Sony Ericsson P800 Betriebsanweisung
P800/P802
White Paper, January 2003
68
Browser Security
World Wide Web
The P800 supports the TLS/SSL to provide a secure encrypted link between the browser and the
website. This method is commonly used for secure transactions on the WWW. An icon in the
display indicates when a secure connection is in use.
website. This method is commonly used for secure transactions on the WWW. An icon in the
display indicates when a secure connection is in use.
WAP Security
When using certain WAP services the user may want a secure connection between the phone
and the WAP gateway, for example when using banking services. An icon in the display indicates
when a secure connection is used. The P800 is based on the WAP 2.0 specifications where
security functionality is specified with a technology called Wireless Transport Layer Security
(WTLS) and WAP TLS Profile..
The WAP protocols that handle the connection, its transport and its security are structured in
protocol layers. The security is handled by the WTLS layer operating above the transport protocol
layer. There are 3 WTLS classes that define the levels of security for a WTLS connection:
and the WAP gateway, for example when using banking services. An icon in the display indicates
when a secure connection is used. The P800 is based on the WAP 2.0 specifications where
security functionality is specified with a technology called Wireless Transport Layer Security
(WTLS) and WAP TLS Profile..
The WAP protocols that handle the connection, its transport and its security are structured in
protocol layers. The security is handled by the WTLS layer operating above the transport protocol
layer. There are 3 WTLS classes that define the levels of security for a WTLS connection:
• WTLS class 1 involves encryption with no authentication.
• WTLS class 2 involves encryption with server authentication.
• WTLS class 3 involves encryption with both server and client authentication
Server authentication
Requires a server certificate stored at the server side and a root
certificate stored at the client side.
certificate stored at the client side.
Client authentication
Requires a client certificate stored at the client side and a trusted
certificate stored at the server side.
certificate stored at the server side.
A Wireless Identity Module (WIM) can contain both trusted and client certificates, private keys
and algorithms needed for WTLS handshaking, encryption/decryption and signature generation.
The WIM module can be placed on a SIM card and will then be referred to as a SWIM card.
Certificates
To use secure connections, the user needs to have certificates saved in the phone. User
certificates can be downloaded. There are two types of certificates:
Certificate authority
certificates can be downloaded. There are two types of certificates:
Certificate authority
A certificate used to verify that a WAP site is genuine. If the phone
has a stored certificate of a certain type, it means the user can trust
all WAP gateways which present a certificate that can be verified by
the trusted certificate. Certificates can be preinstalled in the phone,
pre-installed in the SWIM, or downloaded from the trusted supplier’s
WAP page.
has a stored certificate of a certain type, it means the user can trust
all WAP gateways which present a certificate that can be verified by
the trusted certificate. Certificates can be preinstalled in the phone,
pre-installed in the SWIM, or downloaded from the trusted supplier’s
WAP page.
User certificate
A personal certificate that verifies the user’s identity. A bank that the
user has a contract with may issue this kind of certificate. User
certificates can be pre-installed in the SWIM card.
user has a contract with may issue this kind of certificate. User
certificates can be pre-installed in the SWIM card.
The P800 is loaded with WTLS/X509 certificates from Baltimore, CTE Cybertrust, Entrust,
GlobalSign and VeriSign.