In today's fast paced business world, more and more business professionals are relying on wireless mobile data services for their day-to-day information needs. Two-way pagers can now be used for a wide variety of business applications such as accessing corporate email, generating stock transactions, or delivering time-critical patient information to doctors. As a result, these increasingly sophisticated devices are fast becoming the preferred communications tool for the mobile professional.
But there is a price to pay. With the increased use of wireless data services comes an increase in the potential for fraud. Wireless messaging networks are vulnerable to message interception, pager cloning, and eavesdropping. Mission critical and proprietary data is open to compromise, and private and sensitive information can easily fall into the wrong hands.
Now, more than ever, communications privacy over wireless data networks is of paramount importance.
V-ONE developed Air SmartGate specifically to address this need and to ensure wireless communications is made private for business. Air SmartGate safeguards against cloning, eavesdropping and message tampering by providing two-factor authentication and strong data encryption. Air SmartGate was developed in close coordination with Motorola's Messaging Systems Products Group and Glenayre's Wireless Access Group to ensure compatibility with their ReFlex two-way devices.
V-ONE has extended its award winning SmartGate Internet VPN technology into the wireless network environment by introducing Air SmartGate to its product portfolio. Air SmartGate is an advanced messaging security solution that uses a innovative system for pager-to-server communications (patent pending) that supports a sophisticated authentication method and data encryption scheme that provides a high level of data security prior to transmission over the air. Air SmartGate uses a special pager proxy that manages information flow between a carrier's message switch and the Air SmartGate server.
Messages sent through Air SmartGate are always transmitted in a protected mode delivering unsurpassed communications privacy over Narrowband PCS networks using Motorola's ReFlex and DataTac communications technologies. Air SmartGate provides a "drop-in" security solution that interoperates seamlessly with a carrier's interactive messaging network.
The Air SmartGate server integrates easily into a customer's enterprise network and seamlessly connects to a carrier's Network Operations Center (NOC) via the Internet to provide secure transmission of information across both the wireless and wireline portions of the data path. In this configuration, Air SmartGate provides an end-to-end secure messaging enclave for the enterprise.
The Air SmartGate Server periodically polls the NOC for incoming messages, manages subscriber authentication data and encryption keys, and establishes secure connections between sender and receiver. The server can support a multitude of carrier switch interface protocols such as TME-X used by SkyTel Communications, Inc. and WMAPI commonly used by ReFlex 25 carriers such as AirTouch/Vodaphone, PageMart, and Wireless Web (formerly PageNet). In addition, the server can be configured to support both SmartGate Internet VPN and Air SmartGate Secure Messaging in a single footprint. The server can be deployed at the customer premise as a customer managed system or be configured off-premise as a service delivery platform and offered as vendor managed service.
The Air SmartPass Client is a simple software upgrade to the pager code that enables the activation of the secure messaging service. Air SmartPass is required on the Glenayre and RIM pagers only. The Motorola pagers utilize their own embedded encryption/decryption functions that are directed to the Air SmartGate server. The Air SmartPass Client installs easily on the user's pager via the Registration Wizard. Air SmartPass is responsible for data encryption/decryption functions to/from the pager and enables the user to send and receive secure messages after authenticating themselves with the Air SmartGate server.
The Air SmartGate Registration Wizard runs on a Windows PC system and is used to provision the pager with upgraded pager code and SmartPass client software. The Wizard runs the Online Registration process, collects subscriber identity information, distributes encryption keys, and registers the user on the SmartGate server. The Wizard uses an Infrared port on the PC to communicate with the pager while communicating with the server over the Internet.
SmartAdmin gives the system administrator remote access to the Air SmartGate server via a graphical user interface. With Smart Admin, the user can configure send/receive proxies, setup the authentication host, define the SMTP domain gateway and MTA, add / delete / edit subscriber data, and enable / disable subscriber.
A Secure Paging Environment
By encrypting a pager's text message prior to transmission and authenticating the Personal Identification Numbers (PINs) of both the sender and receiver, Air SmartGate provides a secure pager messaging environment for the two-way subscriber. Messages sent using Air SmartGate are always transmitted in a protected mode between the pager and the Air SmartGate server providing end-to-end data security over the wireless network.
Strong Data Encryption - Ensures Communications Privacy
Secure messages are transmitted using RSA Data Security's RC4 cryptography. RC4 is a high performance stream cipher with byte-oriented operations. ASG (Air SmartGate) utilizes an encryption key length of 128 bits to further strengthen security. In addition, a new session key is randomly generated for each message. The RC4 algorithm has been scrutinized by independent analysts and is considered to be very secure.
In the event messages are intercepted during transit, they are completely unreadable.
