WIRELESS APPLICATION PROTOCOL

SEMINAR REPORT

Submitted in partial fulfillment of the requirement of the award of

BACHELOR OF TECHNOLOGY

in
ELECTRONICS ENGINEERING

of
COCHIN UNIVERSITY OF SCIENCE AND TECHNOLOGY

By

SANJAY KRISHNAN

DEPARTMENT OF ELECTRONICS ENGINEERING COLLEGE OF ENGINEERING CHENGANNUR 689 121

THE WAP FORUM

The Wireless Application Protocol Forum is an industry group dedicated to the goal of enabling sophisticated telephony and information services on handheld wireless devices. These devices include mobile telephones, pagers, personal digital assistants (PDAs) and other wireless terminals. Recognizing the value and utility of the World Wide Web architecture, the WAP forum has chosen to align its technology closely with the Internet and the Web. The WAP specification extends and leverages existing technologies, such as IP, HTTP, XML, SSL, URLs, scripting and other content formats. Ericsson, Motorola, Nokia and Unwired Planet founded the WAP Forum in June, 1997. Since then, it has experienced impressive membership growth with members joining from the ranks of the worlds premiere wireless service providers, handset manufacturers, infrastructure providers, and software developers. WAP Forum membership is open to all industry participants.

GOALS OF WAP FORUM The WAP Forum has the following goals: To bring Internet content and advanced data services to Wireless phones and other wireless terminals.

To create a global wireless protocol specification that works across all wireless network technologies.

To enable the creation of content and applications that scale across a wide range of wireless bearer networks and device types.

To embrace and extend existing standards and technology wherever possible and appropriate.

In order to accomplish these goals, the WAP Forum has developed the WAP specification according to design principles as outlined below.

The WAP Forum seeks to use existing industry standards as the basis for its own architecture and design. For example, a WAP Gateway is required to communicate with other Internet nodes using standard HTTP 1.1 protocol. Furthermore, the specification calls for wireless handsets to use the standard URL addressing scheme to request services. It is also very important for the WAP Forums specification in such a way that they complement existing standards. For example, the WAPV1.0 specification is designed to sit on top of existing bearer channel standards so that any bearer standard can be used with the WAP protocols to implement complete product solutions. When the WAP Forum identifies a new area of technology where a standard does not exist, or exists but needs modification for wireless, it works to submit its specifications to other industry standard groups.

BEARER INDEPENDNCE To best address the needs of the widest possible population of end users, the Wireless Application Protocol is designed to work optimally with all air interfaces. This

principle allows the largest number of service providers, software developers, and handset manufacturers to benefit from one unified specification. Service providers can implement a common solution across their own disparate networks so that every subscriber has the best possible user experience on each network. Applications can be developed using one standard that will work across a variety of networks. Handset manufacturers can use the same software in all of their products lines, reducing development time and simplifying support issues. By making minimal demands on the air interface itself, the WAP specification can operate on the widest number of air interfaces. It defines a protocol stack that can operate on the widest number of air interfaces. It defines a protocol stack that can operate on high latency, low bandwidth networks such as Short Message Service (SMS), or the upcoming GSM unstructured Supplementary Service Data (USSD) channel. Being air interface independent also makes the specification easy to extend to new networks and transports as they develop. As air interfaces become more sophisticated, the services they provide can be designed to comply with the WAP specification, further encouraging the use of one standard across all networks.

DEVICE INDEPENDENCE In addition to being air interface independent , the WAP specification is also independent of any particular device. Instead, it specifies the bare minimum functionality a device must have, and has been designed to accommodate any functionality above that minimum. Device independence offers similar benefits to bearer independence: applications developed for one standard can operate on a wide variety of

devices that implement

the specification; network operators gain a consistent user

interface for their services across multiple vendors handsets ; application developers do not have to write separate versions of their code for different

devices, and service providers can choose any standard compliant device that meets their own unique market requirements. Device manufacturers are assured that they will have many applications written for their device by implementing the specification, yet are able to add their own brand features above and beyond the minimum standards to make their device unique in the marketplace.

