8/8/2019 WAP Gateway

1/6

WAP gateway:

What is a WAP Gateway ? : WirelessApplication Protocol ( WAP ) is anopen, global specification which empowers mobile users with wireless devices toeasily access and interact with information and services instantly. In commonlanguage, a large number of device manufactures like Nokia, Ericsson, Motorolaand software developers like IBM, Microsoft, Oracle have agreed on one commonstandard.

WAP gives mobile phone users access to Internet or web services

through handheld devices. WAP Gateway technology provides a

solution to the growing demand for wireless mobile services acrossthe world. WAP Gateways act as a bridge between the mobile world

and the Internet and offers wap services like encoding of WMLpages, end-user authentication system, & WML script compiling.

WAP uses the underlying web structure to enable communication

between content providers and mobile devices. This wireless protocolemploys Wireless Markup Language (WML) for application contents

instead of Hypertext Markup Language coding (HTML).

A useful & utility feature of WAP technology is the ability to supporttelephony service integrated with micro-browsing of data. WAP

Gateways acts as a proxy between wireless networks & the Internet

while encoding WAP data into byte codes.

What does a Gateway Do?

A WAP Gateway plays many roles in the scheme of turning the WAP model intoworking services. A list of just some of the functions of a WAP gateway include the

following:

implementation of the WAP stack

converting protocols

converting markup languages compiling WMLScript programs

encoding WML into a binary bitstream

providing access control caching

domain name resolution services (DNS)

security features

8/8/2019 WAP Gateway

2/6

WS-Security:

WS-Security (Web Services Security, short WSS) is a flexible and feature-rich

extension to SOAP to apply security to Web services. It is a member of the WS-* familyof web service specifications and was published byOASIS.

The protocol specifies how integrity and confidentiality can be enforced on messages and

allows the communication of various security token formats, such as SAML,Kerberos,

andX.509. Its main focus is the use ofXML Signatureand XML Encryption to provideend-to-end security.

Features

WS-Security describes three main mechanisms:

How to sign SOAP messages to assure integrity. Signed messages provide also

non-repudiation. How to encrypt SOAP messages to assure confidentiality.

How to attach security tokens.

The specification allows a variety of signature formats, encryptions algorithms and

multiple trust domains, and is open to various security token models, such as:

X.509 certificates Kerberos tickets

UserID/Password credentials

SAML-Assertion

Custom defined token

WebLogic Server:

WebLogic Server 7.0 offers a new, integrated approach to solving the overall security problem

for enterprise applications. With this framework, application security becomes a function of the

application infrastructure and is separate from the application itself. Any application deployed

on WebLogic Server (WLS) can be secured either through the security features included with the

server out of the box, by extending the open Security Service Provider Interface to a custom

security solution, or by plugging in other specialized security solutions from major security

vendors that the customer's enterprise standardizes on.The change cipher spec Protocol:

The change cipher spec message is sent by both the client and server to notify the

receiving party that subsequent records will be protected under the just-negotiatedCipherSpec and keys.

o It exists to update the cipher suiteto be used in the connection.

http://en.wikipedia.org/wiki/SOAP_(protocol)http://en.wikipedia.org/wiki/Web_servicehttp://en.wikipedia.org/wiki/List_of_Web_service_specificationshttp://en.wikipedia.org/wiki/List_of_Web_service_specificationshttp://en.wikipedia.org/wiki/OASIS_(organization)http://en.wikipedia.org/wiki/OASIS_(organization)http://en.wikipedia.org/wiki/OASIS_(organization)http://en.wikipedia.org/wiki/Security_Assertion_Markup_Languagehttp://en.wikipedia.org/wiki/Kerberos_(protocol)http://en.wikipedia.org/wiki/Kerberos_(protocol)http://en.wikipedia.org/wiki/X.509http://en.wikipedia.org/wiki/X.509http://en.wikipedia.org/wiki/XML_Signaturehttp://en.wikipedia.org/wiki/XML_Signaturehttp://en.wikipedia.org/wiki/XML_Encryptionhttp://en.wikipedia.org/wiki/Non-repudiationhttp://www.pierobon.org/ssl/ch2/suite.htmhttp://www.pierobon.org/ssl/ch2/suite.htmhttp://en.wikipedia.org/wiki/SOAP_(protocol)http://en.wikipedia.org/wiki/Web_servicehttp://en.wikipedia.org/wiki/List_of_Web_service_specificationshttp://en.wikipedia.org/wiki/List_of_Web_service_specificationshttp://en.wikipedia.org/wiki/OASIS_(organization)http://en.wikipedia.org/wiki/Security_Assertion_Markup_Languagehttp://en.wikipedia.org/wiki/Kerberos_(protocol)http://en.wikipedia.org/wiki/X.509http://en.wikipedia.org/wiki/XML_Signaturehttp://en.wikipedia.org/wiki/XML_Encryptionhttp://en.wikipedia.org/wiki/Non-repudiationhttp://www.pierobon.org/ssl/ch2/suite.htm

