WAP Gateway
Transcript of WAP Gateway
-
8/8/2019 WAP Gateway
1/6
WAP gateway:
What is a WAP Gateway ? : WirelessApplication Protocol ( WAP ) is anopen, global specification which empowers mobile users with wireless devices toeasily access and interact with information and services instantly. In commonlanguage, a large number of device manufactures like Nokia, Ericsson, Motorolaand software developers like IBM, Microsoft, Oracle have agreed on one commonstandard.
WAP gives mobile phone users access to Internet or web services
through handheld devices. WAP Gateway technology provides a
solution to the growing demand for wireless mobile services acrossthe world. WAP Gateways act as a bridge between the mobile world
and the Internet and offers wap services like encoding of WMLpages, end-user authentication system, & WML script compiling.
WAP uses the underlying web structure to enable communication
between content providers and mobile devices. This wireless protocolemploys Wireless Markup Language (WML) for application contents
instead of Hypertext Markup Language coding (HTML).
A useful & utility feature of WAP technology is the ability to supporttelephony service integrated with micro-browsing of data. WAP
Gateways acts as a proxy between wireless networks & the Internet
while encoding WAP data into byte codes.
What does a Gateway Do?
A WAP Gateway plays many roles in the scheme of turning the WAP model intoworking services. A list of just some of the functions of a WAP gateway include the
following:
implementation of the WAP stack
converting protocols
converting markup languages compiling WMLScript programs
encoding WML into a binary bitstream
providing access control caching
domain name resolution services (DNS)
security features
-
8/8/2019 WAP Gateway
2/6
WS-Security:
WS-Security (Web Services Security, short WSS) is a flexible and feature-rich
extension to SOAP to apply security to Web services. It is a member of the WS-* familyof web service specifications and was published byOASIS.
The protocol specifies how integrity and confidentiality can be enforced on messages and
allows the communication of various security token formats, such as SAML,Kerberos,
andX.509. Its main focus is the use ofXML Signatureand XML Encryption to provideend-to-end security.
Features
WS-Security describes three main mechanisms:
How to sign SOAP messages to assure integrity. Signed messages provide also
non-repudiation. How to encrypt SOAP messages to assure confidentiality.
How to attach security tokens.
The specification allows a variety of signature formats, encryptions algorithms and
multiple trust domains, and is open to various security token models, such as:
X.509 certificates Kerberos tickets
UserID/Password credentials
SAML-Assertion
Custom defined token
WebLogic Server:
WebLogic Server 7.0 offers a new, integrated approach to solving the overall security problem
for enterprise applications. With this framework, application security becomes a function of the
application infrastructure and is separate from the application itself. Any application deployed
on WebLogic Server (WLS) can be secured either through the security features included with the
server out of the box, by extending the open Security Service Provider Interface to a custom
security solution, or by plugging in other specialized security solutions from major security
vendors that the customer's enterprise standardizes on.The change cipher spec Protocol:
The change cipher spec message is sent by both the client and server to notify the
receiving party that subsequent records will be protected under the just-negotiatedCipherSpec and keys.
o It exists to update the cipher suiteto be used in the connection.
http://en.wikipedia.org/wiki/SOAP_(protocol)http://en.wikipedia.org/wiki/Web_servicehttp://en.wikipedia.org/wiki/List_of_Web_service_specificationshttp://en.wikipedia.org/wiki/List_of_Web_service_specificationshttp://en.wikipedia.org/wiki/OASIS_(organization)http://en.wikipedia.org/wiki/OASIS_(organization)http://en.wikipedia.org/wiki/OASIS_(organization)http://en.wikipedia.org/wiki/Security_Assertion_Markup_Languagehttp://en.wikipedia.org/wiki/Kerberos_(protocol)http://en.wikipedia.org/wiki/Kerberos_(protocol)http://en.wikipedia.org/wiki/X.509http://en.wikipedia.org/wiki/X.509http://en.wikipedia.org/wiki/XML_Signaturehttp://en.wikipedia.org/wiki/XML_Signaturehttp://en.wikipedia.org/wiki/XML_Encryptionhttp://en.wikipedia.org/wiki/Non-repudiationhttp://www.pierobon.org/ssl/ch2/suite.htmhttp://www.pierobon.org/ssl/ch2/suite.htmhttp://en.wikipedia.org/wiki/SOAP_(protocol)http://en.wikipedia.org/wiki/Web_servicehttp://en.wikipedia.org/wiki/List_of_Web_service_specificationshttp://en.wikipedia.org/wiki/List_of_Web_service_specificationshttp://en.wikipedia.org/wiki/OASIS_(organization)http://en.wikipedia.org/wiki/Security_Assertion_Markup_Languagehttp://en.wikipedia.org/wiki/Kerberos_(protocol)http://en.wikipedia.org/wiki/X.509http://en.wikipedia.org/wiki/XML_Signaturehttp://en.wikipedia.org/wiki/XML_Encryptionhttp://en.wikipedia.org/wiki/Non-repudiationhttp://www.pierobon.org/ssl/ch2/suite.htm -
8/8/2019 WAP Gateway
3/6
o It permits a change in the SSL session occur without having to renegotiate
the connection.o The message consists of a single byte of value 1.
