Method for establishing a secured communication channel over the internet
First Claim
1. A method for establishing a secured communication channel between a client and a designated server over interconnected networks of computers, comprising the steps of:
- a) causing a client to request a program from a server via a first communication channel, said program being executable be said client for the purpose of establishing a secure communication channel;
b) causing said client to receive said program and encryption information identified by a token;
c) executing said program at said client in order to open a second communication channel between said client and a designated server by performing a handshake protocol exchange between said client and said designated server, said second communication channel being secure; and
d) exchanging encrypted messages between said client and said designated server via said second channel.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for establishing a secured communication channel between a client and a server is disclosed where a program and a set of encryption information for establishing the secured communication channel are delivered from the server to the client. The set of encryption information is compact and can be used to quickly and efficiently encipher and decipher data. In particular, the client requests a program from the server via a first secured communication channel that can be established by a web browser under the HTTPS (Hypertext Transfer Protocol with SSL) protocol. The server in response dynamically generates a set of encryption information and a token identifying this particular set of encryption information. This information is then sent with the requested program. While the program can be written in any language, the language of choice is a platform-independent language such as Java. When the program executes on the client and performs its programmed tasks, one of the tasks is to establish a separate, secured communication channel with the server using the encryption information from the server.
418 Citations
22 Claims
-
1. A method for establishing a secured communication channel between a client and a designated server over interconnected networks of computers, comprising the steps of:
-
a) causing a client to request a program from a server via a first communication channel, said program being executable be said client for the purpose of establishing a secure communication channel;
b) causing said client to receive said program and encryption information identified by a token;
c) executing said program at said client in order to open a second communication channel between said client and a designated server by performing a handshake protocol exchange between said client and said designated server, said second communication channel being secure; and
d) exchanging encrypted messages between said client and said designated server via said second channel. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
1) receiving a manager time stamp from said designated server;
2) sending to said server a first set of information including a first sequence number, said token, said manager time stamp, and a client time stamp, one or more pieces of said first set of information being encrypted; and
3) sending to said client a second set of information including a second sequence number, said manager time stamp and said client time stamp, one or more pieces of said second set of information being encrypted.
-
-
11. A machine readable storage device encoding instructions for executing the method as recited in claim 1.
-
12. A system for establishing a secured communication channel between a client and a designated server over interconnected networks of computers, comprising:
-
a) means for causing a client to request a program from a server via a first communication channel, said program being executable by said client for the purpose of establishing a secure communication channel;
b) means for causing said client to receive said program and encryption information identified by a token;
c) means for causing said client to execute said program in order to open a second communication channel between said client and a designated server by performing a handshake protocol exchange between said client and said designated server, said second communication channel being secure; and
(d) means for exchanging encrypted messages between said client and said designated server via said second channel. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21)
1) means for receiving a manager time stamp from said designated server;
2) means for sending to said server a first set of information including a first sequence number, said token, said manager time stamp, and a client time stamp, one or more pieces of said first set of information being encrypted; and
3) means for sending to said client a second set of information including a second sequence number, said manager time stamp and said client time stamp, one or more pieces of said second set of information being encrypted.
-
-
22. A method for establishing a secured communication channel between a client and a designated server over interconnected networks of computers, comprising the steps of:
-
a) causing a client to request a server to deliver a program via a first secured communication channel established by a web browser, said program to be executed by said client for the purpose of establishing a secure communication channel;
b) causing said server to deliver over said first secured communication channel to said client said requested program with a set of encryption information identified by a token;
c) executing said requested program in order to open a second secured communication channel by performing a handshake protocol exchange between said client and said designated server using said set of encryption information and said token; and
d) exchanging encrypted messages over said second secured communication channel between said client and said server.
-
Specification