Application interface method and system for encryption control
First Claim
1. Method for controlling encryption mode selectively in a first mode and a second mode during a connection oriented session between a server application and a client workstation, comprising the steps of:
- establishing said session in said first mode;
while communicating a data stream from said server application to said client workstation in said first mode detecting an encrypt structured field in said data stream;
responsive to said encrypt structured field;
flushing old data in the data stream prior to said encrypt structure field to said client workstation in said first mode;
switching mode on the communication link between said server application and said client workstation to said second mode;
removing said encrypt structured field from said data stream; and
thereafter,communicating new data in said data stream subsequent to said encrypt structured field to said client workstation in said second mode.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method is provided whereby a system or application programmer may control encryption on or off during a connection oriented session between a client and a server over the Internet/intranet. This is done by providing a keyword or command, such as a Data Description Specification (DDS) keyword or a User Defined Data Stream (UDDS), to insert into a data stream intended for the client an architecture command, the 5250 Write Single Structured Field (WSSF) architecture command carrying an unique structured field to indicate when encrypted mode should be made active or inactive.
150 Citations
11 Claims
-
1. Method for controlling encryption mode selectively in a first mode and a second mode during a connection oriented session between a server application and a client workstation, comprising the steps of:
-
establishing said session in said first mode; while communicating a data stream from said server application to said client workstation in said first mode detecting an encrypt structured field in said data stream; responsive to said encrypt structured field; flushing old data in the data stream prior to said encrypt structure field to said client workstation in said first mode; switching mode on the communication link between said server application and said client workstation to said second mode; removing said encrypt structured field from said data stream; and
thereafter,communicating new data in said data stream subsequent to said encrypt structured field to said client workstation in said second mode. - View Dependent Claims (2, 3)
-
-
4. System for controlling encryption mode during a connection oriented session between a server application and a client workstation, comprising:
-
a server application; a display data stream file; a virtual terminal associated with said client workstation; an interactive subsystem for generating from said server application and said display data stream file a data stream for putting to said virtual terminal; a virtual terminal manager for formatting said data stream for communication to said client workstation; and said virtual terminal manager being responsive to an encrypt structured field in said data stream to transmit old data in said data stream to said client workstation, to initiate changing of the encryption mode, to remove said encrypt structured field from said data stream, and thereafter to communicate new data in said data stream to said client workstation.
-
-
5. System for switching encryption mode during a connection oriented session between a server application and a client workstation, comprising:
-
a server application; a virtual terminal associated with said client workstation; an interactive subsystem for generating from said server application a data stream for putting to said virtual terminal; a virtual terminal manager for formatting said data stream for communication to said client workstation; and said virtual terminal manager being responsive to a user defined mode controlling command in said data stream to transmit old data in said data stream to said client workstation, to initiate switching of the encryption mode, to remove said switching command from said data stream, and thereafter to communicate new data in said data stream to said client workstation in the switched encryption mode.
-
-
6. A program storage device readable by a machine, tangibly embodying a program of instructions executable by a machine to perform method steps for setting encryption mode during a connection oriented session between a server application and a client workstation, said method steps comprising:
-
establishing said session in a first mode; while communicating a data stream from said server application to said client workstation in said first mode detecting an encrypt mode command in said data stream from said application; responsive to said encrypt mode command; flushing old data in the data stream prior to said encrypt mode command to said client workstation; switching encryption mode on the communication link between said server application and said client workstation to a second mode; removing said encrypt mode command from said data stream; and
thereafter,communicating new data in said data stream subsequent to said encrypt mode command to said client workstation in said second mode.
-
-
7. An article of manufacture comprising:
-
a computer usable medium having computer readable program code means embodied therein for toggling encryption mode between a first mode and a second mode during a connection oriented session between a server application and a client workstation, the computer readable program means in said article of stream; and computer readable program code means for causing a computer to communicate new data in said data stream to said client workstation in said second mode.
-
-
8. Method for controlling encryption mode during a connection oriented session between a server application having an associated screen display data stream (DDS) file and a client workstation, comprising the steps of:
-
establishing said session in a first encryption mode; communicating a data stream from said server application to said client workstation; putting an encrypt mode command in said data stream from said application or screen DDS file, said encrypt mode command separating old data and new data in said data stream; responsive to said encrypt mode command; flushing said old data in the data manufacture comprising; computer readable program code means for causing a computer to establish said session in said first mode; computer readable program code means for causing a computer to communicate a data stream from said server application to said client workstation in said first mode; computer readable program code means for causing a computer to put an encrypt mode command in said data stream from said application; computer readable program code means for causing a computer responsive to said encrypt mode command to; flush old data in the data stream to said client workstation; switch encryption mode on the communication link between said server application and said client workstation to said second mode; remove said encrypt mode command from said data stream to said client workstation; and
thereafterswitching encryption mode to a second encryption mode on the communication link between said server application and said client workstation; and
thereaftercommunicating said new data in said data stream to said client workstation.
-
-
9. System for controlling encryption mode during a connection oriented session between a server application and a client workstation, comprising:
-
a server application; a display data stream file; a virtual terminal associated with said client workstation; an interactive subsystem for generating from said server application and said display data stream file a data stream for putting to said virtual terminal; a virtual terminal manager for formatting said data stream for communication to said client workstation; and said virtual terminal manager being responsive to an encrypt command in said data stream to transmit old data in said data stream to said client workstation, to initiate changing of the encryption mode, and thereafter to communicate new data in said data stream to said client workstation.
-
-
10. System for switching encryption mode during a connection oriented session between a server application and a client workstation, comprising:
-
a server application; a virtual terminal associated with said client workstation; an interactive subsystem for generating from said server application a data stream for putting to said virtual terminal; a virtual terminal manager for formatting said data stream for communication to said client workstation; and said virtual terminal manager being responsive to a user defined mode controlling command in said data stream to transmit old data in said data stream to said client workstation, to initiate switching of the encryption mode, and thereafter to communicate new data in said data stream to said client workstation in the switched encryption mode.
-
-
11. Method for controlling encryption mode during a connection oriented session between a server application and a client workstation, comprising the steps of:
-
establishing said session by connecting said client workstation to said server application with encryption off; communicating a data stream from said server application to said client workstation, said data stream including an encrypt structured field, said encrypt structured field including an encryption on keyword followed by a password field followed by an encryption off keyword; upon detecting said encryption on keyword, flushing old data before said keyword in the data stream from said server to said client workstation; switching encryption mode on the communication link between said server application and said client workstation by renegotiating said connection to have encryption on; removing said encrypt structured field from said data stream; and
thereafter,communicating new data subsequent to said keyword in said data stream to said client workstation.
-
Specification