CA2420252A1 - System and method for implementing an enhanced transport layer security protocol - Google Patents

System and method for implementing an enhanced transport layer security protocol Download PDF

Info

Publication number
CA2420252A1
CA2420252A1 CA002420252A CA2420252A CA2420252A1 CA 2420252 A1 CA2420252 A1 CA 2420252A1 CA 002420252 A CA002420252 A CA 002420252A CA 2420252 A CA2420252 A CA 2420252A CA 2420252 A1 CA2420252 A1 CA 2420252A1
Authority
CA
Canada
Prior art keywords
etls
security protocol
computer network
implementing
transport layer
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CA002420252A
Other languages
French (fr)
Other versions
CA2420252C (en
Inventor
Michael S. Brown
David P. Yach
Herbert A. Little
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
BlackBerry Ltd
Original Assignee
Research In Motion Limited
Michael S. Brown
David P. Yach
Herbert A. Little
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Research In Motion Limited, Michael S. Brown, David P. Yach, Herbert A. Little filed Critical Research In Motion Limited
Publication of CA2420252A1 publication Critical patent/CA2420252A1/en
Application granted granted Critical
Publication of CA2420252C publication Critical patent/CA2420252C/en
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/166Implementing security features at a particular protocol layer at the transport layer
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07BTICKET-ISSUING APPARATUS; FARE-REGISTERING APPARATUS; FRANKING APPARATUS
    • G07B17/00Franking apparatus
    • G07B17/00185Details internally of apparatus in a franking system, e.g. franking machine at customer or apparatus at post office
    • G07B17/00193Constructional details of apparatus in a franking system
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/061Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0884Network architectures or network communication protocols for network security for authentication of entities by delegation of authentication, e.g. a proxy authenticates an entity to be authenticated on behalf of this entity vis-à-vis an authentication entity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/04Protocols specially adapted for terminals or networks with limited capabilities; specially adapted for terminal portability
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/30Definitions, standards or architectural aspects of layered protocol stacks
    • H04L69/32Architecture of open systems interconnection [OSI] 7-layer type protocol stacks, e.g. the interfaces between the data link level and the physical level
    • H04L69/322Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions
    • H04L69/329Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions in the application layer [OSI layer 7]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • H04W12/033Protecting confidentiality, e.g. by encryption of the user plane, e.g. user's traffic
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07BTICKET-ISSUING APPARATUS; FARE-REGISTERING APPARATUS; FRANKING APPARATUS
    • G07B17/00Franking apparatus
    • G07B17/00459Details relating to mailpieces in a franking system
    • G07B17/00467Transporting mailpieces
    • G07B2017/00491Mail/envelope/insert handling system
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/61Time-dependent

Abstract

A system and method for implementing an enhanced transport layer security (ETLS) protocol is provided. The system includes a primary server, an ETLS
servlet and an ETLS software module. The primary server operates on a computer network and is configured to communicate over the computer network using a non-proprietary security protocol. The ETLS servlet also operates on the computer network and is securely coupled to the primary server. The ETLS servlet is configured to communicate over the computer network using an ETLS security protocol. The ETLS software module operates on a mobile device, and is configured to communicate over the computer network using either the non-proprietary security protocol or the ETLS security protocol. Operationally, the ETLS software module initially contacts the server over the computer network using the non-proprietary security protocol, and subsequently contacts the server through the ETLS servlet using the ETLS security protocol.
CA002420252A 2000-08-25 2001-08-24 System and method for implementing an enhanced transport layer security protocol Expired - Fee Related CA2420252C (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US22794600P 2000-08-25 2000-08-25
US60/227,946 2000-08-25
PCT/CA2001/001216 WO2002017587A2 (en) 2000-08-25 2001-08-24 System and method for implementing an enhanced transport layer security protocol

Publications (2)

Publication Number Publication Date
CA2420252A1 true CA2420252A1 (en) 2002-02-28
CA2420252C CA2420252C (en) 2008-03-11

Family

ID=22855100

Family Applications (1)

Application Number Title Priority Date Filing Date
CA002420252A Expired - Fee Related CA2420252C (en) 2000-08-25 2001-08-24 System and method for implementing an enhanced transport layer security protocol

Country Status (10)

Country Link
US (3) US7631180B2 (en)
EP (2) EP1314294B1 (en)
CN (1) CN100499641C (en)
AT (2) ATE443964T1 (en)
AU (1) AU2001287427A1 (en)
BR (1) BR0113510A (en)
CA (1) CA2420252C (en)
DE (2) DE60114220T2 (en)
HK (2) HK1057434A1 (en)
WO (1) WO2002017587A2 (en)

