WAP规范下的WML编码器及传输安全层协议的分析和实现
摘要
随着知识经济的发展,现代社会人们对于各种信息的需求量也正在逐渐的
递增。尤其是Internet的发展和普及,正逐步改变着人们的生活方式。然而,
Internet固有的有线连接方式大大限制了人们对网络信息的访问和使用。移动
通信的出现打破了位置与通讯工具之间的常规联系,为实时、便利的进行信息
交流提供了可能。将移动通信的通信手段与Internet上的信息资源相结合,发
展无线数据业务,已成为当前移动通信行业和信息行业的重要发展方向和发展
热点。
本文介绍了一种新的无线互联网技术--WAP(Wirelee Application
Protocol)技术。它是利用无线网络开发无线应用、提供信息服务的通用规范,
它为在数字移动电话、寻呼机、个人数字助理(PDA)和其他无线终端上实现
Internet通讯和无线数据业务提供了一个开放的、通用的规范。通过对该技术
规范的研究,建立有自主产权的WAP网关开发平台软件,将有助于推动WAP技
术在我国的应用和发展。
文中详细描述了本人所作的工作,即WAP规范下的WML编码器及传输安
全层协议服务器端的实现。前者实现了WAP所支持的WML语言从文本格式转
换成压缩的二进制编码WBXML格式,提高了移动终端对WAP应用支持的兼
容性,同时也降低了网络传输的数据量。后者提供了WAP网关的安全服务,是
实现安全传输的必要条件。这两项工作是整个WAP网关平台软件的重要组成部
分。最后,通过对WML编码器的相应软件的举例比较和对网络加密的原理分
析和举例说明,对本文实现的工作,给出了各自的性能评价和改进意见。
这两项工作的程序已经在实际机器上运行成功。
With the development of the knowledge economy, the requirements of people in the
modem society to the all kinds of information are increasing gradually. Especially, the
development and the popularization of the Internet are changing the peoples?life. But the
intrinsic way of the Internet by wire confines accessing and using of the network
information. The Mobile communication breaks the general contact of the position and the
means of communication, which provide the possibility to communicate the information
timely and conveniently. The combination of means of mobile communication and the.
resources of the Internet information is the important direction and focus of development
in the domain of the current mobile communication and information.
This thesis introduces a new technology of the Intemet---WAP (wireless Application
Protocol) technology. The Wireless Application Protocol (WAP) promotes industry-wide
specifications for technology useful in developing applications and services that operate
over wireless communication networks. It specifies an application framework and network
protocols for wireless devices such as mobile telephones, pagers, and personal digital
assistants (PDA). Researching the technology specification will help to build the
development platform of the WAP gateway which has the independent intellectual
property and contributes to impulse the application and the development of the WAP
technology in our country.
The paper elaborates the primarily works of mine. There are the WML encoder and
the implementation of the wireless transport layer security protocol in the server .The
former implement the transformation between the text form of the WML which is defined
by the WAP and the compressed WBXML form. It improves compatibility between the
wireless devices and the application of the WAP and decreases the quantity of data in the
network. The latter provides the security service of the WAP gateway, which is the
necessary condition to transport securely. The two works are the import parts of the WAP
gateway platform. Finally, the performance evaluation and the advice of improvement
have been illustrated by giving examples for the corresponding software of the WML
encoder and analyzing the encryption theory of the network security.
The implementations of the two works have been run successfully.