INTROPERABILITY Service providers must feel secure that their investments will yield benefits in the future. They will not be able to do so until equipment and software offered by different suppliers can be made to work together. The WAP specification has been designed to encourage easy, open interoperability between its key components. Any solution component built to be compliant with the WAP specification can interoperate with any other WAP compliant component. Service providers can choose equipment and software from multiple WAP-compliant vendors, selecting each piece of the solution that is appropriate for the service providers particular needs. Bearer and device independence both help foster interoperability. But interoperability goes beyond these two principles to require that each WAP- compatible component will communicate with all other

components in the solution network by using the standard methods and protocols defined

in the specification. Interoperability provides clear benefits for handset manufacturrs and infrastructure providers. Handset manufacturers are assured that if their device complies with the WAP specification it will be able to interface with any WAP-compliant server, regardless of the manufacturer. Likewise, the makers of a WAP-compliant server are assured that any WAP-compliant handset will interface correctly with their servers.

ENCOURAGE AND FOSTER MARKET MANAGEMENT The WAP specification is designed to bring Internet access to the wireless mass market. By building open specifications, and encouraging communication and technical exchanges among the industry players, the WAP Forum has already begun to open the wireless data market in new ways. Just over a year ago, the idea of a single wireless data standard was unheard of, yet today the WAP V1.0 specification is available to the public, and dozens of companies are promoting this vision of the future. The revolution is under way to bring information access to any handset, at a reasonable price and in an easy to use form factor.

HOW WAP WORKS

In the figure above, starting from the left, you'll find the mobile WAP device attached to the mobile network (GSM, CDDA, etc) which dials the modem attached to a dial-in server (RAS or Remote Access Service). This server gives the WAP device access to the protocols it needs. These are the same lower level protocols as a normal Internet Service Provider will give you. This is known as PPP or Point-toPoint Protocol. These protocols are used to access the next step in the chain that is the WAP gateway, in this figure hosted by the mobile operator. The WAP gateway is the link between the wireless and the "web world, basically giving the WAP device access to the common internet. Another way of explaining it, and in a bit more detail would be to say that when you type in the URL for a site on your WAP device, for instance http://wap.colorline.no/ the WAP device first checks if it already has an open connection, if not it dials up the PPP provider as described above. After the PPP provider has given the WAP device the required protocols and assigned it an IP address, the request for the URL is sent to the gateway. The WAP gateway, now under "control" of the WAP device requests the URL with a normal HTTP request, such as GET http://wap.colorline.no/. On the internet, there is a normal "web" server which in this case holds both WAP and "web" contents, which now receives the request to send out the contents located at the http://wap.colorline.no/ URL. Also note the normal "web browser at the lower part of the figure. The web server depending on which type of browser it is talking to

(WAP or "web"), sends out WAP, represented by the blue line, or "web" content represented by the green line. Following the requested content back to the WAP device, the contents, if they are in so called textual WML code (the human readable type), the WAP gateway compiles the textual WML into so called tokenized WML, or WMLC, where basically the code is "compressed" down into binary data (the machine readable type). This tokenized WML is then passed back to the WAP device. If the contents from the webserver are already in tokenized WML format, the WAP gateway skips this operation.

The reason for the conversion from texual WML to tokenized WML is to reduce bandwidth usage. A WAP device's WML browser can only read tokenized WML. Finally, back at the WAP device that requested the URL, the WML browser, when receiving the tokenized WML code renders the contents on the WAP device's display to present data sent back and forth between the web server and the WAP device, they a card for the user. This is how the majority of WAP devices is connected to the internet. If the content provider wants pretty much total control over the stream of would install something called a WAPserver. This device is merely a web server and a WAP gateway in one, and it is usually located inside a firewall on the content provider's networks. The WAP device gets internet access the same way as before, but from there it now connects to the firewall which accepts or rejects the connection depending on the firewall configuration. The firewall then passes the connection on to the WAP gateway inside the WAP server. In this configuration, the chain between the content server and the WAP device is point-to-point secured with the WTLS encryption protocol.