There are two states for the change cipher spec message.
o Read Currento Read Pending
The change cipher spec message is normally sent at the end of the SSLhandshake.
Roxie's:
Roxie's of Quincy is a one of a kind meat market that prides itself
on fresh, high quality meat and produce at affordable prices. Looking
for something you cant find, need advice on a purchase, just ask
customer service is a top priority.
Established in 1957, Roxies has over 50 years of experience and
many loyal customers. Our variety of products along with our convenient
location has become a destination grocer for many shoppers. We carry all
the ingredients you need to put together a complete meal in just minutes.
Easy in, easy out!
Holidays, BBQs, Special Occasions or everyday shopping
- youll always find what you need at Roxies.
History of SOAP:
SOAP once stood for 'Simple Object Access Protocol' but this acronym was dropped
with Version 1.2 of the standard.[1] Version 1.2 became a W3C recommendation on June
24, 2003. The acronym is sometimes confused with SOA, which stands forService-
oriented architecture; however SOAP is different from SOA.
The SOAP specification
The SOAP specification defines the messaging framework which consists of:
The SOAP processing model defining the rules for processing a SOAP message
The SOAP extensibility model defining the concepts of SOAP features andSOAP modules
The SOAP underlying protocol binding framework describing the rules for
defining a binding to an underlying protocol that can be used for exchangingSOAP messages between SOAP nodes
The SOAP message construct defining the structure of a SOAP message
http://en.wikipedia.org/wiki/SOAP#cite_note-0%23cite_note-0http://en.wikipedia.org/wiki/W3Chttp://en.wikipedia.org/wiki/Service-oriented_architecturehttp://en.wikipedia.org/wiki/Service-oriented_architecturehttp://en.wikipedia.org/wiki/Service-oriented_architecturehttp://en.wikipedia.org/wiki/SOAP#cite_note-0%23cite_note-0http://en.wikipedia.org/wiki/W3Chttp://en.wikipedia.org/wiki/Service-oriented_architecturehttp://en.wikipedia.org/wiki/Service-oriented_architecture -
8/8/2019 WAP Gateway
4/6
[edit] SOAP processing model
The SOAP processing model describes a distributed processing model, its participants,
the SOAP nodes and how a SOAP receiver processes a SOAP message. The followingSOAP nodes are defined:
SOAP sender
A SOAP node that transmits a SOAP message.
SOAP receiver
A SOAP node that accepts a SOAP message.
SOAP message path
The set of SOAP nodes through which a single SOAP message passes.
Initial SOAP sender (Originator)
The SOAP sender that originates a SOAP message at the starting point of a SOAP
message path.
SOAP intermediary
A SOAP intermediary is both a SOAP receiver and a SOAP sender and is targetable fromwithin a SOAP message. It processes the SOAP header blocks targeted at it and acts to
forward a SOAP message towards an ultimate SOAP receiver.
Ultimate SOAP receiver
The SOAP receiver that is a final destination of a SOAP message. It is responsible for
processing the contents of the SOAP body and any SOAP header blocks targeted at it. Insome circumstances, a SOAP message might not reach an ultimate SOAP receiver, for
example because of a problem at a SOAP intermediary. An ultimate SOAP receiver
cannot also be a SOAP intermediary for the same SOAP message.