递增。尤其是Internet的发展和普及,正逐步改变着人们的生活方式。然而,
Internet固有的有线连接方式大大限制了人们对网络信息的访问和使用。移动
通信的出现打破了位置与通讯工具之间的常规联系,为实时、便利的进行信息
交流提供了可能。将移动通信的通信手段与Internet上的信息资源相结合,发
展无线数据业务,已成为当前移动通信行业和信息行业的重要发展方向和发展
热点。
本文介绍了一种新的无线互联网技术--WAP(Wirelee Application
Protocol)技术。它是利用无线网络开发无线应用、提供信息服务的通用规范,
它为在数字移动电话、寻呼机、个人数字助理(PDA)和其他无线终端上实现
Internet通讯和无线数据业务提供了一个开放的、通用的规范。通过对该技术
规范的研究,建立有自主产权的WAP网关开发平台软件,将有助于推动WAP技
术在我国的应用和发展。
文中详细描述了本人所作的工作,即WAP规范下的WML编码器及传输安
全层协议服务器端的实现。前者实现了WAP所支持的WML语言从文本格式转
换成压缩的二进制编码WBXML格式,提高了移动终端对WAP应用支持的兼
容性,同时也降低了网络传输的数据量。后者提供了WAP网关的安全服务,是
实现安全传输的必要条件。这两项工作是整个WAP网关平台软件的重要组成部
分。最后,通过对WML编码器的相应软件的举例比较和对网络加密的原理分
析和举例说明,对本文实现的工作,给出了各自的性能评价和改进意见。
这两项工作的程序已经在实际机器上运行成功。
With the development of the knowledge economy, the requirements of people in the
modem society to the all kinds of information are increasing gradually. Especially, the
development and the popularization of the Internet are changing the peoples?life. But the
intrinsic way of the Internet by wire confines accessing and using of the network
information. The Mobile communication breaks the general contact of the position and the
means of communication, which provide the possibility to communicate the information
timely and conveniently. The combination of means of mobile communication and the.
resources of the Internet information is the important direction and focus of development
in the domain of the current mobile communication and information.
This thesis introduces a new technology of the Intemet---WAP (wireless Application
Protocol) technology. The Wireless Application Protocol (WAP) promotes industry-wide
specifications for technology useful in developing applications and services that operate
over wireless communication networks. It specifies an application framework and network
protocols for wireless devices such as mobile telephones, pagers, and personal digital
assistants (PDA). Researching the technology specification will help to build the
development platform of the WAP gateway which has the independent intellectual
property and contributes to impulse the application and the development of the WAP
technology in our country.
The paper elaborates the primarily works of mine. There are the WML encoder and
the implementation of the wireless transport layer security protocol in the server .The
former implement the transformation between the text form of the WML which is defined
by the WAP and the compressed WBXML form. It improves compatibility between the
wireless devices and the application of the WAP and decreases the quantity of data in the
network. The latter provides the security service of the WAP gateway, which is the
necessary condition to transport securely. The two works are the import parts of the WAP
gateway platform. Finally, the performance evaluation and the advice of improvement
have been illustrated by giving examples for the corresponding software of the WML
encoder and analyzing the encryption theory of the network security.
The implementations of the two works have been run successfully.
引文
1. 王锐,陈靓译,网络最高安全技术指南,机械工业出版社,1998,5
2. Bruce Schneier著,吴世忠,祝世雄等译,应用密码学,机械工业出版社,2000,11, 1
3. 唐靖炎,周良源,UNIX平台下C语言高级编程指南,北京希望电子出版社,2000,2
4. Kay A.Robbins著,实用UNIX编程,机械工业出版社,1999,10
5. 卢开澄,计算机密码学,清华大学出版社,1998,7
6. 冷健,谢冬青,基于SSL协议的网络安全模型及其实现,计算机工程与应用2000, (9)
7. 汪立东,余祥湛,PKI几个安全问题的研究,计算机工程 1999,26(1)
8. 金波,王海龙,王行愚,X.509证书管理系统及其实现,微型电脑应用,1999,15(10)
9. 沈卫忠,陈公超,傅丽丽,公共密钥体系和X.509标准,电子技术,1999(4)