The Wireless Markup Language (WML)

Many references use terminology such as "WML is derived from HTML" or "WML is loosely based on XML". WML is, in fact, an XML document type defined by a standard XML Document Type Definition, or DTD. The WML 1.1 DTD is defined at: http://www.wapforum.org/DTD/wml_1.1.xml

Much greater detail on XML and WML are given in the WML tutorial located under the WAP training topic, however the following code gives you an example of a simple WML file. <?xml version="1.0"? > <!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.1//EN"

"http://www.wapforum.org/DTD/wml_1.1.xml"> <wml> <card id="First_Card" title="First Card"> <p> Hello World! </p> </card> </wml>

The first two lines are required. They give the XML version number and the public document identifier, respectively. From there, all WML decks (one WML file equals one deck) begin and end with the <wml></wml> tags. Individuals cards are arranged with the <card></card> tags. Also, note that WML, like XML, is case-sensitive!

Included in the WML specification are elements that fall into the following categories: Decks/Cards, Events, Tasks, Variables, User Input, Anchors/Images/Timers, and Text Formatting. WMLScript

The purpose of WMLScript is to provide client-side procedural logic. It is based on ECMAScript (which is based on Netscapes JavaScript language), however it has been modified in places to support low bandwidth communications and thin clients. The inclusion of a scripting language into the base standard was an absolute must. While many Web developers regularly choose not to use client-side JavaScript due to browser incompatibilities (or clients running older browsers), additional server-side scripts must still replace this logic. This involves extra roundtrips between clients and servers, which is something all wireless developers want to avoid. WMLScript allows code to be built into files transferred to mobile client so that many of these round-trips can be eliminated. According to the WMLScript specification, some capabilities supported by WMLScript that are not supported by WML are:

Check the validity of user input Access to facilities of the device. For example, on a phone, allow the programmer to make phone calls, send messages, add phone numbers to the address book, access the SIM card etc.

Generate messages and dialogs locally thus reducing the need for expensive round-trip to show alerts, error messages, confirmations etc.

Allow extensions to the device software and configuring a device after it has been deployed.

WMLScript is a case-sensitive language that supports standard variable declarations, functions, and other common constructs such as if-then statements, and for/while loops. Among the standards more interesting features are the ability to use external compilation units (via the use url pragma), access control (via the access pragma), and a set of standard libraries defined by the specification (including the Lang, Float, String, URL, WMLBrowser, and Dialogs libraries). The WMLScript standard also defines a bytecode interpreter since WMLScript code is actually compiled into binary form (by the WAP gateway) before being sent to the client. Why use WML when you can use HTML?

First of all, the WAP specifications require the use of WML. You might have heard of WAP devices that support HTML, but this really isn't the case. There are several other wireless devices similar to WAP devices, but these use either straight HTML (such as devices with the Microsoft Mobile Explorer, which supports both HTML and WML. The MME devices are really two completely separate devices in one. Then there are the variants on HTML such as the iMode browsers, which use Compact HTML. In short, if we're talking about WAP devices, the markup language is WML. There are many reasons why WML is used in the WAP environment instead of HTML. Currently the most important reason is that WML requires very little bandwidth resources compared to HTML. Obviously, with the introduction of technologies that provide higher bandwidth for wireless devices, this reason becomes less important. However, it will take many years before these higher bandwidth technologies are available globally. Another important reason is that HTML requires relatively great processing strength to render. Processing strength means power, and on a wireless device that means energy from batteries. Less processor power means longer lasting batteries. Further, HTML really requires larger displays than the display on a device such as a mobile phone. Sure, it's possible to have large displays on mobile phones or other mobile device, but the larger the device is, the less mobile it will be.

WAP PROTOCOL STACK

Any network is organized as a series of layers or levels where each level performs a specific function. The set of rules that governs the communication between the peer entities within a layer are called protocols. The layers and protocols together forms the Protocol Stack. The request from the mobile device is sent as a URL through the operators network to the WAP gateway, which is the interface between the operators network and the Internet.

WDP The WAP datagram protocol (WDP) is the bottommost layer responsible for moving data from sender to receiver and back again. WDP is patterned after UDP (User Datagram Protocol) of the Internet, which is a best effort delivery protocol. Thus WDP is the transport layer that sends and receives messages via any available bearer network, including SMS, USSD, CSD, CDPD, IS-136 packet data and GPRS.

