System and method for implementing an enhanced transport layer security protocol
First Claim
1. A method for securely communicating with a server operating on a computer network, comprising the steps of:
- providing a servlet that securely communicates with the server;
providing a connection log maintained by the servlet that stores one or more transmissions received by the servlet;
sending an encrypted transmission to the servlet over the computer network;
receiving the encrypted transmission at the servlet;
decrypting the encrypted transmission with the servlet to generate a decrypted transmission;
comparing the decrypted transmission with the one or more transmissions stored in the connection log to determine if the decrypted transmission is original; and
if the decrypted transmission is original, then transferring the decrypted transmission from the servlet to the server.
3 Assignments
0 Petitions
Accused Products
Abstract
A system and method for implementing an enhanced transport layer security (ETLS) protocol is provided. The system includes a primary server, an ETLS servlet and an ETLS software module. The primary server operates on a computer network and is configured to communicate over the computer network using a non-proprietary security protocol. The ETLS servlet also operates on the computer network and is securely coupled to the primary server. The ETLS servlet is configured to communicate over the computer network using an ETLS security protocol. The ETLS software module operates on a mobile device, and is configured to communicate over the computer network using either the non-proprietary security protocol or the ETLS security protocol Operationally, the ETLS software module initially contacts the server over the computer network using the non-proprietary security protocol, and subsequently contacts the server through the ETLS servlet using the ETLS security protocol.
82 Citations
71 Claims
-
1. A method for securely communicating with a server operating on a computer network, comprising the steps of:
-
providing a servlet that securely communicates with the server;
providing a connection log maintained by the servlet that stores one or more transmissions received by the servlet;
sending an encrypted transmission to the servlet over the computer network;
receiving the encrypted transmission at the servlet;
decrypting the encrypted transmission with the servlet to generate a decrypted transmission;
comparing the decrypted transmission with the one or more transmissions stored in the connection log to determine if the decrypted transmission is original; and
if the decrypted transmission is original, then transferring the decrypted transmission from the servlet to the server. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
-
-
26. A method for securely communicating between a mobile device and a server operating on a computer network, comprising the steps of:
-
providing a security servlet operating on the computer network, wherein the security servlet communicates with the server via a secure link, and is identified by a unique location on the computer network;
establishing a wireless connection between the mobile device and the computer network;
establishing a secure connection between the mobile device and the server using a non-proprietary security protocol;
sending a first encrypted service request from the mobile device to the server via the non-proprietary security protocol;
sending a first encrypted response from the server to the mobile device that includes the unique location of the security servlet on the computer network;
sending a second encrypted service request from the mobile device to the security servlet using the unique location of the security servlet;
decrypting the second encrypted service request with the security servlet to generate a decrypted service request;
transferring the decrypted service request from the security servlet to the server. - View Dependent Claims (27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43)
-
-
44. A secure server, comprising:
-
a primary server operating on a computer network;
a security servlet operating on the computer network and securely coupled to the primary server and configured to decrypt an encrypted service request received from the computer network to generate a decrypted service request; and
a connection log coupled to the security servlet that stores one or more previous service requests received by the security servlet;
wherein the security servlet first verifies that the encrypted service request is original by comparing the decrypted service request with the one or more previous service requests stored in the connection log, and then transfers the decrypted service request to the primary server. - View Dependent Claims (45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56)
-
-
57. An enhanced transport layer security (ETLS) system for a mobile device, comprising:
-
a primary server operating on a computer network and configured to communicate over the computer network using a non-proprietary security protocol;
an ETLS servlet operating on the computer network and securely coupled to the server, wherein the ETLS servlet is configured to communicate over the computer network using an ETLS security protocol;
an ETLS software module operating on the mobile device that is configured to communicate over the computer network using either the nonproprietary security protocol or the ETLS security protocol;
wherein the ETLS software module initially contacts the server over the computer network using the non-proprietary security protocol and subsequently contacts the server through the ETLS servlet using the ETLS security protocol. - View Dependent Claims (58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71)
-
Specification