POST /InStock HTTP/1.1
Host: www.example.org
Content-Type: application/soap+xml; charset=utf-8
Content-Length: nnn
http://en.wikipedia.org/w/index.php?title=SOAP&action=edit§ion=3http://en.wikipedia.org/w/index.php?title=SOAP&action=edit§ion=3 -
8/8/2019 WAP Gateway
5/6
IBM
Advantages
SOAP is versatile enough to allow for the use of different transport protocols. The
standard stacks use HTTP as a transport protocol, but other protocols are alsousable (e.g., JMS[5], SMTP[6]).
Since the SOAP model tunnels fine in the HTTP get/response model, it can tunnel
easily over existing firewalls and proxies, without modifications to the SOAPprotocol, and can use the existing infrastructure.
[edit] Disadvantages
Because of the verbose XML format, SOAP can be considerably slower than
competing middlewaretechnologies such as CORBA. This may not be an issuewhen only small messages are sent.[7] To improve performance for the special
case of XML with embedded binary objects, the Message Transmission
Optimization Mechanismwas introduced.
When relying on HTTP as a transport protocol and not using WS-Addressing or
anESB, the roles of the interacting parties are fixed. Only one party (the client)
can use the services of the other. Developers must usepollinginstead of
notification in these common cases.
UDDI
(Universal Description Discovery and Integration protocol) A directory modelfor web services. UDDI is a specification for maintaining standardized
directories of information about web services, recording their capabilities,location and requirements in a universally recognized format. Seen (with
SOAP and WSDL) as one of the three foundation standards of web services,UDDI is currently the least used.
Purpose of UDDIA UDDI registry, either for use in the public domain or behind the firewall,offers a standard mechanism to classify, catalog and manage Web services,so
that they can be discovered and consumed. UDDI V3.0.2
Basic goals of UDDIFramework for describing and discovering business services, and serviceprovidersDefines data structures and APIs for publishing services descriptions to theregistryand querying the registry Support developers in finding information aboutservices Determine the security and transport protocols supported by a givenWeb service
http://en.wikipedia.org/wiki/SOAP#cite_note-4%23cite_note-4http://en.wikipedia.org/wiki/SOAP#cite_note-5%23cite_note-5http://en.wikipedia.org/w/index.php?title=SOAP&action=edit§ion=9http://en.wikipedia.org/wiki/Middlewarehttp://en.wikipedia.org/wiki/Middlewarehttp://en.wikipedia.org/wiki/CORBAhttp://en.wikipedia.org/wiki/CORBAhttp://en.wikipedia.org/wiki/SOAP#cite_note-6%23cite_note-6http://en.wikipedia.org/wiki/SOAP#cite_note-6%23cite_note-6http://en.wikipedia.org/wiki/MTOMhttp://en.wikipedia.org/wiki/MTOMhttp://en.wikipedia.org/wiki/MTOMhttp://en.wikipedia.org/wiki/HTTPhttp://en.wikipedia.org/wiki/WS-Addressinghttp://en.wikipedia.org/wiki/Enterprise_service_bushttp://en.wikipedia.org/wiki/Enterprise_service_bushttp://en.wikipedia.org/wiki/Polling_(computer_science)http://en.wikipedia.org/wiki/Polling_(computer_science)http://en.wikipedia.org/wiki/SOAP#cite_note-4%23cite_note-4http://en.wikipedia.org/wiki/SOAP#cite_note-5%23cite_note-5http://en.wikipedia.org/w/index.php?title=SOAP&action=edit§ion=9http://en.wikipedia.org/wiki/Middlewarehttp://en.wikipedia.org/wiki/CORBAhttp://en.wikipedia.org/wiki/SOAP#cite_note-6%23cite_note-6http://en.wikipedia.org/wiki/MTOMhttp://en.wikipedia.org/wiki/MTOMhttp://en.wikipedia.org/wiki/HTTPhttp://en.wikipedia.org/wiki/WS-Addressinghttp://en.wikipedia.org/wiki/Enterprise_service_bushttp://en.wikipedia.org/wiki/Polling_(computer_science) -
8/8/2019 WAP Gateway
6/6
Support looking for services based on a general keyword
Basic goals of UDDI
Framework for describing and discovering business services, and service
providersDefines data structures and APIs for publishing services descriptions to theregistryand querying the registry Support developers in finding informationabout services Determine the security and transport protocols supported by agiven Web service Support looking for services based on a general keyword
UDDI Registry keysEach entity is assigned a unique key V3 allows keys to be defined in a waythat they are unique across registries Now URI-based, patterned on DNSnames UDDI key for UDDI API itself