Senior Fitness - Exercise and Nutrition for Aging Men and Women
FREE Article Feed for your website.
Home Ownership Magazine
Party Planning Information
Article Marketing Resources
Bio-Medical Research Article Database
Informative Articles on Life, Love and Happiness
Tutorials on Business to Writing
Famous Quotes from Famous People
Song Lyric Information
New US Patent Information
Comprehensive List of Content by Category
Online Auctions and Shopping Related Articles
Article Search
Most Recent Articles
Title: Ball cage
Patent Number: 6,922,897 Issued on 08/02/2005 to Adams,   et al.

Title: Overvoltage protection circuits that utilize capacitively bootstrapped variable voltages
Patent Number: 6,798,629 Issued on 09/28/2004 to Proebsting

Title: Power frequency electromagnetic field compensation system
Patent Number: 6,798,632 Issued on 09/28/2004 to Holmes,   et al.

Title: Trip device comprising an improved man-machine interface and circuit breaker comprising such a trip device
Patent Number: 6,798,630 Issued on 09/28/2004 to Del Vecchio,   et al.

Title: Control processor dynamically loading shadow instruction register associated with memory entry of coprocessor in flexible coupling mode
Patent Number: 6,865,663 Issued on 03/08/2005 to Barry

Title: Intake module having integrally housed ECU
Patent Number: 6,910,456 Issued on 06/28/2005 to Umemoto,   et al.

Title: Predictive processing method in a semiconductor processing facility
Patent Number: 6,766,285 Issued on 07/20/2004 to Allen, Jr.,   et al.

Title: Weighing apparatus
Patent Number: 6,809,270 Issued on 10/26/2004 to Fujita

Title: Internal combustion engine comprising a hydraulic system
Patent Number: 6,854,431 Issued on 02/15/2005 to Gaessler,   et al.

Title: Scarecrow gene, promoter and uses thereof
Patent Number: 6,809,234 Issued on 10/26/2004 to Benfey,   et al.

Title: Biopsy needle
Patent Number: 7,131,951 Issued on 11/07/2006 to Angel

Title: Biopsy needle
Patent Number: 7,131,951 Issued on 11/07/2006 to Angel

Title: Method for controlling a circumferential register in a web-fed rotary press
Patent Number: 6,766,737 Issued on 07/27/2004 to Glockner,   et al.

Title: Method and apparatus for measuring spinal distortions
Patent Number: 7,131,952 Issued on 11/07/2006 to Dickholtz, Sr.,   et al.

Title: Method and apparatus for measuring spinal distortions
Patent Number: 7,131,952 Issued on 11/07/2006 to Dickholtz, Sr.,   et al.

Title: Liquid crystal display having compensation capacitor
Patent Number: 7,142,261 Issued on 11/28/2006 to Chiang,   et al.

Title: Interchangeable flexible die
Patent Number: 6,766,733 Issued on 07/27/2004 to Collins

Title: Substituted cycloalkyl P1' hepatitis C virus inhibitors
Patent Number: 6,878,722 Issued on 04/12/2005 to Campbell,   et al.

Title: Multiaxis punch device
Patent Number: 6,766,723 Issued on 07/27/2004 to Yasoda,   et al.

Title: Image pickup device
Patent Number: 7,142,241 Issued on 11/28/2006 to Mukai

Title: Automatic self cleaning bladder relief system and failsafe
Patent Number: 7,131,964 Issued on 11/07/2006 to Harvie

Title: Automatic self cleaning bladder relief system and failsafe
Patent Number: 7,131,964 Issued on 11/07/2006 to Harvie

Title: Household appliance using water, namely, a washing machine, with improved device for reducing the water hardness
Patent Number: 6,766,812 Issued on 07/27/2004 to Gadini

Title: Semiconductor laser device
Patent Number: 6,768,755 Issued on 07/27/2004 to Inoue,   et al.

Title: Apparatus and method for performing symbolic resolution of modules using static representations of a trace
Patent Number: 6,766,511 Issued on 07/20/2004 to Berry,   et al.

