Is Enterprise Wireless Data Ready for Prime time?

FRAMINGHAM (07/24/2000) - OK, so we can access the Web over wireless connections from PDAs and data-capable cell phones. We can also send and receive e-mail with these same devices.

But let's not confuse the enthusiasm of early adopters with the stringent demands of the corporate mainstream. When we call an application or service enterprise-ready, we're placing significant requirements on it. Unfortunately, wireless data products and services don't meet those requirements - and won't until next year, at the earliest.

Chief among these prime time requirements is the need for standards-based, mature, interoperable products and services from diverse vendors. The principal set of standards for wireless data is Wireless Application Protocol (WAP), specifically Version 1.2. However, there are no WAP 1.2-compliant handsets on the market, and won't be until later this year.

Another critical enterprise requirement is end-to-end transactional security - an area where wireless data technologies in general, and WAP in particular, again come up short.

Can enterprise users authenticate themselves to back-end network applications from WAP clients? Not until WAP Identity Modules (WIM) - smart cards that store user private keys, digital certificates and digital signature algorithms - are commercially available, and not until client device manufacturers ship products that interface with WIMs. We're not going to see many WIMs on the market until later this year.

Firms cannot control granular access by WAP clients to corporate applications and data until vendors begin shipping policy-based authorization servers for the WAP market. Several vendors of extranet authorization products are developing WAP-oriented offerings, but there are none currently on the market.

Companies cannot provide end-to-end secure, encrypted channels between WAP clients and the servers they're trying to access until general availability of WAP 1.2-compliant handsets and WAP gateways that support WAP 1.2's Wireless Transport Layer Security (WTLS) protocol. Even when WTLS products are available, firms will still need to wrestle with the critical issue of whether to trust cellular service providers to manage WTLS-to-TLS security bridging.

Many firms will want to bring that security gateway in-house, behind their firewalls, but cellular service providers may balk at giving up such an important service.

There are a host of other open issues, such as the lack of WAP-oriented public-key infrastructure products and robust WAP-to-Web content translation tools, that show wireless data to be a technology still in its infancy - and not ready for enterprise prime time.

Kobielus is an analyst with The Burton Group Corp., an IT advisory service. He can be reached at

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about Burton GroupGateway

Show Comments