|
|
|
|
|
|
| |
|
Page 8 of 8
|
  |
WAP Security
There has been a lot of fuss about security in the WAP world,
some of it justified, but most of it being misinformation and
misunderstanding. I have often heard it observed that WAP 1.1 does
not include security. This is an example of the misinformation that
has been around in the industry: WTLS was part of WAP 1.1 and is
almost unchanged in WAP 1.2. Security has been there all the time.
What is true is that not all vendors have implemented all parts of
the specification, and WTLS has often not been implemented at all
or has only been implemented at class 1. This will be resolved in
time, as vendor's products become more mature and robust, and as
the public need for robust security implementation forces vendors
to include security in their product offerings.
Even if your WAP gateway does not include WTLS, a WTLS gateway
can be obtained from some reliable security solution vendors, like
Baltimore Technologies, which will sit on your network between the
mobile device and your WAP gateway to provide a WTLS
implementation. This type of solution is only feasible if you are
hosting your own WAP gateway.
WAP can and does provide a robust, secure environment in which
an organisation can conduct m-commerce or communicate securely.
Attention does need to be paid at this stage to the specifics of
the implementations, so I would advise a thorough evaluation before
committing to a particular vendor's implementation. However, there
are robust products our there that you can use to implement a
secure environment.
|
Page 8 of 8
|
|
|
|
|
|
|
|
|
|
|
Email TopXML