Title: Polymer coated capacitor films
Patent Number: 6,798,642 Issued on 09/28/2004 to Decker,   et al.

Title: Gas discharge laser, method of operating a gas discharge laser, and use of a sintered filter
Patent Number: 6,798,814 Issued on 09/28/2004 to Geiger,   et al.

Title: Rotation sensor
Patent Number: 6,860,159 Issued on 03/01/2005 to Jin,   et al.

Title: Methods and apparatus for encoding LDPC codes
Patent Number: 6,961,888 Issued on 11/01/2005 to Jin,   et al.

Title: Lithographic apparatus, programmable patterning structure, device manufacturing method, and device manufactured thereby
Patent Number: 7,141,340 Issued on 11/28/2006 to Bleeker

Title: Method and apparatus for measurement using piezoelectric sensor
Patent Number: 6,989,623 Issued on 01/24/2006 to Zeighami

Title: Multi-mode mobile communications device with continuous mode transceiver and methods therefor
Patent Number: 6,957,081 Issued on 10/18/2005 to Leyh,   et al.

Title: Electrical wiring device with multiple types of wire terminations
Patent Number: 7,140,887 Issued on 11/28/2006 to Poh,   et al.

Title: System and method for annotation on a moving image
Patent Number: 7,119,814 Issued on 10/10/2006 to Meron,   et al.

Title: Dual-function three-axis positioning system
Patent Number: 7,084,533 Issued on 08/01/2006 to Botos,   et al.

Title: Hard bodied high capacity catch basin filtration system
Patent Number: 6,872,029 Issued on 03/29/2005 to Allard,   et al.

Title: Article information providing system and mediate apparatus
Patent Number: 7,020,682 Issued on 03/28/2006 to Homma,   et al.

Title: Floor hockey puck
Patent Number: 7,140,989 Issued on 11/28/2006 to Poruchny

Title: Method of allowing multiple, hardware embedded configurations to be recognized by an operating system
Patent Number: 7,020,723 Issued on 03/28/2006 to Beaudoin,   et al.

Title: Method for producing alkanolamines
Patent Number: 7,119,231 Issued on 10/10/2006 to Frauenkron,   et al.

Title: Digital watermark screening and detection strategies
Patent Number: 6,768,809 Issued on 07/27/2004 to Rhoads,   et al.

Title: Single data line sensing scheme for TCCT-based memory cells
Patent Number: 7,006,398 Issued on 02/28/2006 to Yoon,   et al.

Title: Quick-connecting coupler for hoses, pipes and faucets
Patent Number: 7,140,645 Issued on 11/28/2006 to Cronley

Title: Multi-layer golf ball
Patent Number: 7,140,978 Issued on 11/28/2006 to Nealon,   et al.

Title: Radio data communication apparatus and radio data communication method
Patent Number: 6,970,710 Issued on 11/29/2005 to Kikuchi

Title: Recessed luminaire having a dome-shaped reflector
Patent Number: 6,883,940 Issued on 04/26/2005 to Grajetzky,   et al.

Title: Interpolating a pixel from an intermediate line of a field
Patent Number: 7,142,249 Issued on 11/28/2006 to Hahn,   et al.

Title: Method for performing a camera function in a mobile communication terminal
Patent Number: 7,119,827 Issued on 10/10/2006 to Kang

Title: Bearing assembly equipped with rotation sensor to determine rotation and position of rotating element
Patent Number: 6,956,367 Issued on 10/18/2005 to Fujikawa,   et al.

Title: Solid electrolytic capacitor and method for producing the same
Patent Number: 6,790,384 Issued on 09/14/2004 to Konuma,   et al.

Title: Disposable diaper
Patent Number: 6,890,327 Issued on 05/10/2005 to Suzuki,   et al.

Title: Case tab-lock slitting and flap sealer in combination with a continuous radial motion case packing apparatus and method
Patent Number: 6,883,296 Issued on 04/26/2005 to Hartness,   et al.

Title: Jar lid opener
Patent Number: 6,935,207 Issued on 08/30/2005 to Mazza

Title: Multiple discharge-servo curve control method and device for an electrical discharge machine
Patent Number: 6,941,187 Issued on 09/06/2005 to Lu,   et al.

Title: Solar cell unit with removable layer
Patent Number: 6,809,252 Issued on 10/26/2004 to Winkeler

Title: Tire with improved endurance
Patent Number: 6,766,840 Issued on 07/27/2004 to Pereira,   et al.

Title: Receiving circuit, mobile terminal with receiving circuit, and method of receiving data
Patent Number: 6,768,769 Issued on 07/27/2004 to Hokao

Title: Gas laser oscillator
Patent Number: 6,768,761 Issued on 07/27/2004 to Hongu,   et al.

Title: System and method for noise reduction in thermodilution for cardiac measurement
Patent Number: 7,131,950 Issued on 11/07/2006 to Hamilton

Title: System and method for noise reduction in thermodilution for cardiac measurement
Patent Number: 7,131,950 Issued on 11/07/2006 to Hamilton

Title: Active pixel sensor array reset
Patent Number: 7,142,240 Issued on 11/28/2006 to Hua,   et al.

Title: CDMA receiver, path detection method, and recording medium on which path detection control program is recorded
Patent Number: 6,768,729 Issued on 07/27/2004 to Ohsuge

Title: Field adjustable pilot guard
Patent Number: 6,766,820 Issued on 07/27/2004 to Hoss

Title: Binaural synchronization
Patent Number: 6,768,802 Issued on 07/27/2004 to Baechler

Title: Vehicle seat air conditioning system
Patent Number: 6,871,696 Issued on 03/29/2005 to Aoki,   et al.

Title: Valve mechanism with a variable valve opening cross-section
Patent Number: 6,766,778 Issued on 07/27/2004 to Hammer

Title: Cooling module with axial blower and pressure regulated cross-flow fan
Patent Number: 6,766,774 Issued on 07/27/2004 to Kussmann

Title: Fluid conduction utilizing a reversible unsaturated siphon with tubarc porosity action
Patent Number: 6,766,817 Issued on 07/27/2004 to da Silva

Title: System and method for molecular optical emission
Patent Number: 7,115,916 Issued on 10/03/2006 to Avouris,   et al.

Title: Semiconductor device and semiconductor device producing system
Patent Number: 7,115,903 Issued on 10/03/2006 to Isobe,   et al.

Title: Administrating system of image forming apparatus and image forming apparatus
Patent Number: 6,999,191 Issued on 02/14/2006 to Yamada,   et al.

Title: Gimballed conditioning apparatus
Patent Number: 6,949,016 Issued on 09/27/2005 to de la Llera,   et al.

Title: Restrictive costs in network systems
Patent Number: 7,042,846 Issued on 05/09/2006 to Bauer

Title: Organic light emitting diode including ditches in a substrate
Patent Number: 6,825,612 Issued on 11/30/2004 to Lai

Title: Color liquid crystal panel having opening in color filter varied according to color, method for manufacturing the same, and color liquid crystal display device employing the same
Patent Number: 7,142,269 Issued on 11/28/2006 to Ikeno,   et al.

Method and apparatus for executing secure data transfer in a wireless network Number:6,915,124 from the United States Patent and Trademark Office (PTO) owispatent

Home    Author Login    Submit Article    Article Search    Add Your Link    Edit Your Link    Contact Us    Advertising    Disclaimer

   

 
Web LinkGrinder.com

Top Breaking News
     Greek, Cypriot Leaders Resume Unification Talks in Nicosia by Nathan Morley
     Indonesia Tobacco Sales Grow, Raising Health Fears
     South Korea Allows Top Defector to Travel Overseas by VOA News

Title: Method and apparatus for executing secure data transfer in a wireless network

Abstract: A method for executing secure data transfer between a communication device and an application server in a wireless network, in which a request requiring a secure transaction of data is sent from either the communication device or the server. An agreement proposal for the secure transaction is sent to the communication device, and if the agreement proposal is considered acceptable, the agreement proposal is sent to a security adapter. Details of the transaction are entered into a message and sent to a smart card in order to activate a signing application in the smart card. The details of the transaction are displayed on the communication device, and if the transaction is accepted, the signing application signs the data and sends it to the security adapter via messages, the signature is verified, and the data is sent to the server.

