Secure Transport


SyncML®: Synchronizing and Managing Your Mobile Data
By Uwe Hansmann, Riku Mettälä, Apratim Purakayastha, Peter Thompson, Phillipe Kahn
Table of Contents
Chapter 8.  Security and Authentication

SyncML has taken the viewpoint that it is preferable to have security handled at the transport layer and authentication at the SyncML Representation layer.

There is no point in creating new secure transports when the best minds in the world are busy working to ensure that the current transports are secure. For example, the secure HTTP (HTTPS) protocol is in use worldwide and is under constant scrutiny to make sure it remains secure.

Of the three transports currently supported within SyncML, HTTP [SHB02] and WSP [SWB02] provide explicit extensions for secure transport (HTTPS [RFC2817] and WTLS [WTLS01]). OBEX [OBEX99] is already a fairly secure transport, as it uses one-to-one media such as RS-232 or IrDA®. Security when using OBEX over Bluetooth [BlIR01] is handled similarly to WSP.

Regardless of the transport used, secure transport guarantees the following:

  • A secure "tunnel" between the client and the server exists, disallowing eavesdropping.

  • The data is unaltered between the client and the server.


    SyncML. Synchronizing and Managing Your Mobile Data
    SyncML: Synchronizing and Managing Your Mobile Data
    ISBN: 0130093696
    EAN: 2147483647
    Year: 2001
    Pages: 124 © 2008-2017.
    If you may any questions please contact us: