACSAC 2001. Proceedings 17th Annual, 2001. Page(s): 296-306.
11. Rolf Oppliger, Internet and Intranet Security, Artech House Inc.,Norwood, MA. 1998.
12. Pekka Niskanen, Inside WAP, Programming Applications with WML and
WMLScripts, Addison-Wesley, 2001.
13. Eric Rescorla, SSL and TLS, Designing and Building Secure Systems. AddisonWesley, 2001.
14 .D. Denning, Information Warfare and Security, Addison-Wesley Publishers, 1999.
15. Eric Maiwald, Network Security: A Beginners Guide, Osborne/McGraw-Hill, 2001.
16. The WAP Forum, http://www.wapforum.org
17. GSM Association, http://www.gsmworld.com
18. Wireless Application Protocol Wireless Transport Layer Security Specification
(WTLS), http://www.wapforum.org/tech/documents/WAP-199-WTLS-20000218-a.pdf.

19. T. Dierks, C. Allen, The TLS Protocol Version 1.0, RFC 2246, 1999.
20. R. Mann, The Wireless Application Protocol, Dr. Dobbs Journal, October 1999.
21. J. Menezes, P.C. van Oorschot, and S.A. Vanston. Handbook of Applied
Cryptography, CRC Press, 1997.
22. Dankse Bank, Denmark, www.danskebank.dk
23. Nokia, KPN Mobile and Interpay Test Mobile Commerce Solution,
http://press.nokia.com/PR/200104/816440_5.html
24. Wireless Application Protocol Identity Module Specification,
http://www1.wapfoum.org/tech/documents/WAP-198-WIM-20000218-a.pdf
25. Wireless Application Protocol WMLScript Crypto Library Specification,
http://www1.wapforum.org/tech/documents/WAP-161-WMLScriptCrypto-19991105a.pdf
26. National Institute of Standards and Technology (NIST), Data Encryption Standard,
FIPS PUB 46-2, U.S. Department of Commerce (December 1993).