8/8/2019 WAP Gateway

3/6

o It permits a change in the SSL session occur without having to renegotiate

the connection.o The message consists of a single byte of value 1.

There are two states for the change cipher spec message.

o Read Currento Read Pending

The change cipher spec message is normally sent at the end of the SSLhandshake.

Roxie's:

Roxie's of Quincy is a one of a kind meat market that prides itself

on fresh, high quality meat and produce at affordable prices. Looking

for something you cant find, need advice on a purchase, just ask

customer service is a top priority.

Established in 1957, Roxies has over 50 years of experience and

many loyal customers. Our variety of products along with our convenient

location has become a destination grocer for many shoppers. We carry all

the ingredients you need to put together a complete meal in just minutes.

Easy in, easy out!

Holidays, BBQs, Special Occasions or everyday shopping

- youll always find what you need at Roxies.

History of SOAP:

SOAP once stood for 'Simple Object Access Protocol' but this acronym was dropped

with Version 1.2 of the standard.[1] Version 1.2 became a W3C recommendation on June

24, 2003. The acronym is sometimes confused with SOA, which stands forService-

oriented architecture; however SOAP is different from SOA.

The SOAP specification

The SOAP specification defines the messaging framework which consists of:

The SOAP processing model defining the rules for processing a SOAP message

The SOAP extensibility model defining the concepts of SOAP features andSOAP modules

The SOAP underlying protocol binding framework describing the rules for

defining a binding to an underlying protocol that can be used for exchangingSOAP messages between SOAP nodes

The SOAP message construct defining the structure of a SOAP message

http://en.wikipedia.org/wiki/SOAP#cite_note-0%23cite_note-0http://en.wikipedia.org/wiki/W3Chttp://en.wikipedia.org/wiki/Service-oriented_architecturehttp://en.wikipedia.org/wiki/Service-oriented_architecturehttp://en.wikipedia.org/wiki/Service-oriented_architecturehttp://en.wikipedia.org/wiki/SOAP#cite_note-0%23cite_note-0http://en.wikipedia.org/wiki/W3Chttp://en.wikipedia.org/wiki/Service-oriented_architecturehttp://en.wikipedia.org/wiki/Service-oriented_architecture

8/8/2019 WAP Gateway

4/6

[edit] SOAP processing model

The SOAP processing model describes a distributed processing model, its participants,

the SOAP nodes and how a SOAP receiver processes a SOAP message. The followingSOAP nodes are defined:

SOAP sender

A SOAP node that transmits a SOAP message.

SOAP receiver

A SOAP node that accepts a SOAP message.

SOAP message path

The set of SOAP nodes through which a single SOAP message passes.

Initial SOAP sender (Originator)

The SOAP sender that originates a SOAP message at the starting point of a SOAP

message path.

SOAP intermediary

A SOAP intermediary is both a SOAP receiver and a SOAP sender and is targetable fromwithin a SOAP message. It processes the SOAP header blocks targeted at it and acts to

forward a SOAP message towards an ultimate SOAP receiver.

Ultimate SOAP receiver

The SOAP receiver that is a final destination of a SOAP message. It is responsible for

processing the contents of the SOAP body and any SOAP header blocks targeted at it. Insome circumstances, a SOAP message might not reach an ultimate SOAP receiver, for

example because of a problem at a SOAP intermediary. An ultimate SOAP receiver

cannot also be a SOAP intermediary for the same SOAP message.