Patent Number: 6,915,124 Issued on 07/05/2005 to Kiessling,   et al.

Inventors: Kiessling; Johan (Stockholm, SE); Arwald; Jan (Stockholm, SE)
Assignee: Telefonaktiebolaget L M Ericsson (publ) (Stockholm, SE)
Appl. No.: 676186
Filed: September 29, 2000

Foreign Application Priority Data
Oct 01, 1999[SE]9903560

Current U.S. Class: 455/411; 455/410; 455/466; 380/247; 380/248; 380/249; 380/250
Intern'l Class: H04N 001/66; H04N001/68; H04N003/16
Field of Search: 455/410,411,466,558 380/247,248,249,250

References Cited [Referenced By]
U.S. Patent Documents
5425077Jun., 1995Tsoi.
5608778Mar., 1997Partridge, III.
6373946Apr., 2002Johnston.
6463534Oct., 2002Geiger et al.
6480957Nov., 2002Liao et al.
Foreign Patent Documents
198 16 575Jan., 1999DE.
199 32 974Feb., 2000DE.
2817107May., 2002FR.
97/50207Dec., 1997WO.
98/17029Apr., 1998WO.
98/37663Aug., 1998WO.
WO9857511Dec., 1998WO.
99/01848Jan., 1999WO.
WO9925093May., 1999WO.
99/33221Jul., 1999WO.
WO9939524Sep., 1999WO.
99/66705Dec., 1999WO.
00/02358Jan., 2000WO.
WO0048416Sep., 2000WO.

Primary Examiner: Corsaro; Nick
Assistant Examiner: Sharma; Sujatha
Attorney, Agent or Firm: Potomac Patent Group PLLC
Claims


1. A method for executing secure data transfer between a communication device and an application server, wherein data are transferred over a network between the application server and the communication device, comprising:

sending an agreement proposal for a secure transaction of data from the server to a security adapter connected to the network, said security adapter residing on the network distinctly from the server and the communication device,

creating and sending a message from the security adapter to the communication device in order to activate a signing application,

the signing application signing the data to be sent, sending the signed data from the communication device to the security adapter,

verifying the signature for the data, and sending the verified signed data to the server for execution of the transaction.

2. A method according to claim 1, wherein information browsing on the server is initiated from either the application server or the communication device, wherein data are transferred over the network between the application server and the communication device.

3. A method according to claim 1, comprising before the step of sending an agreement proposal, the further step of:

sending a request requiring a secure transaction of data, either from the communication device to the application server, or from the application server to the communication device.

4. A method according to claim 1, wherein the step of sending a message from the security adapter to the communication device in order to activate a signing application further comprises the steps of:

entering details of the transaction to be secured and a sign request into at least one message,

sending the at least one message from the security adapter to a smart card in the communication device for activating the signing application,

displaying the details of the transaction and a prompt for an accept on the communication device.

5. A method according to claim 1, wherein the step of signing the data further comprises the step of:

accepting the transaction, the signing application signing the data to be sent with a secret/private key by using an algorithm.

6. A method according to claim 1, wherein the step of sending an agreement proposal comprises the further step of:

sending the agreement proposal for the secure transaction from the server to the communication device for acceptance before the agreement proposal is sent to the security adapter.

7. A method according to claim 4, wherein the smart card is a SIM card (subscriber identity module), the data transfer protocol is the WAP (Wireless Application Protocol), the signing application is a SAT (SIM Application Toolkit) application, the communication application is a WAP application, and the message is at least an SMS or USSD packet.