Two Factor Authentication - Eliminates Cloning
A shared secret key is used to encrypt/decrypt data and is only known by the pager and the Air SmartGate server. ASG verifies that the sender' and receiver PINs are valid by checking the PIN against an authentication database. If the PIN does not belong to a registered user, the message is discarded. The server further authenticates the user by successfully attempting to decrypt the message using its copy of the shared secret key.
This feature eliminates pager cloning and prevents messages from being sent from an unauthorized source.
Message Confidentiality - Prevents Eavesdropping
Received messages are stored in a secure message folder on the pager. For added security, access to this folder requires a password. Security options on the pager allow a password timer to be set.
In the event a pager is lost or stolen, confidentiality of stored messages can be assured since eavesdropping on the secure folder would require knowledge of the subscriber's password.
Message Integrity Check - Safeguards Against Message Tampering
Encrypted messages are sent with a MIC (Message Integrity Check) to ensure end-to-end message integrity. The MIC is checked at the ASG server prior to transmission. If the check fails, the message is discarded and retransmitted.
If the contents of a message were to be unlawfully altered or tampered with in any way, it could not be delivered. Moreover, the Guaranteed Message Delivery feature, inherit to ReFlex based networks, is preserved end-to-end.
Online Registration - Simplifies Deployment
With V-ONE's patented OLR (Online Registration) process, secure pager software can be quickly downloaded into the pager and registered with the ASG server remotely.
OLR eliminates the need to manually key in service subscription data and provides quick and easy deployment of a large number of secure pagers.
Pager Transparency - Simple to Use
Secure message retrieval and transmission is simple because it follows normal pager operation. The only difference is that secure messages have their own send and receive folders in the pager's UI (User Interface).
Network Transparency - Drop-in Solution
ASG integrates seamlessly into a carrier's network infrastructure without any software or hardware modifications.
Application Independence - All Traffic Secured
In concert with Motorola and Glenayre, V-ONE has built security right into the pager's operating system. Therefore, any third party application running on the pager can take advantage of the pager's built-in security features.
SMTP Gateway - Supports Any Third Party Mail System
Send email securely directly to your pager via Air SmartGate's SMTP gateway. No need to worry about encryption or authentication, Air SmartGate will authenticate and encrypt the data for you prior to transmission over the air from any external email system using SMTP.
Secure Modes of Operation
Pager-to-Pager
Pager-to-Email
Email-to-Pager
Support for 3rd Party Applications
Mobile Office Mail Extension - Future
Subscriber Side Interfaces Supported
Motorola's ReFLEX 50 High Speed Transport Protocol - Available Now!
ReFLEX 25 - Available Q2 2000!
Motorola's DataTAC - Available Q2 2000!
More Being Added This Year!
Switch Side Interfaces Supported
SkyTel's TME-X (Transport Message Exchange - Extended) - Available Now!
Glenayre's WMapi (Wireless Messaging Application Programming Interface) - Available Now!
More Being Added This Year!
Carriers Supported
SkyTel Communications Inc. Advanced Two-Way Messaging Network - Available Now!
More Being Added This Year!
Pagers Supported
Glenayre Access Link II with Secure Link- Available Now!
RIM 850 - Available Q2 2000!
Motorola PageWriter 2000 / 2000x - Available Now!
Air SmartGate Server Hardware Platform
Low-end private system: Sun Micro Systems Ultra 5 Work Station.
High-end carrier class system: Sun Micro Systems Enterprise 250 Server.
Air SmartGate Server Software Platform
Sun Micro Systems Solaris Unix version 7.0
Air SmartPass Client Hardware Platform
IBM compatible, Intel Pentium class CPU.
Air SmartPass Client Software Platform
Microsoft Windows 95/98
Requires Internet access & Infrared port
The Air SmartGate system can be configured as a service delivery platform and built into a carrier's network infrastructure. In this model, the carrier can offer secure messaging on a subscription fee basis. In addition, the system may be customer owned and managed as a private secure messaging system but still utilizing the carrier's public network. In the private customer system model, the Air SmartGate server is typically located behind a firewall and communicates with the carrier's NOC over the Internet.
V-ONE offers two pricing models, 1) CMS (Customer Managed System and 2) Vendor Managed Service. In the CMS model, Air SmartGate can be purchased as software only or as a complete turnkey system with bundled hardware and software. There is a one-time charge for the server software license fee and a license fee for each seat used on the server. The SmartPass client software, Smart Admin, and Registration Wizard are free. There is also an annual software maintenance fee. In this model, the customer owns and manages his own server at his facility and is responsible for provisioning and registering his own pagers.
In the VMS model, a secure messaging service can be purchased on a monthly subscription fee basis. The VMS model is a full featured service offering w hereby provisioning, registration, activation, and service administration is provided by a service bureau. The server is off-premise and managed by V-ONE or one of its designated service providers.
