Integrated transport layer security: end-to-end security model between WTLS and TLS

摘要

WAR is a set of protocols that optimizes standard TCP/IP/HTTP/HTML protocols, for use under the low bandwidth, high latency conditions often found in wireless networks. But, end-to-end security' is not supported unless a WAR gateway is operated by the content provider We propose ITLS mechanism to solve the WAP security problem. The goal of ITLS is to prohibit the WAP gateway from having the plain text message assuming the gateway doesn't belong to the content provider In ITLS, the security' partner of a Web server is not a gateway but a client, the client encrypts twice times for the Web server and the gateway in the order named. To support these functions, IniCertificate and IntClientKeyExchange message types are added in ITLS handshake protocol, application data encryption and decryption rules are modified. It is one drawback that ITLS enabled mobile devices might have many loads than WTLS because of encryption and decryption twice times.