Security protocol structure in application layer
First Claim
Patent Images
1. A method of establishing a security protocol structure in an application layer of a Wireless Application Protocol (WAP) standard, comprising:
- receiving a first message containing a client random value from a client;
determining whether the first message is a valid message;
extracting a pre-master secret from the first message;
generating a specific server random value;
generating and transmitting a second message to the client to pass the server random value to the client;
generating a master secret in accordance with the extracted pre-master secret, client random value, and server random value;
generating a key block in accordance with the master secret, client random value, and server random value;
generating from the key block an encryption key value for encryption and decryption algorithms and Message Authentication Code (MAC) algorithms;
generating a third message indicating that encryption is activated; and
generating a fourth message to verify that the client has generated a client master secret identical to the master secret and to indicate that secured communication has been established between a server generating the server random value and the client,wherein the security protocol structure comprises;
a secure session layer directly between a session layer including a wireless session protocol and an application layer including a wireless application environment;
a transaction layer including a wireless transaction protocol below the session layer;
a security layer including a wireless transport layer security below the transaction layer;
a transport layer including a wireless datagram protocol below the security layer; and
a network layer below the transport layer,wherein the secure session layer provides a data security function in the application layer, and includes a secured session layer security (SSLS) protocol to provide a secure session interface to an application program, andwherein secure communication is established between a server and a client using the SSLS protocol and without using a certificate or public/private key generation operation.
3 Assignments
0 Petitions
Accused Products
Abstract
A security protocol structure for a Wireless Application Protocol (WAP) standard structure is disclosed. The security protocol structure provides a data security function in an application layer by providing a secret session having a secured session layer security (SSLS) protocol for providing a secret session interface to an application program between the session layer and the application layer.
-
Citations
14 Claims
-
1. A method of establishing a security protocol structure in an application layer of a Wireless Application Protocol (WAP) standard, comprising:
-
receiving a first message containing a client random value from a client; determining whether the first message is a valid message; extracting a pre-master secret from the first message; generating a specific server random value; generating and transmitting a second message to the client to pass the server random value to the client; generating a master secret in accordance with the extracted pre-master secret, client random value, and server random value; generating a key block in accordance with the master secret, client random value, and server random value; generating from the key block an encryption key value for encryption and decryption algorithms and Message Authentication Code (MAC) algorithms; generating a third message indicating that encryption is activated; and generating a fourth message to verify that the client has generated a client master secret identical to the master secret and to indicate that secured communication has been established between a server generating the server random value and the client, wherein the security protocol structure comprises; a secure session layer directly between a session layer including a wireless session protocol and an application layer including a wireless application environment; a transaction layer including a wireless transaction protocol below the session layer; a security layer including a wireless transport layer security below the transaction layer; a transport layer including a wireless datagram protocol below the security layer; and a network layer below the transport layer, wherein the secure session layer provides a data security function in the application layer, and includes a secured session layer security (SSLS) protocol to provide a secure session interface to an application program, and wherein secure communication is established between a server and a client using the SSLS protocol and without using a certificate or public/private key generation operation. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
Specification