10. 刘玉莎,公钥基础设施在网络安全中的研究与应用,计算机工程与应用,2000. 3
11. 韩明华,衣晓飞,移动Internet访问协议--WAP,电信技术,2000,1
12. 张沛,WAP使移动I nternet成为现实,现代电信科技,2000,2
13. 贺清峰,张毅,宋靖雁,无线应用协议及其在电子商务中的应用,电子技术,2000, (8)
14. 韦卫,王德杰,王行,Internet网络层安全协议理论研究与实现,计算机学报,1999, 12(2)
15. WAP Forum, "Wireless Application Protocol Architecture Specification", Version 30-April-1998, http://www.wapforum.org/wap
16. WAP Forum , "Wireless Application Protocol Wireless Application Environment Overview", Version 16-June-1999,http://www. wapforum.org/wap
17. WAP Forum, "Wireless Application Protocol Wireless Session Protocol Specification", Version 28-May-1999,http://www.wapforum.org/wap
18. WAP Forum, "Wireless Application Protocol Wireless Transaction Protocol Specification", Version 11-June-1999,http://www. wapforum.org/wap
19. WAP Forum, "Wireless Application Protocol Wireless Datagram Protocol Specification",Version 05-Nov-1999,http://www. wapforum.org/wap
20. WAP Forum, "Wireless Application Protocol Wireless Markup Language Specification ", Version 1. 1, 16-Jun-1999, http://www.wapforum.org/wap
21. WAP Forum, "Wireless Application Protocol White Paper", http://www.wapforum.org/wap
22. WAP Forum, "Binary XML Content Format Specification",version 04-November-1999, http://www.wapforum.org/
23. WAP Forum, "WML Script Language Specification", version 04-November-1999, http: //www.wapforum.org/
24. WAP Forum,"WMLScript Standard Libraries Specification",version 04-November-1999,. http://www.wapforum.org/
25. WAP Forum, "Wireless Transport Layer Security", v 05, November, 1999,http://www.wapforum. org
26. "Hypertext Transfer Protocol-HTTP/1. 1 ".January 1997,http://www.ietf.org/rfc/rfc2616. txt
27. Andrew S.Tanenbaum,"Computer Networks 3rd Ed",清华大学出版社
28. Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", March 1997,ftp://ftp.isi.edu/in-notes/rfc2119. txt
29. Dierks,T.andAllen,"The TLS Protocol", C., January 1999 , URL: ftp://ftp.isi.edu/in-notes/rfc2246. txt
30. Krawczyk, H., Bellare, M., and Canetti, R., "HMAC: Keyed-Hashing for Message Authentication", RFC 2104, February 1997, ftp://ftp.isi.edu/in-notes/rfc2104. txt
31. "Secure Hash Standard", NIST FIPS PUB 180-1, National Institute of Standards and Technology.U.S. Department of Commerce, DRAFT, May 1994.
32. "The Directory-Authentication Framework",CCITT, Recommendation X.509, 1988.
33. Tuchman W., "Hellman Presents No Shortcut Solutions To DES", IEEE Spectrum, v. 16, n. 7, Julyl979, pp 40-41.
34. "American National Standard for Information Systems-Data Link Encryption", ANSI X3. 106,American National Standards Institute, 1983.
35. Diffie, W. and Hellman M. E., "New Directions in Cryptography", IEEE Transactions on Information Theory, V. IT-22, n. 6, Jun 1977, pp. 74-84.
36. "Digital Signature Standard", NIST FIPS PUB 186, National Institute of Standards and Technology, U.S. Department of Commerce, May 1994.
37. Lai, X., "On the Design and Security of Block Ciphers", ETH Series in Information Processing, v. 1. Konstanz: Hartung-Gorre Verlag, 1992.
38. "The MD5 Message Digest Algorithm", Rivest, R., RFC 1321, April 1992, ftp://ftp.isi.edu/in-notes/rfcl321. txt
39. "PKCS #1: RSA Encryption Standard", version 1. 5, RSA Laboratories, November 1993.
40. Rivest, R., Shamir, A.and Adleman L.M., "A Method for Obtaining Digital Signatures and Public-Key Cryptosystems", Communications of the ACM, v. 21, n. 2, Feb 1978, pp. 120-126.
