A SYSTEM AND METHOD OF EXPLOITING THE SECURITY OF A SECURE COMMUNICATION CHANNEL TO SECURE A NON-SECURE COMMUNICATION CHANNEL
First Claim
1. A method for establishing a secure communication channel between a client and an application server, the method comprising the steps of:
- (a) obtaining, by a web server, a MIME type document and a ticket associated with a client, the MIME type document comprising a client application program, the ticket having an identifier and a session key;
(b) receiving, by a web browser, the MIME type document and the ticket from the web server;
(c) invoking, by the web browser, the received client application program;
(d) establishing an application communication channel between the client and the application server;
(e) transmitting, by the client application program, the identifier from the ticket to the application server over the application communication channel;
(f) obtaining, by the application server, a copy of the session key from the web server using the identifier; and
(g) encrypting communications between the client application program and the application server over the application communication channel using the session key.
0 Assignments
0 Petitions
Accused Products
Abstract
The present invention features a system and method for establishing a secure communication channel between a client and an application server. In one embodiment, a ticket service generates a ticket having an identifier and a session key. A communications device obtains the ticket from the ticket service and transmits the ticket to a client over a secure communication channel. The client transmits the identifier of the ticket to an application server over an application communication channel. The application server then obtains a copy of the session key of the ticket from the ticket service. Communications exchanged between the client and the application server over the application communication channel are then encrypted using the session key to establish the application communication channel as a secure communication channel.
108 Citations
90 Claims
-
1. A method for establishing a secure communication channel between a client and an application server, the method comprising the steps of:
-
(a) obtaining, by a web server, a MIME type document and a ticket associated with a client, the MIME type document comprising a client application program, the ticket having an identifier and a session key;
(b) receiving, by a web browser, the MIME type document and the ticket from the web server;
(c) invoking, by the web browser, the received client application program;
(d) establishing an application communication channel between the client and the application server;
(e) transmitting, by the client application program, the identifier from the ticket to the application server over the application communication channel;
(f) obtaining, by the application server, a copy of the session key from the web server using the identifier; and
(g) encrypting communications between the client application program and the application server over the application communication channel using the session key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A client system for establishing a secure communication channel with an application server, the client system comprising:
-
a web browser associated with a client;
a web server in communication with the web browser over a web communication channel, the web server obtaining a MIME type document and a ticket associated with the client, the MIME type document comprising a client application program, the ticket having an identifier and a session key;
the web browser receiving, from the web server, the ticket and the MIME type document, the web browser invoking the received client application program;
an application server, in communication with the client over an application communication channel, receiving the identifier from the client application program, and the application server, in communication with the web server, obtaining a copy of the session key by using the identifier; and
the application server and the client application program encrypting communications over the application communication channel using the session key. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32)
-
-
33. A method for establishing a secure communication channel with an application server, the method comprising the steps of:
-
(a) receiving a MIME type document and a ticket from the web server, the ticket having an identifier and a session key, and the MIME type document comprising a client application program;
(b) invoking the received client application program;
(c) establishing an application communication channel with an application server;
(d) transmitting the identifier from the ticket to the application server over the application communication channel to provide the application server with information for obtaining a copy of the session key; and
(e) encrypting communications to the application server over the application communication channel using the session key. - View Dependent Claims (34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47)
-
-
48. A client system for establishing a secure communication channel with a client, the client system comprising:
-
a web browser in communication with a web server over a web communication channel, the web browser receiving, from the web server, a MIME type document and a ticket, the MIME type document comprising a client application program, the ticket having an identifier and a session key;
a client application program invoked by the web browser; and
the client application program establishing an application communication channel with the application server, the client application program transmitting the identifier over the application communication channel, and the client application program encrypting communications to the application server over the application communication channel using the session key. - View Dependent Claims (49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60)
-
-
61. A method for establishing a secure communication channel with a client, the method comprising the steps of:
-
(a) obtaining, by a web server, a MIME type document and a ticket associated with a client, the MIME type document comprising a client application program, the ticket having an identifier and a session key;
(b) transmitting, by the web server, the MIME type document and the ticket to a web browser over a web communication channel;
(c) invoking, by the web browser, the received client application program;
(d) establishing an application communication channel with the client;
(e) receiving, from the client application program, the identifier from the ticket over the application communication channel;
(f) obtaining a copy of the session key from the web server using the identifier; and
(g) encrypting communications to the client application program over the application communication channel using the session key. - View Dependent Claims (62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76)
-
-
77. A server system for establishing a secure communication channel with a client, the server system comprising:
-
a ticket service generating a ticket associated with a client, the ticket having an identifier and a session key;
a web server in communication with the ticket service, the web server transmitting a MIME type document and the ticket to the client over a web communication channel, the MIME type document comprising a client application program; and
an application server receiving the identifier from the ticket from the client, obtaining a copy of the session key from the web server, establishing an application communication channel with the client, and encrypting communications to the client over the application communication channel using the session key. - View Dependent Claims (78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90)
-
Specification