8. A method according to claim 7, wherein the WAP application in the communication device is suspended or terminated when the SAT application is activated.

9. A system for executing secure data transfer between a communication device and an application server over a wireless network, comprising a security adapter connected to the network for monitoring the data transfer between the communication device and the application server, wherein

said server is adapted to send an agreement proposal for a secure transaction of data to the security adapter, said security adapter residing on the network distinctly from the server and the communication device,

said security adapter is adapted to receive said agreement proposal for a secure transaction from the server, and create and send a message to the communication device for activating a signing application,

said communication device is adapted to sign the data, and send the signed data to the security adapter,

said security adapter is adapted to receive, and send the signed data for verification and then send the verified signed data to the application server for execution of the transaction.

10. A system according to claim 9, wherein said communication device comprises a secret/private key, an algorithm for signing of data, and a signing application for handling a signing dialogue and the signing of data.

11. A system according to claim 10, wherein said secret/private key, said algorithm, and said signing application is stored on a smart card such as a SIM card (subscriber identity module), the data transfer protocol is the WAP (Wireless Application Protocol), the signing application is a SAT (SIM Application Toolkit) application, and the message is at least an SMS or USSD packet.

12. A system according to claim 9, wherein said network comprises a mobile telephone network for connection to the communication device, the Internet for the connection to the application server, and a WAP gateway connecting the mobile telephone network to the Internet.

13. A system according to claim 12, wherein said security adapter is connected to the WAP gateway.

14. A system according to claim 9, wherein in said security adapter is connected to the application server.

15. A system according to claim 9, wherein said communication device is a mobile phone or a portable computer having transmitting/receiving capability.

16. A system according to claim 15, wherein the mobile phone comprises means for displaying a particular icon, character, font, or colour connected to certain applications or the operating system in the phone, wherein the user can be assured that he is really communicating directly with the security application.

17. A security adapter for connection to a wireless network for monitoring the data transfer between a communication device and an application server connected to the network, wherein

means for receiving an agreement proposal for a secure transaction from the communication device,

means for creating and sending a message to the communication device in order to activate a signing application,

means for receiving signed data sent from the communication device, and

means for sending the signed data for verification and then to the application server for execution of the transaction,

wherein said security adapter resides on the network distinctly from the server and the communication device.

18. A computer program product directly loadable into the internal memory of a security adapter with digital computer capabilities, comprising software code portions for performing the steps of:

receiving an agreement proposal for a secure transaction from a communication device,

creating and sending a message to the communication device in order to activate a signing application,

receiving signed data sent from the communication device, and sending the signed data for verification and then to an application server for execution of the transaction,

wherein said security adapter resides on the network distinctly from the server and the communication device.

19. A computer program element comprising computer program code means to make a security adapter with digital computer capabilities execute the steps of: receiving an agreement proposal for a secure transaction from a communication device,

creating and sending a message to the communication device in order to activate a signing application,

receiving signed data sent from the communication device, and sending the signed data for verification and then to an application server for execution of the transaction,

wherein said security adapter resides on the network distinctly from the server and the communication device.

20. A computer program element as claimed in claim 19 embodied on a computer readable medium.
Description


This application claims priority under 35 U.S.C. §§ 119 and/or 365 to 9903660-2 filed in Sweeden on Oct. 1, 1999; the entire content of which is hereby incorporated by reference.

BACKGROUND OF THE INVENTION

The present invention relates to a method and apparatus for secure data transfer between a communication device and an application server in a wireless network, and more particularly to a method for secure data transfer between a communication device, provided with a SIM card, and an application server in a wireless network using WAP (Wireless Application Protocol) for the data transfer, wherein said SIM card contains a secret/private key, an algorithm for signing of data, a SAT application for handling the signing dialogue and the signing of data.