Families Citing this family (55)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6181694B1 (en) 1998-04-03 2001-01-30 Vertical Networks, Inc. Systems and methods for multiple mode voice and data communciations using intelligently bridged TDM and packet buses
US6389009B1 (en) 2000-12-28 2002-05-14 Vertical Networks, Inc. Systems and methods for multiple mode voice and data communications using intelligently bridged TDM and packet buses
AUPQ439299A0 (en) 1999-12-01 1999-12-23 Silverbrook Research Pty Ltd Interface system
US7792298B2 (en) * 1999-06-30 2010-09-07 Silverbrook Research Pty Ltd Method of using a mobile device to authenticate a printed token and output an image associated with the token
CN100499641C (en) 2000-08-25 2009-06-10 捷讯研究有限公司 System and method for implementing an enhanced transport layer security protocol
EP1626324B1 (en) 2000-09-21 2012-04-11 Research In Motion Limited Software code signing system and method
US8121296B2 (en) 2001-03-28 2012-02-21 Qualcomm Incorporated Method and apparatus for security in a data processing system
US8077679B2 (en) 2001-03-28 2011-12-13 Qualcomm Incorporated Method and apparatus for providing protocol options in a wireless communication system
US7352868B2 (en) 2001-10-09 2008-04-01 Philip Hawkes Method and apparatus for security in a data processing system
US7649829B2 (en) * 2001-10-12 2010-01-19 Qualcomm Incorporated Method and system for reduction of decoding complexity in a communication system
US7529933B2 (en) * 2002-05-30 2009-05-05 Microsoft Corporation TLS tunneling
EP1535140A4 (en) * 2002-08-19 2008-02-13 Macrosolve Inc System and method for data management
US7908352B2 (en) 2002-12-19 2011-03-15 Converged Data Solutions, Inc. Methods for managing a plurality of localized devices in geographically diverse locations
US7739365B2 (en) 2002-12-19 2010-06-15 Converged Data Solutions, Inc. Methods for providing a report database for a plurality of localized devices using an abstraction layer and atomic error handling
US7599655B2 (en) 2003-01-02 2009-10-06 Qualcomm Incorporated Method and apparatus for broadcast services in a communication system
US8098818B2 (en) 2003-07-07 2012-01-17 Qualcomm Incorporated Secure registration for a multicast-broadcast-multimedia system (MBMS)
US8718279B2 (en) 2003-07-08 2014-05-06 Qualcomm Incorporated Apparatus and method for a secure broadcast system
US8724803B2 (en) 2003-09-02 2014-05-13 Qualcomm Incorporated Method and apparatus for providing authenticated challenges for broadcast-multicast communications in a communication system
US7346168B2 (en) 2003-09-29 2008-03-18 Avaya Technology Corp. Method and apparatus for secure wireless delivery of converged services
JP4806400B2 (en) * 2004-05-03 2011-11-02 ノキア コーポレイション Identity processing in trusted domains of IP networks
US7634572B2 (en) * 2004-12-22 2009-12-15 Slipstream Data Inc. Browser-plugin based method for advanced HTTPS data processing
US20060200566A1 (en) * 2005-03-07 2006-09-07 Ziebarth Wayne W Software proxy for securing web application business logic
US7284921B2 (en) 2005-05-09 2007-10-23 Silverbrook Research Pty Ltd Mobile device with first and second optical pathways
JP5092288B2 (en) * 2005-09-02 2012-12-05 三菱化学株式会社 Adhesive resin composition and laminate
US7797545B2 (en) * 2005-09-29 2010-09-14 Research In Motion Limited System and method for registering entities for code signing services
US8340289B2 (en) 2005-09-29 2012-12-25 Research In Motion Limited System and method for providing an indication of randomness quality of random number data generated by a random data service
CN101052034A (en) * 2006-04-19 2007-10-10 华为技术有限公司 Method and system for transmitting network event journal protocol message
US8086873B2 (en) * 2006-06-05 2011-12-27 Lenovo (Singapore) Pte. Ltd. Method for controlling file access on computer systems
HUE030535T2 (en) * 2006-06-27 2017-05-29 Waterfall Security Solutions Ltd Unidirectional secure links from and to a security engine
IL177756A (en) * 2006-08-29 2014-11-30 Lior Frenkel Encryption-based attack prevention
US8225093B2 (en) * 2006-12-05 2012-07-17 Qualcomm Incorporated Providing secure inter-application communication for a mobile operating environment
IL180020A (en) * 2006-12-12 2013-03-24 Waterfall Security Solutions Ltd Encryption -and decryption-enabled interfaces
IL180748A (en) * 2007-01-16 2013-03-24 Waterfall Security Solutions Ltd Secure archive
US8223205B2 (en) * 2007-10-24 2012-07-17 Waterfall Solutions Ltd. Secure implementation of network-based sensors
US8244879B2 (en) * 2007-11-20 2012-08-14 International Business Machines Corporation Surreptitious web server bias towards desired browsers
US8275984B2 (en) * 2008-12-15 2012-09-25 Microsoft Corporation TLS key and CGI session ID pairing
US9565558B2 (en) 2011-10-21 2017-02-07 At&T Intellectual Property I, L.P. Securing communications of a wireless access point and a mobile device
US9537899B2 (en) * 2012-02-29 2017-01-03 Microsoft Technology Licensing, Llc Dynamic selection of security protocol
US9635037B2 (en) 2012-09-06 2017-04-25 Waterfall Security Solutions Ltd. Remote control of secure installations
US9419975B2 (en) 2013-04-22 2016-08-16 Waterfall Security Solutions Ltd. Bi-directional communication over a one-way link
EP3036680B1 (en) * 2013-08-21 2018-07-18 Intel Corporation Processing data privately in the cloud
US8745394B1 (en) * 2013-08-22 2014-06-03 Citibank, N.A. Methods and systems for secure electronic communication
EP3191949B1 (en) * 2014-09-08 2020-06-10 BlackBerry Limited Shared lock state
IL235175A (en) 2014-10-19 2017-08-31 Frenkel Lior Secure remote desktop
CN105592329B (en) * 2014-11-25 2019-05-10 中国银联股份有限公司 Safe payment method and device based on intelligent operating system set-top box
US9628455B2 (en) * 2014-12-09 2017-04-18 Akamai Technologies, Inc. Filtering TLS connection requests using TLS extension and federated TLS tickets
US9923719B2 (en) * 2014-12-09 2018-03-20 Cryptography Research, Inc. Location aware cryptography
IL250010B (en) 2016-02-14 2020-04-30 Waterfall Security Solutions Ltd Secure connection with protected facilities
US10243955B2 (en) * 2016-07-14 2019-03-26 GM Global Technology Operations LLC Securely establishing time values at connected devices
EP3277011B1 (en) * 2016-07-26 2021-09-08 Volkswagen Aktiengesellschaft Method for providing an authenticated connection between at least two communication partners
US10320842B1 (en) * 2017-03-24 2019-06-11 Symantec Corporation Securely sharing a transport layer security session with one or more trusted devices
US10581948B2 (en) 2017-12-07 2020-03-03 Akamai Technologies, Inc. Client side cache visibility with TLS session tickets
CN108737377A (en) * 2018-04-17 2018-11-02 深圳市网心科技有限公司 Data guard method, server and computer readable storage medium
US11019034B2 (en) 2018-11-16 2021-05-25 Akamai Technologies, Inc. Systems and methods for proxying encrypted traffic to protect origin servers from internet threats
US11019100B2 (en) * 2018-12-03 2021-05-25 Citrix Systems, Inc. Detecting attacks using handshake requests systems and methods

