Method and apparatus for executing secure data transfer in a wireless network
First Claim
1. A method for executing secure data transfer between a communication device and an application server, wherein data are transferred over a network between the application server and the communication device, comprising:
- sending an agreement proposal for a secure transaction of data from the server to a security adapter connected to the network, said security adapter residing on the network distinctly from the server and the communication device, creating and sending a message from the security adapter to the communication device in order to activate a signing application, the signing application signing the data to be sent, sending the signed data from the communication device to the security adapter, verifying the signature for the data, and sending the verified signed data to the server for execution of the transaction.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for executing secure data transfer between a communication device and an application server in a wireless network, in which a request requiring a secure transaction of data is sent from either the communication device or the server. An agreement proposal for the secure transaction is sent to the communication device, and if the agreement proposal is considered acceptable, the agreement proposal is sent to a security adapter. Details of the transaction are entered into a message and sent to a smart card in order to activate a signing application in the smart card. The details of the transaction are displayed on the communication device, and if the transaction is accepted, the signing application signs the data and sends it to the security adapter via messages, the signature is verified, and the data is sent to the server.
115 Citations
20 Claims
-
1. A method for executing secure data transfer between a communication device and an application server, wherein data are transferred over a network between the application server and the communication device, comprising:
-
sending an agreement proposal for a secure transaction of data from the server to a security adapter connected to the network, said security adapter residing on the network distinctly from the server and the communication device, creating and sending a message from the security adapter to the communication device in order to activate a signing application, the signing application signing the data to be sent, sending the signed data from the communication device to the security adapter, verifying the signature for the data, and sending the verified signed data to the server for execution of the transaction. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system for executing secure data transfer between a communication device and an application server over a wireless network, comprising a security adapter connected to the network for monitoring the data transfer between the communication device and the application server, wherein
said server is adapted to send an agreement proposal for a secure transaction of data to the security adapter, said security adapter residing on the network distinctly from the server and the communication device, said security adapter is adapted to receive said agreement proposal for a secure transaction from the server, and create and send a message to the communication device for activating a signing application, said communication device is adapted to sign the data, and send the signed data to the security adapter, said security adapter is adapted to receive, and send the signed data for verification and then send the verified signed data to the application server for execution of the transaction.
-
17. A security adapter for connection to a wireless network for monitoring the data transfer between a communication device and an application server connected to the network, wherein
means for receiving an agreement proposal for a secure transaction from the communication device, means for creating and sending a message to the communication device in order to activate a signing application, means for receiving signed data sent from the communication device, and means for sending the signed data for verification and then to the application server for execution of the transaction, wherein said security adapter resides on the network distinctly from the server and the communication device.
-
18. A computer program product directly loadable into the internal memory of a security adapter with digital computer capabilities, comprising software code portions for performing the steps of:
-
receiving an agreement proposal for a secure transaction from a communication device, creating and sending a message to the communication device in order to activate a signing application, receiving signed data sent from the communication device, and sending the signed data for verification and then to an application server for execution of the transaction, wherein said security adapter resides on the network distinctly from the server and the communication device.
-
-
19. A computer program element comprising computer program code means to make a security adapter with digital computer capabilities execute the steps of:
- receiving an agreement proposal for a secure transaction from a communication device,
creating and sending a message to the communication device in order to activate a signing application, receiving signed data sent from the communication device, and sending the signed data for verification and then to an application server for execution of the transaction, wherein said security adapter resides on the network distinctly from the server and the communication device. - View Dependent Claims (20)
- receiving an agreement proposal for a secure transaction from a communication device,
Specification