Several protocols for data transfer over wireless networks have been proposed by different mobile phone manufactures. Ericsson, Motorola, Nokia Mobile Phones, and Uniwired Planet have developed a joint standard called Wireless Application Protocol (WAP). The purpose of the Wireless Application Protocol is to provide operators, infrastructure and terminal manufactures, and content developers a common environment enabling development of advanced services for digital mobile phones and other wireless terminals or portable communication devices. For example, the WAP enables e-mail and Internet access from a digital mobile phone.

Certain services and WAP applications provided via Internet, such as ordering, order confirmations, bank services, etc, and associated transactions require a high level of security.

WO 99/01848 discloses a procedure, which is applicable for the control of keys to applications making use of the subscriber identity module (SIM) in a mobile phone and for the control of license agreements concerning the use of such applications. Further, the procedure provides data security that allows safeguarding of the interests of the operator, module manufacturer, application developers and users of applications. A key list comprising one or more application-specific keys is stored in the subscriber identity module. A corresponding list is also stored in an application control server connected to the network, which takes care of the control of applications stored in subscriber identity modules. The application stored in the subscriber identity module is activated and/or closed by using the key list.

DE-A1-198 16 575 describes a method for running special applications, such as a virtual charge card, entirely or partly, in a SXM. Further, it is suggested using the SIM toolkit as a means for communication. Security is provided by means of the conventional security means and procedure of the SIM-card. For example, an anti theft security for the special application authorization and the service data in combination with one or more PIN-codes of the SIM-card.

WO 98/37663 discloses a method for checking authorisation incorporating a way to impart to a smart card an encryption key and including a way to cause a microprocessor, by means of the encryption key and at least one number, to perform a calculation whose result comprises a first signature. The signature together with said number are transferred to a system for which authorisation is to be shown which includes a computer in which said encryption key is stored. The computer is programmed to carry out the calculation to obtain the signature and then to compare the latter signature with the first signature for the verification.

In the above mentioned methods all information transfer is done through SAT (SIM Application Toolkit) applications, in which the security solution also is implemented.

Another way of solving the security problem is to provide one-time password pads, wherein a "new" password is entered via the key pad of the mobile phone or the communication device every time an application is used.

There are several problems and disadvantages associated with the above mentioned prior art solutions. The security level is to low for higher values: passwords could be discovered and the password has to be entered manually making WAP applications very user unfriendly compared to for example pure SAT applications and, of course, the password has to be remembered.

It is an object of the present invention to provide an improved method and system for executing secure data transfer between a communication device, provided with a smart card, such as a SIM card, and an application server in a wireless network using a data transfer protocol such as WAP (Wireless Application Protocol) for the data transfer.

This in accomplished by a method and system according to the invention for executing secure data transfer on the application level for communication applications executing on mobile phones according to the invention. The smart card contains a secret/private key, an algorithm for signing of data, a signing application for handling the signing dialogue and the signing of data. A communication application, such as a WAP application, is installed on the communication device enabling communication with the application server by means of a dialogue, and information browsing on the server is initiated from the communication device, wherein data are transferred between the server and the communication device. Further, a request requiring a secure transaction of data is send from the communication device to the server, and an agreement proposal for the secure transaction is send from the server to the communication device. If the agreement proposal in considered acceptable, the agreement proposal is returned to a security adapter. The WAP application in the communication device is suspended or terminated. Details of the transaction to be secured and a sign request are entered into at least a message, such as SMS or USSD packets, from the adapter to the smart card in the communication device in order to activate the signing application. The details of the transaction and a prompt for an accept are displayed on the communication device. If the transaction is accepted, the signing-application signs the data to be send with the secret/private key by using the algorithm, the signed data are send from the communication device to the security adapter via messages. The signature is verified and the verified signed data are send to the server for the final execution of the transaction.

Another object of the invention is to provide an apparatus for connection to a wireless network for monitoring the data transfer between the communication device and the application server.

This is accomplished by a security adapter according to the invention, providing a high level of security in data transfer on the application level for communication applications executing on communication devices.

