×

Security protocol structure in application layer

  • US 7,096,352 B2
  • Filed: 01/02/2001
  • Issued: 08/22/2006
  • Est. Priority Date: 12/30/1999
  • Status: Expired due to Fees
First Claim
Patent Images

1. A method of establishing a security protocol structure in an application layer of a Wireless Application Protocol (WAP) standard, comprising:

  • receiving a first message containing a client random value from a client;

    determining whether the first message is a valid message;

    extracting a pre-master secret from the first message;

    generating a specific server random value;

    generating and transmitting a second message to the client to pass the server random value to the client;

    generating a master secret in accordance with the extracted pre-master secret, client random value, and server random value;

    generating a key block in accordance with the master secret, client random value, and server random value;

    generating from the key block an encryption key value for encryption and decryption algorithms and Message Authentication Code (MAC) algorithms;

    generating a third message indicating that encryption is activated; and

    generating a fourth message to verify that the client has generated a client master secret identical to the master secret and to indicate that secured communication has been established between a server generating the server random value and the client,wherein the security protocol structure comprises;

    a secure session layer directly between a session layer including a wireless session protocol and an application layer including a wireless application environment;

    a transaction layer including a wireless transaction protocol below the session layer;

    a security layer including a wireless transport layer security below the transaction layer;

    a transport layer including a wireless datagram protocol below the security layer; and

    a network layer below the transport layer,wherein the secure session layer provides a data security function in the application layer, and includes a secured session layer security (SSLS) protocol to provide a secure session interface to an application program, andwherein secure communication is established between a server and a client using the SSLS protocol and without using a certificate or public/private key generation operation.

View all claims
  • 3 Assignments
Timeline View
Assignment View
    ×
    ×