17th Annual Computer Security Applications Conference
December 10-14, 2001
New Orleans, Louisiana

Wired versus Wireless Security: The Internet, WAP and i-mode for E-Commerce

Paul Ashley, Heather Hinton, Mark Vandenwauver
Tivoli Systems - An IBM Company

The perceived lack of security in the wireless environment has delayed many initiatives in providing access to e-commerce applications from wireless devices. Many organizations are skeptical that the same kind of security protections that they are used to in the current Internet (wired) e-commerce environment are also available for wireless transactions. In this paper we will show that these perceptions are misplaced. We describe the security properties and mechanisms available for Internet (wired), WAP based and iMode e-commerce. We find that both WAP and iMode provide excellent security features and are geared to provide other security provisions over and above those commonly available in a wired environment.

KeyWords: Wireless Security, Wireless Access Protocol (WAP), iMode, E-Commerce Security, Secure Sockets Layer (SSL), Wireless Transport Layer Security (WTLS)

Read Paper Read Paper (in PDF)