PKI interoperability and policy in the wireless world
Agenda • Wireless Trust Services • Wireless PKI Technologies • Wireless Security Deployments Today • Interoperability testing experience • Certificate issuance policies • Use of certificates by other parties
Trust in The Wireless World Who are you? Can you pay? Can you prove it? Authentication Payment Validation
Wireless PKI Technologies • Device independent solutions • SIM Toolkit application (GSM) • WAP – WTLS class 2 today – WTLS class 3 2001 • I Mode Solutions – SSL from fall 2000 – Client Certificates in 2001? • Future wireless standards – WAP Next Generation – 3 G Wireless
SIM Toolkit Application Phone Private key SMS Gateway Application Server CA Processing Center SIM Manager Available today
Device Independent Solution Roaming Key Server #1 Phone SMS Gateway Signing Portal Application Server Roaming Key Server #2 Available today
WAP Gateway Architecture Application Servers Wireless Gateway HTTP/SSL WTLS HTTP/SSL
WAP Gateway/Server Certificates WTLS certificate service WAP Server/ Gateway WAP Private key Root public key Available today CA Processing Center
WAP Client Certificates Mobile Client WTLS client authentication Wireless Gateway Application Server WTLS Private key WML Script API: End-to-end digital signatures & client authentication Veri. Sign On. Site X. 509 client certificates CA Processing Center
On. Line-Issued WAP Client Certificates Application Phone/ WIM Server Wireless Gateway PKI Portal Certificate Issuance (Carrier cert) Private key SIM Personalization Center Certificate Issuance (Device Certificate) Wireless Client Certificate Issuing Capability in Trial 4 Q 00 X. 509 client certs CA Processing Center
Interoperability testing experience • Testing of WAP server certificates successful • Problems encountered: – User interface issues – Certificate memory allocation issues
Certificate Issuance Policy • Need a published policy • Value of certificate depends on level of authentication • Certificate status needs to be publicly available
Use of Certificates by other parties • Revenue opportunity for wireless carriers – Provide on line status of certificates – Use carrier issued certificate for m. Commerce authentication • Requires a high level of trust in certificate issuer
Summary • Interoperability essential • Successful testing of WAP server certs • Revenue opportunity for wireless carriers with wireless client certificates Interoperability essential for widespread adoption
“Enabling Trust on the Wireless Internet”
Скачать презентацию PKI interoperability and policy in the wireless world
3c5a9e1732e416f96b2c8e14525ae56b.ppt