WAP Architecture - Part IV

Supporting Servers

The WAP Architecture also includes supporting servers, which provide services to devices, proxies, and applications asneeded. These services are often specific in function, but are of general use to a wide variety of applications.

The supporting servers defined by the WAP Forum include, but are not limited to:

· PKI Portal—The PKI Portal (shown in Figure 4) [WPKI] allows devices to initiate the creation of new public keycertificates.

· UAProf Server—The UAProf Server [UAProf] allows applications to retrieve the client capabilities and personalprofiles of user agents and individual users.

· Provisioning Server—The Provisioning Server [ProvArch] is trusted by the WAP device to provide its provisioninginformation.

WAP Network Elements

A typical WAP network is shown in Figure 5.

WAP clients communicate with application servers through a number of different proxies or directly. WAP clientssupport the proxy selection mechanism that allows them to utilise the most appropriate proxy for a given service or toconnect directly to that service as necessary. Proxies can be used to augment a request. They translate between WAPand WWW protocols (HTTP, TCP), thereby allowing the WAP client to submit requests to the origin server.

Proxies may be located in a number of places, including wireless carriers or independent service providers in order toprovide feature enhancements coupled to the wireless network (e.g., telephony, location and provisioning) or tooptimise the communication between device and application server (e.g., protocol translation and cookie caching).Proxies may be located in a secure network to provide a secure channel between wireless device and the secure network.

In some instances, the device might make direct connections to application servers, for example to provide a secureconnection directly between the device and application server.

The supporting servers provide support functions required by or generally useful to devices, proxies, and applicationservers. These functions include Provisioning, PKI, user agent profiles, etc.

Device Architecture

The architecture for WAP devices is shown in Figure 6. The Application Framework provides the device executionenvironment for WAP applications. WAP applications are comprised of markup, script, style sheets and multimediacontent, all of which are rendered on the device. The WAP Application Environment (WAE) processing model definesthe structure in which these various forms of executable and non-executable content interact.

The network protocols on the WAP client are shared between client and server. They are described in further detailbelow. Content renderers interpret specific forms of content and present them to the end user for perusal or interaction.Common functions are defined to be utilised by the application framework, including persistence and data synchronisation.

The Wireless Identity Module (WIM), as specified in [WIM], contains the identity of the device and the cryptographicmeans to mutually authenticate WAP devices and servers.

The architecture also provides a mechanism to access external functions that are embedded or attached to the devicesvia the External Functionality Interface (EFI).

Security Model

WAP enables a flexible security infrastructure that focuses on providing connection security between a WAP client andserver.

WAP can provide end-to-end security between protocol endpoints. If a browser and origin server desire end-to-endsecurity, they can communicate directly using the security protocols. Moreover, the WAP specifications includesupport for application-level security, such as signed text.