BT0087 WML and WAP Programming - Theory

Question 1 - Mention the devices for which WAP is designed.

The devices for which WAP is designed are Mobile phones, pagers, PDAs Devices with limited CPU, memory and battery life Devices with simple user interface Low bandwidth and high latency environments Unpredictable availability and stability WAP will be supported by many kinds of devices, from simple cell phones similar to those available today to a new generation of "smart" phones with large touch screens and many applications of their own. That's before we even look at the range of personal digital assistants (PDAs) available, from palmtops to full miniaturized computers complete with keyboards. All will eventually get WAP capabilities, either directly from the manufacturer or as some sort of third-party upgrade. Each device has a different kind of display and different methods for user input. The job of the WAP specification is to sort out this mess and provide a common framework to allow applications to run across all these different platforms. Most of the technology developed for the Internet has been designed for desktop and larger computers and medium to high bandwidth, generally reliable data networks. Mass-market, hand-held wireless devices present a more constrained computing environment compared to desktop computers. Because of fundamental limitations of power and form-factor, massmarket hand-held devices tend to have: Less powerful CPUs Less memory (ROM and RAM) Restricted power consumption Smaller displays, and Different input devices (e.g. a phone keypad).

Question 2 - Explain WAP security model.

The Wireless Application Protocol, or WAP, has been widely criticized by the media and corporations alike for its security shortcomings. In the WAP security architecture, two aspects of security need to be addressed: 1) Transport-level security 2) Application-level security Transport-level security, also known as channel security, deals with the point-to-point communication between a wireless client and the enterprise data source. This involves communication over both wireless and wireline channels. With WAP, data is encrypted during over-the-air transport using Wireless Transport Layer Security (WTLS) protocol, and over-the-wire transport using Internet security protocols such as SSL and TLS. This discrepancy leads to one of the main WAP security issues. But before we discuss that topic, we will examine the features of WTLS. Application-level security, this aspect deals with the security of the client application. This involves digital signatures and encryption. With so much attention given to the WAP gap and transport-level security, developers often forget about application-level security altogether. Application-level security is important for two main reasons: When security is required past the endpoints of transport-level security, and When presentation content needs to be accessed but enterprise data does not. This can happen during transcoding, that is, when another markup language (often HTML) is being transformed into WML.

Question 3 - What are the goals of WAP architecture?

WAP's goal is to allow a wide variety of wireless devices to access live information resources and applications. The WAP architecture provides a scalable and extensible environment for application development of mobile communication devices. The goals of the WAP architecture are as follows: Provide a web-centric application model for wireless data services that utilizes the telephony, mobility, and other unique functions of wireless devices and networks while allowing maximum flexibility as well as ability for vendors to enhance the user experience. Enable the personalization and customization of the device, the content delivered to it, and the presentation of the content. Provide support for secure as well as private applications and communication in a manner that is consistent and interoperable with Internet security models. Enable wireless devices and networks that are currently or in the near future being deployed, including a wide variety of bearers from narrow-band to wide-band. Provide secure access to local handset functionality. Facilitate network-operator and third party service provisioning. Define a layered, scalable and extensible architecture. Leverage existing standards where possible, especially existing and evolving Internet standards. WAP architecture provides layered design of the entire protocol stack. Each of the layers of the architecture is accessible by the layers above, as well as by other services and applications. The WAP layered architecture enables other services and applications to utilize the features of the WAP stack through a set of well-defined interfaces. As a result, the WAP protocol stack is divided into five layers: The following sections provide a description of the various elements of the protocol stack architecture.

Question 4 - What are the differences between HTML and WML?

A major difference between HTML and WML is that the basic unit of navigation in HTML is a page, while that in WML is a card. A WML file can contain multiple cards and they form a deck. When a user goes to a WAP site, the mobile browser loads a WML file that contains a deck of cards from the server. Only one card will be shown on the screen of the wireless device each time. If the user goes to another card of the same deck, the mobile browser does not have to send any request to the server since the file that contains the deck is already stored in the wireless device. WML is designed in this way because wireless devices have a high latency for connecting to the server. Downloading a deck of cards at a time can lower the number of round trips to the server. You can put links, text, images, input fields, option boxes and many other elements in a card. WML pages are often called "decks". A deck contains a set of cards. A card element can contain text, markup, links, input-fields, tasks, images and more. Cards can be related to each other with links. Some difference between HTML and WML is mention below:

Differences between HTML and WML WML HTML

Markup language for wireless communication Makes use of variables WML script stored in a separate file Images stored as WBMP WBMP is a 2 bit image Case sensitive WML has fewer tags than HTML A set of 'WML Cards' make a 'DECK' Markup language for wired communication Does not use variables JavaScript is embedded in the same HTML file Images are stored as GIF, JPEG or PNG Size of the images are much larger in HTML Not case sensitive HTML has more tags than WML A set of 'HTML pages' make a 'SITE'

Question 5 - Explain the use of type attribute.

The type attribute is another useful attribute of the <input> element. Its value can be either text (default value) or password. If the value of the type attribute is text, the characters in the input field will be visible; if you change it to password, all characters in the input field will be displayed as asterisks (*). Note that data in password input fields will not be transmitted in a more secure way than that in ordinary input fields. The following WML example demonstrates how to create a password input field: <?xml version="1.0"?> <!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.3//EN" http://www.wapforum.org/DTD/wml13.dtd"> <wml> <card id="card1" title="Password Input Fields"> <p> Please login before reading our WML tutorial.<br/><br/> User Name: <input type="text" name="name" maxlength="16" value="Jack"/><br/> Password: <input type="password" name="passwd" maxlength="10" value="abc"/> </p> </card> </wml> The <input/> tag is used to create input fields, the type attribute whose value can be either text (default value) or password. If the value of the type attribute is text, the characters in the input field will be visible. If you change it to password; all characters in the input field will be displayed as asterisks.