An advantage of the present invention is that a high level of security in the data transfer is achieved in combination with conventional WAP browsing. An additional advantage is that the application on the SIM card can be made very thin and flexible, because it only has to handle signing of data and no information or menu handling. Further, the system handling the information browning and the system handling the security of the transacrtions are separated and, therefore, they can be uppdated and changed independently.

BRIEF DESCRIPTION OF THE DRAWINGS

Other objects, advantages and features of the invention will become more apparent from the following detailed description when taken in conjunction with the accompanying drawings, in which

FIG. 1 illustrates a first embodiment of a network configuration comprising a security adapter according to the invention,

FIG. 2 illustrates a second embodiment of a network configuration comprising a security adapter according to the invention,

FIG. 3 is a flowchart of a first embodiment of the method according to the invention, and

FIG. 4 is a flowchart of a second embodiment of the method according to the invention.

DETAILED DESCRIPTION

With reference to FIG. 1 of the drawing, there is shown a first embodiment of a network configuration for executing secure data transfer between a communication device, such as a mobile phone, and an application server in a wireless network using WAP (Wireless Application Protocol) for the data transfer. The network configuration comprises a WAP (Wireless Application Protocol) mobile phone 1-provided with a subscriber identity module (SIM)-for communication with a GSM (Global System for Mobile communications) mobile communication network 2. Additionally, the SIM card contains a secret/private key, an algorithm for signing of data to be transferred, and a SAT (SIM Application Toolkit) application for handling the signing dialogue and the signing of data. The GSM network 2 is connected to the Internet 3 via a WAP-gateway 4. Further, an application server 5 providing WAP applications is also connected to the Internet 3. Additionally, a security adapter 6 according to the invention is connected to the WAP-gateway for monitoring the communication between the mobile phone 1 and the application server 5.

A second embodiment of a network configuration comprising a security adapter 6 according to the invention is shown in FIG. 2. In this embodiment of the network configuration the security adapter 6 is connected to the application server 5.

FIG. 3 is a flowchart of a first embodiment of the method according to the invention for executing secure data transfer between a mobile phone and an application server in a wireless network.

In a first step 301, a WAP application, such as a microbrowse, is installed on the mobile phone 1 enabling communication with the application server 5 by means of a WAP dialogue.

A conventional information browsing session on the server is initiated either by a user (subscriber) from the mobile phone 1 or the application server 5 in step 302, wherein data are transferred to/from the mobile phone 1, over the GSM network 2 interfacing the Internet via the WAP gateway, from/to the application server 5. For example, a user browses to a web site providing information accessible via a WAP dialogue from the mobile WAP phone 1. The site belongs to a bookstore offering a service wherein books can be bought directly from the site. A book is selected by the user from a list of books presented on the site. When the user decides to bye the book he selects "order" from an order menu of the site. This action initiates a sequence of operations.

First a request requiring a secure transaction of data is send from the mobile phone to the application server 5 or from the application server to the mobile phone 1 in step 303. An agreement proposal for the secure transaction is send from the server 5 to the mobile phone in step 304. If the agreement proposal is considered acceptable by the user in step 305, the agreement proposal is send to the security adapter 6 in step 306, and the WAP application in the communication device is suspended or terminated in step 307.

Details of the transaction to be secured and a sign request are entered into at least one SMS or USSD packet by the security adapter 6 in step 308. The SMS packet(s) is send from the security adapter 6 to the SIM card in the mobile phone in order to activate the SAT application in stop 309. The details of the transaction and a prompt for an accept from the user are displayed on the communication device in step 310. If the transaction is accepted in step 311, the SAT application signs the data to be send with the secret/private key by using the algorithm in step 312.

The signed data is send from the communication device 1 to the security adapter 6 via SMS or USSD packets in step 313. The security adapter 6 forwards the signature for verification in an entity, such as a backend system, operatively connected to the server 5 in stop 314, and the verified signed data is send to the server for the final execution of the transaction in step 315.