Family Cites Families (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5928323A (en) * 1996-05-30 1999-07-27 Sun Microsystems, Inc. Apparatus and method for dynamically generating information with server-side software objects
US7287271B1 (en) * 1997-04-08 2007-10-23 Visto Corporation System and method for enabling secure access to services in a computer network
US7366900B2 (en) * 1997-02-12 2008-04-29 Verizon Laboratories, Inc. Platform-neutral system and method for providing secure remote operations over an insecure computer network
TW338865B (en) * 1997-06-03 1998-08-21 Philips Eloctronics N V Authentication system
US6128738A (en) * 1998-04-22 2000-10-03 International Business Machines Corporation Certificate based security in SNA data flows
CA2336479C (en) * 1998-07-03 2007-11-27 Nokia Mobile Phones Limited Secure session set up based on the wireless application protocol
US6665530B1 (en) * 1998-07-31 2003-12-16 Qualcomm Incorporated System and method for preventing replay attacks in wireless communication
EP1105996A4 (en) 1998-08-21 2005-08-17 Visto Corp System and method for enabling secure access to services in a computer network
GB2341523B (en) * 1998-09-12 2003-10-29 Ibm Apparatus and method for establishing communication in a computer network
US6868406B1 (en) * 1999-10-18 2005-03-15 Stamps.Com Auditing method and system for an on-line value-bearing item printing system
US6678518B2 (en) * 1999-12-09 2004-01-13 Nokia Corporation Dynamic content filter in a gateway
WO2001042966A2 (en) * 1999-12-13 2001-06-14 Novient, Inc. Attribute and application synchronization in distributed network environment
IL135150A0 (en) * 2000-03-17 2001-05-20 Avner Geller A method and a system for secured identification of user's identity
US6665721B1 (en) * 2000-04-06 2003-12-16 International Business Machines Corporation Enabling a home network reverse web server proxy
US7275262B1 (en) * 2000-05-25 2007-09-25 Bull S.A. Method and system architecture for secure communication between two entities connected to an internet network comprising a wireless transmission segment
US7043456B2 (en) * 2000-06-05 2006-05-09 Telefonaktiebolaget Lm Ericsson (Publ) Mobile electronic transaction personal proxy
CN100499641C (en) 2000-08-25 2009-06-10 捷讯研究有限公司 System and method for implementing an enhanced transport layer security protocol
US20020069273A1 (en) * 2000-12-04 2002-06-06 Stacy Bryant System and process for administration of databases
US6865681B2 (en) * 2000-12-29 2005-03-08 Nokia Mobile Phones Ltd. VoIP terminal security module, SIP stack with security manager, system and security methods