POST /InStock HTTP/1.1

Host: www.example.org

Content-Type: application/soap+xml; charset=utf-8

Content-Length: nnn

http://en.wikipedia.org/w/index.php?title=SOAP&action=edit&section=3http://en.wikipedia.org/w/index.php?title=SOAP&action=edit&section=3

8/8/2019 WAP Gateway

5/6

IBM

Advantages

SOAP is versatile enough to allow for the use of different transport protocols. The

standard stacks use HTTP as a transport protocol, but other protocols are alsousable (e.g., JMS[5], SMTP[6]).

Since the SOAP model tunnels fine in the HTTP get/response model, it can tunnel

easily over existing firewalls and proxies, without modifications to the SOAPprotocol, and can use the existing infrastructure.

[edit] Disadvantages

Because of the verbose XML format, SOAP can be considerably slower than

competing middlewaretechnologies such as CORBA. This may not be an issuewhen only small messages are sent.[7] To improve performance for the special

case of XML with embedded binary objects, the Message Transmission

Optimization Mechanismwas introduced.

When relying on HTTP as a transport protocol and not using WS-Addressing or

anESB, the roles of the interacting parties are fixed. Only one party (the client)

can use the services of the other. Developers must usepollinginstead of

notification in these common cases.

UDDI

(Universal Description Discovery and Integration protocol) A directory modelfor web services. UDDI is a specification for maintaining standardized

directories of information about web services, recording their capabilities,location and requirements in a universally recognized format. Seen (with

SOAP and WSDL) as one of the three foundation standards of web services,UDDI is currently the least used.

Purpose of UDDIA UDDI registry, either for use in the public domain or behind the firewall,offers a standard mechanism to classify, catalog and manage Web services,so

that they can be discovered and consumed. UDDI V3.0.2

Basic goals of UDDIFramework for describing and discovering business services, and serviceprovidersDefines data structures and APIs for publishing services descriptions to theregistryand querying the registry Support developers in finding information aboutservices Determine the security and transport protocols supported by a givenWeb service

http://en.wikipedia.org/wiki/SOAP#cite_note-4%23cite_note-4http://en.wikipedia.org/wiki/SOAP#cite_note-5%23cite_note-5http://en.wikipedia.org/w/index.php?title=SOAP&action=edit&section=9http://en.wikipedia.org/wiki/Middlewarehttp://en.wikipedia.org/wiki/Middlewarehttp://en.wikipedia.org/wiki/CORBAhttp://en.wikipedia.org/wiki/CORBAhttp://en.wikipedia.org/wiki/SOAP#cite_note-6%23cite_note-6http://en.wikipedia.org/wiki/SOAP#cite_note-6%23cite_note-6http://en.wikipedia.org/wiki/MTOMhttp://en.wikipedia.org/wiki/MTOMhttp://en.wikipedia.org/wiki/MTOMhttp://en.wikipedia.org/wiki/HTTPhttp://en.wikipedia.org/wiki/WS-Addressinghttp://en.wikipedia.org/wiki/Enterprise_service_bushttp://en.wikipedia.org/wiki/Enterprise_service_bushttp://en.wikipedia.org/wiki/Polling_(computer_science)http://en.wikipedia.org/wiki/Polling_(computer_science)http://en.wikipedia.org/wiki/SOAP#cite_note-4%23cite_note-4http://en.wikipedia.org/wiki/SOAP#cite_note-5%23cite_note-5http://en.wikipedia.org/w/index.php?title=SOAP&action=edit&section=9http://en.wikipedia.org/wiki/Middlewarehttp://en.wikipedia.org/wiki/CORBAhttp://en.wikipedia.org/wiki/SOAP#cite_note-6%23cite_note-6http://en.wikipedia.org/wiki/MTOMhttp://en.wikipedia.org/wiki/MTOMhttp://en.wikipedia.org/wiki/HTTPhttp://en.wikipedia.org/wiki/WS-Addressinghttp://en.wikipedia.org/wiki/Enterprise_service_bushttp://en.wikipedia.org/wiki/Polling_(computer_science)

8/8/2019 WAP Gateway

6/6

Support looking for services based on a general keyword

Basic goals of UDDI

Framework for describing and discovering business services, and service

providersDefines data structures and APIs for publishing services descriptions to theregistryand querying the registry Support developers in finding informationabout services Determine the security and transport protocols supported by agiven Web service Support looking for services based on a general keyword

UDDI Registry keysEach entity is assigned a unique key V3 allows keys to be defined in a waythat they are unique across registries Now URI-based, patterned on DNSnames UDDI key for UDDI API itself