Technical Requirements of New Framework for GPRS Security Protocol Mobile Banking Application

Abstract GPRS stands out as one major development in the GSM standard that benefit from packet switched techniques to provide mobile subscribers with the much needed high bit rates for bursty data transmissions. It is possible theoretically for GPRS subscribers to use several time slots (packet data channels) simultaneously reaching a bit rate of about 170kbit/s. To meet our demands, the GPRS service has evolved from GSM to make high-speed data transmission possible, it offers high data rate packet switched connections and improves the utilization of the network and radio transmission resources, compared to the circuit switched radio transmission, GPRS allows multiple users to share one physical channel. One of the facilities that GPRS offers is connection to the Internet. Because of this facility, some banks now offer their clients access to their banking networks through GPRS as medium for switching packets to different networks that have its own security implementations. Such security implementations have been cracked and proven vulnerable. At present Wireless Application Protocol (WAP) as a data bearer protocol is the prevalent protocol offering the extra layer of security, with WAP using WTLS (WAP Transport Layer Security) as a security protocol. In this paper, we have looked into this extra layer and the security shortfalls in this layer. A framework that includes the GPRS architecture, a set of security policies, and a set of mechanism shall be proposed. Also a handshake algorithm is presented that can be used to establish a connection between MS client and MS server.