WTLS Wireless transport layer security (WTLS), an optional security layer, has encryption facilities that provide the secure transport service required by many applications, such as e-commerce. WTLS incorporates security features that are based upon the established Transport Layer Security (TLS) protocol standard. Includes data integrity checks, privacy on the WAP Gateway to client leg and authentication. Wireless Datagram Protocol Allows WAP to be bearer independent by adapting the transport layer of the underlying bearer. WDP presents a consistent data format to the higher layers of the WAP protocol stack thereby conferring the advantage of bearer independence to application

WTP The WAP transaction protocol (WTP) layer provides transaction support adding reliability to the Datagram service provided by WDP. It is loosely based on TCP/IP of Internet. There are three different WTP transaction classes defined. The simplest transaction class, class0 is a non-confirmed simple push of information in one direction. This is used for basic information exchange. Transaction class1 is used for WAP1.1 Push

transactions and is a simple send- acknowledgement exchange. Transaction class2 is a three-way handshake used for most WSP/WTP information exchange. This handshake is a send-acknowledgement-responsetrio sent from the iniator to the responder and back again. WTP has the optional ability to segment and reassemble data.

WSP The WAP session protocol (WSP) layer provides a lightweight session layer to allow efficient exchange of data between applications. WSP is patterned after the HTTP (Hypertext Transfer Protocol) of the Internet. WSP has two modes-when WSP is used in conjunction with WTP, a session is initiated by the WAP client and is maintained until it is explicitly disconnected. Such a mode is called WSP connection mode. Another mode is WSP/B is in which no session is created, it is called temporary or connectionless WSP.

WAE This layer defines the user interface on the phone. WAE is aimed at enabling operators, content developers to develop advanced services and applications including a microbrowser, scripting facilities, e-mail, www to mobile handset imaging and mobile to telefax access.

HTTP Interface The HTTP interface serves to retrieve WAP content from the Internet requested by the mobile device. WAP content (WML and WML Script) is converted into a compact binary

form for transmission over the air. The WAP microbrowser software within the mobile device interprets the byte code and displays the interactive content.

STANDARDS The collaborative efforts of the WAP forum have devised and continue to develop a set of protocols that provide a common environment for the development of advanced telephony services and Internet access for the wireless market. If the WAP protocols were to be as successful as the transmission control protocol (TCP)/Internet protocol (IP), the boom in mobile communications would be phenomenal. Indeed, the WAP browser should do for mobile Internet what Netscape did for the Internet. The many requirements for radio transmission technologies, proposed by the International Telecommunication Union(ITU) and its International Mobile

Telecommunications for the year 2000(IMT-2000), include the following: Voice quality comparable to that of the public switched telephone network(PSTN); A data rate of 14.4 kbp/s for users in motor vehicles moving fast over large areas; A data rate of 384 kbp/s for pedestrians, standing still or moving slowly over small areas; Phased-in-support for 2.048 Mb/s operation for office use; Support of both packed switched and circuit-switched data services; An adaptive radio interface suited to the highly asymmetric nature of most Internet communications-a much greater bandwidth for the downlink than the up-link. More efficient use of the available spectrum; Support for a wide variety of mobile equipment; and

Flexible introduction of new services and technologies.

The WAP Gateway

The Wireless Internet Gateway (WIG) gives WAP and SIM Application ToolKit (SAT) terminals access to WML-based applications. It brings WAP to legacy terminals via SMS and supports end-to-end security, push and location-based services. A SIM-based WML browser not only lets a GSM operator deliver web-style content to the current large installed base of mobile phone subscribers, but it offers increased security inherent in the SIMs Smart Card technology. Since each subscriber holds a unique encrypted digital signature in each phones SIM card, the WIG makes it possible for operators to immediately add applications like e-commerce and online banking, which capture the interest of security-conscious subscribers clamoring for more financial transaction services. The SIM-based WML browser for the WIG is available on most SIM platforms, including Giesecke & Devrient, SetecGemplusSchlumberger and De La Rue (Oberthur). SIM browser plug-in modules are also available to generate signatures and retrieve location-based information. It is now possible for WML application programmers to begin immediate deployment of location sensitive applications, and to support security schemes based on the Public Key Infrastructure (PKI). The WAP gateway is actually a software that performs several functions between the WAP device and the Web server such as: Converting WML pages from server from textual format to binary/compressed format readable by WAP device.