2. Bruce Schneier著,吴世忠,祝世雄等译,应用密码学,机械工业出版社,2000,11, 1
3. 唐靖炎,周良源,UNIX平台下C语言高级编程指南,北京希望电子出版社,2000,2
4. Kay A.Robbins著,实用UNIX编程,机械工业出版社,1999,10
5. 卢开澄,计算机密码学,清华大学出版社,1998,7
6. 冷健,谢冬青,基于SSL协议的网络安全模型及其实现,计算机工程与应用2000, (9)
7. 汪立东,余祥湛,PKI几个安全问题的研究,计算机工程 1999,26(1)
8. 金波,王海龙,王行愚,X.509证书管理系统及其实现,微型电脑应用,1999,15(10)
9. 沈卫忠,陈公超,傅丽丽,公共密钥体系和X.509标准,电子技术,1999(4)
10. 刘玉莎,公钥基础设施在网络安全中的研究与应用,计算机工程与应用,2000. 3
11. 韩明华,衣晓飞,移动Internet访问协议--WAP,电信技术,2000,1
12. 张沛,WAP使移动I nternet成为现实,现代电信科技,2000,2
13. 贺清峰,张毅,宋靖雁,无线应用协议及其在电子商务中的应用,电子技术,2000, (8)
14. 韦卫,王德杰,王行,Internet网络层安全协议理论研究与实现,计算机学报,1999, 12(2)
15. WAP Forum, "Wireless Application Protocol Architecture Specification", Version 30-April-1998, http://www.wapforum.org/wap
16. WAP Forum , "Wireless Application Protocol Wireless Application Environment Overview", Version 16-June-1999,http://www. wapforum.org/wap
17. WAP Forum, "Wireless Application Protocol Wireless Session Protocol Specification", Version 28-May-1999,http://www.wapforum.org/wap
18. WAP Forum, "Wireless Application Protocol Wireless Transaction Protocol Specification", Version 11-June-1999,http://www. wapforum.org/wap
19. WAP Forum, "Wireless Application Protocol Wireless Datagram Protocol Specification",Version 05-Nov-1999,http://www. wapforum.org/wap
20. WAP Forum, "Wireless Application Protocol Wireless Markup Language Specification ", Version 1. 1, 16-Jun-1999, http://www.wapforum.org/wap
21. WAP Forum, "Wireless Application Protocol White Paper", http://www.wapforum.org/wap
22. WAP Forum, "Binary XML Content Format Specification",version 04-November-1999, http://www.wapforum.org/
23. WAP Forum, "WML Script Language Specification", version 04-November-1999, http: //www.wapforum.org/
24. WAP Forum,"WMLScript Standard Libraries Specification",version 04-November-1999,. http://www.wapforum.org/
25. WAP Forum, "Wireless Transport Layer Security", v 05, November, 1999,http://www.wapforum. org
26. "Hypertext Transfer Protocol-HTTP/1. 1 ".January 1997,http://www.ietf.org/rfc/rfc2616. txt
27. Andrew S.Tanenbaum,"Computer Networks 3rd Ed",清华大学出版社
28. Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", March 1997,ftp://ftp.isi.edu/in-notes/rfc2119. txt
29. Dierks,T.andAllen,"The TLS Protocol", C., January 1999 , URL: ftp://ftp.isi.edu/in-notes/rfc2246. txt
30. Krawczyk, H., Bellare, M., and Canetti, R., "HMAC: Keyed-Hashing for Message Authentication", RFC 2104, February 1997, ftp://ftp.isi.edu/in-notes/rfc2104. txt
31. "Secure Hash Standard", NIST FIPS PUB 180-1, National Institute of Standards and Technology.U.S. Department of Commerce, DRAFT, May 1994.
32. "The Directory-Authentication Framework",CCITT, Recommendation X.509, 1988.
33. Tuchman W., "Hellman Presents No Shortcut Solutions To DES", IEEE Spectrum, v. 16, n. 7, Julyl979, pp 40-41.
34. "American National Standard for Information Systems-Data Link Encryption", ANSI X3. 106,American National Standards Institute, 1983.
35. Diffie, W. and Hellman M. E., "New Directions in Cryptography", IEEE Transactions on Information Theory, V. IT-22, n. 6, Jun 1977, pp. 74-84.
36. "Digital Signature Standard", NIST FIPS PUB 186, National Institute of Standards and Technology, U.S. Department of Commerce, May 1994.
37. Lai, X., "On the Design and Security of Block Ciphers", ETH Series in Information Processing, v. 1. Konstanz: Hartung-Gorre Verlag, 1992.
38. "The MD5 Message Digest Algorithm", Rivest, R., RFC 1321, April 1992, ftp://ftp.isi.edu/in-notes/rfcl321. txt
39. "PKCS #1: RSA Encryption Standard", version 1. 5, RSA Laboratories, November 1993.
40. Rivest, R., Shamir, A.and Adleman L.M., "A Method for Obtaining Digital Signatures and Public-Key Cryptosystems", Communications of the ACM, v. 21, n. 2, Feb 1978, pp. 120-126.