Design And Implementation Of Secure Enterprise Mobile Mailbox System Based On The WAP Push Technology

GPRS (Generalized Packet Radio Services) is a non-voice, packet switchedtechnology which is the packet-switched extension of GSM and wasdeveloped to facilitate access to IP-based services compared to existingcircuit-switched services. GPRS is designed to support from intermittent andbursty data transfers through to occasional transmission of large volumes ofdata. Several quality of service profiles are supported. GPRS introduces twonew network nodes in the GSM PLMN: The Serving GPRS Support Node(SGSN),whichisatthesamehierarchicallevel as theMSC,keepstrackoftheindividual MSs' location and performs security functions and access control.The SGSN is connected to the base station system with Frame Relay. TheGateway GSN (GGSN) provides interworking with external packet-switchednetworks, and is connected with SGSNs via an IP-based GPRS backbonenetwork.Wireless internet is not just an extension of the internet into the mobileenvironment, it is an integration of the internet and telecommunicationtechnologies into a single system. It facilitates instant connection to theinternet so information can be sent or received immediately, without the needforadial-upmodem.WAP is a standard for mobile Internet applications. Its primary objective isto provide an open standard for optimized access via a mobile device to theInternetorintranet.WAP protocols are largely based on Internet technologies. For Wap1.x,WAP replaces a Web browser with a WAP browser, which can also requestdata from a Web site. The major difference between how you access the datavia a browser on your PC and a WAP 1.x browser is that the WAP browserrequires a WAP gateway. This gateway functions as an intermediary betweenthemobileand Internet networks. WhenplacedbetweenaWAPbrowserandaWeb server, it takes care of the necessary binary encoding of content and canalso translate WMLto/from HTML. With WAP 2.0, the gateway is no longerthat critical a component of the WAP architecture. Also, content no longerneeds to be binary encoded; With WAP 2.0, the gateway is no longer thatcritical acomponent oftheWAParchitecture.Also,content nolongerneeds tobebinaryencoded;Theintent ofthePost OfficeProtocol (POP)is toallowauser's computertoaccess mail from a mailbox server. POP3 does not support sending e-mail, only receiving e-mail. POP3 is intended to be used in a download-and-deletefashion, which is a very attractive model for ISPs. POP3 has been used formany years, is well understood, and is actually an Internet Standard(STD0053).The objective of the Simple Mail Transfer Protocol (SMTP) is to transfermail reliably and efficiently. SMTP is independent of the particulartransmission subsystem and requires only a reliable ordered data streamchannel.An important feature of SMTP is its capability to transport mail acrossnetworks, usuallyreferredtoas "SMTPmail relaying"。Anetworkconsists ofthe mutually-TCP-accessible hosts on the public Internet, themutually-TCP-accessible hosts on a firewall-isolated TCP/IPIntranet, or hostsin some other LAN or WAN environment utilizing a non-TCP transport-levelprotocol. In this way, a mail message may pass through a number ofintermediate relay or gateway hosts on its path from sender to ultimaterecipient.The primary objective of e-mail notification is to invoke the device tolaunch the e-mail client, which may then (depending on implementation anduser settings) retrieve the e-mail. This will allow e-mail servers to sendnotifications in a standard way, without having to worry about various e-mailclient implementations. The added value of specifying a notificationmechanism is that it can be handled by the e-mail client transparently for theuser, for example by retrieving the message before notifying the user, so thattheemailisdirectlyavailableforviewing.The primary goal of the TLS Protocol is to provide privacy and dataintegrity between two communicating applications. The protocol is composedof two layers: the TLS Record Protocol and the TLS Handshake Protocol. Atthe lowest level, layered on top of some reliable transport protocol (e.g.,TCP[TCP]), is the TLS Record Protocol. The TLS Record Protocol providesconnection security that has two basic properties: - The connection is private.Symmetric cryptography is used for data encryption (e.g., DES , RC4 , etc.) -The connection is reliable. Secure hash functions (e.g., SHA, MD5, etc.) areused for MAC computations. the TLS Handshake Protocol, allows the serverand client to authenticate each other and to negotiate an encryption algorithmandcryptographickeysbeforetheapplicationprotocoltransmitsorreceivesitsfirstbyteofdata.One advantage of TLS is that it is application protocol independent. Higherlevel protocols can layer on top of the TLS Protocol transparently. The TLS standard, however, does not specify how protocols add security with TLS; thedecisions on how to initiate TLS handshaking and how to interpret theauthentication certificates exchanged are left up to the judgment of thedesignersandimplementorsofprotocolswhichrunontopofTLS.The goals of TLS Protocol, in order of their priority, are: 1. Cryptographicsecurity,2.Interoperability 3.Extensibility,4.Relativeefficiency.This thesis uses TLS protocol as safe transmission protocol between mobileterminals and proxies of email servers. TLS is an optional layer betweenappliedprotocollikeHTTPandTCP. ThemainaimofTLSprotocolisthatitcan provide privacy and data consistency between two applications whichcommunicate each other. This protocol is composedof TLS RecordProtocoland TLS Handshake Protocol. TLS Record Protocol separates theinformationwhichisreadytobetransmittedintoseveralcontrollableparts,thedata is compressed, and then it is transmitted after being encoded with MAC.When the information is received it is decoded, validated, decompressed,separated into several pieces and recombined, and then it is transmitted to thehigherlayertoapply.The safe enterprise mobile telephone mailbox system of this thesis useshttps as httpinformationtransmission protocol betweenmobiletelephones andproxies of email servers. The client of HTTP sends the connection to 443port of the server and sends TLS ClientHello information to start thehandshake process. When TLS handshake is finished the client can send thefirstHTTPrequest. AllHTTPdataissentasTLSapplicationdata.As an optional item, user can receive and send e-mails not only by normalED-POP3(110) and ED-SMTP(25) protocol, but also by configuring TLS safecommunication POP3S(995) and SMTPS(465) protocol to prevent that thesensitiveinformationisfilched.This article discuss the GRPS technology, give a brief description of WAPtechnology, internet mail technology and email notification mechanism.Finally, the SEMM (Secure Enterprise Mobile Mailbox) architecture arepresented with its protocol implementation, element and basic function. AndthesecuritymechanismforSEMMarealsodiscussed.