Translating requests from WAP device to HTTP requests for the Web world. Converts between SSL encryption used in Web and WTLS used in WAP> Converts between "transport" protocol that is TCP of the Web and WDP of WAP.

WAP Browser
The Nokia WAP Browser is a platform independent version of the same software currently running on Nokia's mobile phones and communicator class products. It is a source code product and includes 100% WAP-compliant

implementations of both the WAP Application Environment (WAE) and the WAP Protocol Stack (WPS). The Nokia WAP Browser was designed in accordance with the embedded environments common in mobile telephones as well as the requirements inherent in OEM software. It is ideally suited for the memory and processor constraints commonly found in mobile telephones, and can also be augmented with additional functionality when necessary. Benefits: Cost Effective Licensing the Nokia WAP Browser is significantly more cost-effective than developing in-house WAP implementations. As a WAP standard, it can become the foundation of in-house development efforts. Maintain Control Nokia provides the source code and support - the customer pilots all further development. Free from external development schedules. Reduce Time-to-Market Market-ready and market-tested

Highly portable, reducing implementation time

WAP Security
SSL or Secure Sockets Layer which is widely used in the "web" world to encrypt the data stream between the browser and the webserver is actually also used in the WAP environment. However, SSL is only used between the webserver and the WAP gateway. Between the WAP gateway and the WAP device, a similar system called WTLS or Wireless Transport Layer Security. WTLS is specialized for the wireless environment. Security is a touchy subject. Althought no systems are totally secure, SSL and WTLS on their own in my humble opinion provide adequate security for most applications. However, there is a potential security problem where the two protocols meet, and that's inside the WAP gateway. SSL is not directly compatible with WTLS, so the WAP gateway must decrypt the SSL protected data stream coming from the webserver and then re-encrypt it using WTLS before passing the data on to the WAP device. Inside the memory of the WAP gateway, the data is unprotected. This is the current model:

[WAP device]------------[WAP gateway]-----------[Content server] <---WTLS--->{unprotected}<---SSL---> | (Firewall) | | | (Firewall)

Imagine if your bank or other institution dealing with sensitive data make public a WAP service. When the data leaves the security of your system and your network they are resonably well protected. Then, when they enter the WAP gateway which is commonly owned and operated by a third party such as a mobile operator, the data is decrypted. Trusting sensitive data to an unknown third party is hardly a good idea.

The mobile operator in question could be any mobile operator in the world. Your customer might be on vacation in some country where security is considered a trivial matter. If the mobile operator's networks are vulnerable to attacks, so are your data. All the major WAP players are developing solutions to this problem, but for now these solutions create other problems. Developers of so called "WAP servers", or webservers with WAP gateway capabilities provide end-to-end security in a way because the data stream leaves the content server (the "WAP server") already encrypted with WTLS. The model then looks like this:

[WAP device]------------------------------------["WAP server" (acting as WAP gateway)] <---------------WTLS---------------> | (Firewall) | | | (Firewall)

However, the mobile operator's WAP gateway can now no longer be part of the chain, and the user has to reconfigure his WAP device to point to the "WAP server" which will become the WAP gateway for this session. But, this WAP gateway only provides access to this one service, and when the user wants to access his other favourite WAP sites, he has to reconfigure his phone again. Some WAP devices are fairly easy to reconfigure for someone with who can be bothered to read a manual, but some WAP devices are extremely difficult to reconfigure. Adding to this problem is the fact that many mobile operators place their Point-to-Point service where the mobile device dials in to get on the internet, and their WAP gateway on the same private IP range network, usually behind a firewall. This firewall is usually set up only to allow the HTTP protocol on port 80 which is default for this protocol. The WAP gateway uses this port to receive data from content servers on the internet, and that's all it really needs. When the WAP device attempts to access another WAP gateway on the Internet, the firewall will

stop them either because the firewall says that the IP address of the WAP device is not allowed to route data on to the internet, or that it cannot open the ports it requires. This effectively stops the user from using other gateways that the one provided by the mobile operator. There are lots of people suggesting solutions to this problem, and the rumours say that upcoming versions of WAP will have a solution. In other words, a model like this where the WAP gateway has two modes. A "normal mode" where it works like WAP gateways work today, and a "passthrough" mode where the gateway detects the WTLS stream and simply lets it pass through.