A flowchart of a second embodiment of the method according to the invention is shown in FIG. 4. A WAP application is installed on the mobile phone 1 enabling communication with the application server 5 by means of a WAP dialogue in step 401.

Information browsing on the server 5 is initiated from either the application server 5 or the mobile phone 1, wherein data are transferred over the network between the application server 5 and the mobile phone 1 in step 402.

Similar to the first embodiment described above, a request requiring a secure transaction of data is send either from the mobile phone 1 to the application server 5 in step 403, or from the application server 5 to the mobile phone 1. However, in this embodiment of the invention an agreement proposal for the secure transaction is send from the server 5 directly to the security adapter 6 in step 404, and the WAP application in the communication device is suspended or terminated in step 405.

Then, details of the transaction to be secured and a sign request are entered into at least one SMS or USSD packet in step 406, the at least one packet is send from the security adapter 6 to the SIM card in the communication device l in order to activate the SAT application in step 407. Further, the details of the transaction are displayed on the mobile phone 1 and it is prompted for an accept from the user in step 408. Thus, if the agreement proposal is considered acceptable and the transaction is accepted in step 409, the SAT application signs the data to be send with the secret/private key by using the algorithm in step 410.

The signed data is send from the mobile phone 1 to the security adapter via SMS or USSD packets in step 411, the signature is verified in an entity operatively connected to the server 5 in step 412, and the verified signed data is send to the server for the final execution of the transaction 413.

It is to be understood that even though numerous features and advantages of the present invention have been set forth above, together with details of the configuration and function of the invention, the disclosure is illustrative only.

For example, in alternative embodiments of the invention the security application on the SIM can be activated either directly from the mobile phone or from a bluetooth connection. In themes cases the answer could be stored in an Elementary File on the SIM card for later retrieval. Further, this should be combined with another Elementary File containing the status of the action.

In another embodiment of the invention a more generic solution for handling the dialogue with the user is implemented. A command interpreter implemented on the SIM card is used, allowing more dynamic downloading/updating of commands defining the application that communicates with the user.

In an alternative embodiment of the network configuration any communication device having transmitting/receiving capability, such as a portable computer, can be provided with a smart card for secure data transfer over a wireless network.

In still another embodiment of the invention the mobile phone have means whereby the user can be assured that he is really communicating directly with the security application and not with an application impersonating the real application. This is implemented as a particular icon, character, font, colour etc only available to certain applications or the operating system in the phone.

In one embodiment of the security adapter 6, it is an electronic apparatus with digital computer capabilities and an internal memory for storage of a computer program product or element. The computer program product comprises software code portions for performing the operation and functions of the security adapter 6, i.e receive an agreement proposal for a secure transaction from the communication device 1, create and send a message to the communication device in order to activate the signing application, receive signed data send from the communication device 1, and send the signed data for verification and then further to the application server 5 for execution of the transaction. In an alternative embodiment, the computer program embodied on a computer readable medium.

*


Free Web Sudoku Puzzles.
Solve with your browser.
1                
6     2       9 4
      5 7 4 6    
    6   1 8     2
        3        
5     9 4   7    
    1 4 9 6      
4 7       3     5
                1
What is it?



Add Your Site · Terms Of Service · Privacy Policy


DISCLAIMER
Linkgrinder is a free service that searches the Internet and indexes all files found so that you may search quickly and easily for shared files. These files are created and made available individually by users whose identity we are not aware of and who we have no control over. In essence we function like a search engine tool; these files ARE NOT STORED OR SERVED BY OUR NETWORK. We are not responsible for any materials obtained by using our service. We do not monitor any of the contents of these files. These files may contain viruses, illegal materials, materials inappropriate for minors, offensive files and the like. BY USING OUR SERVICE, YOU ASSUME FULL RESPONSIBILITY FOR DOWNLOADING THESE MATERIALS AND WILL INDEMNIFY US FOR ANY DAMAGES THAT MAY BE INCURRED.

For More Specific Information VIEW OUR TERMS OF SERVICE.

Thank you and Enjoy!