Webmaster's Guide to the Wireless Internet part 50. The Webmaster’s Guide to the Wireless Internet provides the Wireless Webmaster with all of the tools necessary to build the next generation Internet. Packed with the essential information they need to design, develop, and secure robust, e-commerce enabled wireless Web sites. This book is written for advanced Webmasters who are experienced with conventional Web site design and are now faced with the challenge of creating sites that fit on the display of a Web enabled phone or PDA | 462 Chapter 10 Securing Your Wireless Web to take to provide an appropriate degree of security bear in mind that the more secure the solution is the less accessible information is to legitimate users. Security Models of the Wireless Web 0 There are two basic models for wireless security point-to-point and end-to-end. Point-to-point security means that information is protected at each leg of the journey by the appropriate security technologies for that part of the communication. End-to-end security means that a single security technology is at work all the way from the end device to the application regardless of the various networks that the communication may traverse. 0 Point-to-point security is only as strong as the weakest link. 0 With end-to-end security there are several different PKI technologies supported only in specific mobile devices browsers and applications. 0 Point-to-point and end-to-end security solutions both involve some form of cryptography. 0 SSL uses several well-defined encryption ciphers including RC5 the Data Encryption Standard DES 3DES and the International Data Encryption Algorithm IDEA . WTLS and Point-to-Point Security Models 0 The most important technology in the point-to-point security model is is the WAP equivalent of SSL and it provides encryption between wireless browsers and WAP gateways. 0 The most standard form of WTLS WTLS Class I is designed to work together with SSL so that WTLS operates on the wireless network side of the WAP gateway and SSL operates on the Internet and SSL together ensure that information is encrypted from point to point all the way from a wireless browser to a Web server 0 The three main components ofWTLS are the handshaking protocol that provides for key exchange a record structure for encrypted information and the Wireless Identity Module WIM . Securing Your Wireless Web Chapter 10 463 0 WAP gateways decrypt WTLS communication and then re-encrypt the communication .