"Passthrough mode"

[WAP device]------------[WAP gateway]-----------["WAP server"] <---------------WTLS---------------> | (Firewall) | | | (Firewall)

WAP SOLUTION BENEFITS

The WAP V1.0 specification was written to address the challenges of traditional wireless data access within the context of the WAP Forum's design objectives. This section outlines how the WAPV1.0 specification meets the goals.

DELIVERS AN APPROPRIATE USER EXPERIENCE MODEL

The WAP specification defines a powerful and functional user interface model that is appropriate for handheld devices.Users navigate through cards with up and down scroll keys instead of a mouse. Soft keys allow the user to perform specific operations appropriate to the application context, or select menu options. A traditional 12-key phone keypad is used to enter alphanumeric characters , including a full set of standard symbols. Navigation functions such as Back, Home, and Bookmark are also provided, in keeping with the standard browser model. By using the existing Internet model as a starting point, this user interface provides familiar functionality for those accustomed with the Web. It also provides a user interface that is easy to learn and highly discoverable for the first time user. The microbrowser allows devices with larger screens and more features to automatically display more content, just as a traditional browser does on a PC when the browser window is expanded on screen.

LEVERAGES PROXY TECHNOLOGY

The WAP specification utilizes standard Web proxy technology to connect the wireless domain with the Web. By using the computing resources in the WAP gateway, the WAP architecture permits the handset to be simple and inexpensive. For example, a WAP gateway will typically take over all DNS services to resolve domain names used in URL's , thus offloading this computing task from the handset. The WAP gateway can also be used to provision services to subscribers and provides the network operator with a control point to manage fraud and service utilization. A WAP gateway typically includes following functionality:

Protocol Gateway- the protocol gateway translates requests from the WAP protocol stack to the WWW protocol stack(HTTP and TCP/IP). Content Encoders and Decoders-the content encoders translate web content into compact encoded formats to reduce the size and number of packets travelling over the wireless data network. This infrastructure ensures that mobile terminal users can browse a wide variety of WAP content and applications regardless of the wireless network they use. Because of the WAP proxy design,content and applications are hosted on standard WWW servers and can be developed using proven web technologies such as CGI scripting. The WAP gateway decreases the response time to the handheld

device by aggregating data from different servers on the web, and caching frequently used information. The WAP gateway can also interface with subscriber databases and use information from the wireless network, such as location information, to dynamically customise WML pages for a certain group of users.

ADDRESSES CONSTRAINTS OF WIRELESS NETWORK

The protocol stack defined in WAP version 1.0 optimizes standard Web protocols, such as HTTP, for use under the low bandwidth, high latency conditions often found in wireless networks. A number of enhancements to the session, transaction, security and transport layers provide HTTP functionalilty better suited to the wireless network environment. Here are just a few examples of these improvements: The plain text headers of HTTP are translated into binary code that significantly reduces the amount of data that must be transmitted over the air interface. A lightweight session re-establishment protocol has been defined that allows sessions to be suspended and resumed without the overhead of initial establishment. This allows a session to be suspended while idle to free up network resources or save battery power. WAP V1.0 provides a Wireless Transaction Protocol(WTP)that provides reliable datagram service, much as traditional TCP does, but without behaviors that make TCP unsuitable in a wireless network. For example, TCP transmits a large amount of information for each request-response transaction, including information

needed to handle out of order packet delivery. Since there is only one possible route between the WAP proxy and the handset, there is no need to handle this situation. WTP eliminates this unnecessary information, and reduces the amount of information needed for each request-response transaction. WAP's WTP solution also means that a TCP stack is not required in the phone, which allows for significant savings in processing and memory costs in the handset. The improvemnets made in the WAP protocol stack lead to significant savings in wireless bandwidth. Figure 3 compares the number of packets needed to process a stack quote query from a desktop browser using HTTP 1.0 with the same query from a WAP browser. The WAP protocol uses less than half the number of packets that the standard HTTP/TCP/IP stack uses to deliver the same content. This improvement is essential to best utilize the limited wireless bandwidth available.