Also Published As

Publication number Publication date
HK1080310A1 (en) 2006-04-21
US20120159150A1 (en) 2012-06-21
WO2002017587A2 (en) 2002-02-28
CA2420252C (en) 2008-03-11
EP1524815B1 (en) 2009-09-23
US8145896B2 (en) 2012-03-27
ATE443964T1 (en) 2009-10-15
EP1524815A1 (en) 2005-04-20
DE60140014D1 (en) 2009-11-05
CN1449617A (en) 2003-10-15
US7631180B2 (en) 2009-12-08
BR0113510A (en) 2003-07-01
DE60114220D1 (en) 2005-11-24
AU2001287427A1 (en) 2002-03-04
WO2002017587A3 (en) 2002-04-18
DE60114220T2 (en) 2006-07-27
CN100499641C (en) 2009-06-10
US20030159029A1 (en) 2003-08-21
US20100088504A1 (en) 2010-04-08
EP1314294B1 (en) 2005-10-19
HK1057434A1 (en) 2004-04-02
ATE307452T1 (en) 2005-11-15
EP1314294A2 (en) 2003-05-28
US8516242B2 (en) 2013-08-20

Similar Documents

Publication Publication Date Title
CA2420252A1 (en) System and method for implementing an enhanced transport layer security protocol
WO2002054184A3 (en) Systems and methods for transmitting motion control data
WO2001086486A3 (en) Method and apparatus for proximity discovery of services
WO2001097536A3 (en) Short message gateway, system and method of providing information service for mobile devices
WO2004079979A3 (en) Method and system for providing network interactive voice response with intelligent call routing integration
WO2001025919A3 (en) Architectures for netcentric computing systems
WO2005031495A3 (en) System, apparatus, and method for providing web services on mobile devices
CA2338127A1 (en) Telecommunication method and suitable system for establishing a connection with a mobile station
WO2002013487A3 (en) System and method for providing content, management, and interactivity for client devices
WO2002043404A3 (en) Method and system for providing interactive services over a wireless communications network
CA2336479A1 (en) Secure session set up based on the wireless application protocol
WO2002067495A3 (en) Method and apparatus for providing authentication in a communication system
WO2001069422A3 (en) Multimodal information services
WO2002009356A3 (en) Method and system for accessing a service available on a second network by a member of a first network
WO2001067787A3 (en) Method and apparatus for participating in group communication services in an existing communication system
CA2362935A1 (en) Protecting information in a system
SE9700895D0 (en) Arrangement, system and method relating to data network access
GB9913102D0 (en) An element for a communications system
CA2397215A1 (en) Exchange of information in a communication network
WO2005029939A3 (en) System, apparatus, and method for providing web services using wireless push
CA2248634A1 (en) Common connector framework
EP1150472A3 (en) Method and system for installing available network protocols
WO2002058367A3 (en) Network-assisted communication method and system therefor
EP1347616A3 (en) Secure communication via a web server
WO2002017609A3 (en) System and method for establishing long distance call connections using a desktop application

Legal Events

Date Code Title Description
EEER Examination request
MKLA Lapsed

Effective date: 20180824