PROVIDES A SECURE WIRELESS CONNECTION

Many applications on the Web today require a secure connection between the client and the application server. The WAP V 1.0 specification ensures that a secure protocol is available when these transactions with the wireless handset. The Wireless Transport Layer Security(WTLS) protocol is based upon the industry standard Transport Layer Security(TLS) protocol, formerly known as the Secure Sockets Layer(SSL). WTLS is intended for use with the WAP environment and has been optimized for use over narrow band communication channels. WTLS ensures data integrity, privacy, authentication and denial of service protection. For Web applications that employ standard internet security techniques with TLS, the WAP gateway automatically and transparently manages wireless security with minimal overhead.

OPTIMIZE FOR HANDHELD WIRELESS DEVICES

The WAP V1.0 specifiaction defines a microbrowser that is the ultimate thin client, able to fit in a limited amount of memory in the handheld device. The use of proxy technology and compression in the network interface reduces the processing

load at the handheld device so that expensive CPU can be used in the handset. This further helps reduce power consumption and extends battery life meeting the needs of both handset manufacturers and wireless subscribers.

IMPLEMENTS NEW WIRELESS FUNCTIONALITY

The WAP V1.0 specification also defines new functionality that has not been defined by any other standard, such as a voice/data integration API and the groundwork for wireless push functionality. The Wireless Telephony Application (WTA) allows application developers to initiate phone calls from the browser, and respond to network events as they occur. The WTA API accomplishes this by providing and interface to the local and network telephony infrastructure. This functionality can be used to keep an updated list of the phone numbers dialed into an active conference call. Standard HTTP has no support for "push" functionality. The WAP V1.0 specification defines a push mechanism that will allow any web server to send information to the client. WAP Forum is currently defining the higher level protocols needed to provide a complete wireless push solution. This allows applications to alert the subscriber when time-sensitive information changes like traffic alerts and stock quote triggers.

ENABLES APPLICATION DEVELOPMENT USING EXISTING TOOLS

Web developers find it easy to develop WAP applications since the WAP Programming model closely follows the existing WWW development model. WML is a tag-based document language specified as an XML document type. WML developers can use standard web tools and mechanisms such as Cold Fusion, CGI, PERL and ASP to generate dynamic WML applications. Although it is possible to translate HTML into WML using an automated system, in practice the best applications use WML to tailor the interface to the specific needs of the wireless user. This allows for the best possible use of the handset features, such as soft keys and provides the best user experience. Therefore developing a corresponding WML front-end leverages previous engineering effort while providing significant user interface benefits.

BENEFITS FROM WAP BASED SOLUTIONS

SERVICE PROVIDERS
Service providers can add significant value to their existing voice offerings by adding a WAP based solution to their wireless networks. By choosing a WAP based solution to deploy wireless data, network operators will gain: A whole new dimension of relationship and communication with their subscreibers. This creates new opportunites for improved customer service and increased usage of network services. Control of data connection to their subscribers. By using a WAP based solution, service providers can use the WAP gateway to track and bill for the service, and provision general feature control. An easy method to deploy Teleservices applications, such as Call Feature Control, prepaid wireless recharge and automated customer service. Since the applications are stored on a standard web server inside the service provider's infrastructure, when new services are added, or features are changed, these changes are instantly available to every subscriber in the network. Immediate access to all WAP enabled wireless content. Since WAP is a specification that many developers are using, service providers will benefit from an abundance of available content.

DEVELOPERS
Application developers can reach the largest possible audience when they write their applications in WML because they are writing to an industry standard. Additional benefits for developers include: Access to an entirely new immense market of information hungry wireless subscribers. Because WML is an XML based language, it is an easy markup language for existing web developers to learn. WML's basis in XML also positions it well as a future target markup language for automatic content transformation.

Since WML is part of an open standard, and was developed by an independent organization, all developers can be assured that they are on equal footing with other developers.

By writing in WML, a developer's work becomes available to any network and device that is WAP complaint. WML provides the application developer with the power to take full advantage of the user interface. Applications can map soft keys for easy use of input and use special features to maximise the effect of displaying text on a limited screen.

WML allows application developers to integrate their applications with device and network telephony functions. WML allows the user icons and bitmapped graphics, for devices that support them. An application written in WML will look good on any device that is WAP complaint. If one device is able to display more lines of text than another, the microbrowser will do so automatically, making the best use of device's and application's capabilities.

An application can be customized to take advantage of a particular device's capabilities, by using standard HTTP header mechanisms to learn about the device's capabilities, so that the application can dynamically generate the appropriate content.

Developers who are converting existing HTML pages into WML will find that that their investment in databases, proprietary content, application logic and API's is preserved with WML.

SUBSCRIBERS
Ultimately, subscibers are the most important beneficiaries of the work of the WAP Forum. As a result, the WAP specifiaction delivers significant value to the subscriber.

The WAP specification pulls together existing technologies and defines new standards to provide subscribers with: Fast, efficient access to key information from a wireless handset. Peace of mond that all transactions are completely secure. An easy to use interface metaphor that meets the needs of the user within the restrictions of a constrained network and device.

WAPUSES ! E-mail: : Using WAP phones, one can access and exchange e-mails.

! Personalised information access ! Events-calendar management

and maintain a calendar on the WAP phone.

: The user could maintain a

phone book or an address book on a WAP-enabled phone. : The user could schedule his events

! Personal banking

: Banking and insurance are purported to be the other

sectors where WAP is predicted to make a significant difference. In banking, for instance, a WAP gateway can provide user access to payment services. For example. The Delhi-based, Nucleus Software that created a WAP software called, Bank-o-net to help banks WAP enable their services.

! Personal billing information: ! Customer care application

customer is provided by the operator.

: This enables the user to perform

online shopping as well as make online payments. : Information that is of interest to the

! Financial information, stock quotes

: Financial transactions are

expected to lead as a popular service available to WAP phone users. A service category more suited to be successful on WAP enabled phone is live stock updates. The phone can easily beep the subscriber when the favorite scrip jumps the cut off mark and thereafter help him transact.

! City direction guides

phone which will guide him.

: The user can obtain small road maps on his WAP

! Infotainment

: This includes interactive information as well as other

entertainment like games and chat.

WAP PITFALLS
Presently though this technology is the blue eyed baby of the industry, its growth is dependent on several factors that includes: # WAP servicesexpensive: Most WAP based services used CSD (Circuit Switched Data) as its underlying bearer. So the cost poses a deterrent as CSD requires its users to remain connected to the network for full interaction. # Difficult to configure WAP phones for new WAP services: When it is required to introduce new services, about 20 or more different parameters must be entered and with the limited user-interface, this becomes difficult. # WAP standardincomplete with key elements like PUSH: There are different WAP versions like WAP 1.0, WAP 1.1, WAP 1.2 and WAP 2.0. The current WAP standard is WAP 1.1 which does not support the PUSH (Proactive sending of information to mobile devices) function. PUSH was added to WAP 1.2, and is only available in WAP 1.2 environments. In short PUSH provides another way of sending data from a content or application server to a mobile user agent. The "traditional" way, PULLing is for the user agent to request the information, and then receive it. PUSH means that the server can send the data to the user agent without it having to ask for it. The content or application server cannot send the data to the user agent directly, but will have to use a so-called Push Proxy Gateway. This PPG sits between the internet based Push Initiator (the content or application server) and the mobile user agent. On the Internet side, the Push Access Protocol is used, and on the mobile Internet side, the Push Over-the-Air Protocol is used. # Small screen of WAP device: For example, the NOKIA 7110 has a screen size of 96 by 65 pixels, which can give only text specific data , it cannot have any graphics or visual elements. # Data rate in WAP-slow: The current wireless applications and its usefulness is limited by the lower bandwidth that is about 9.6Kbps. With the advent of GPRS, the data rate can be increased upto 117Kbps.