Senior Fitness - Exercise and Nutrition for Aging Men and Women
FREE Article Feed for your website.
Home Ownership Magazine
Party Planning Information
Article Marketing Resources
Bio-Medical Research Article Database
Informative Articles on Life, Love and Happiness
Tutorials on Business to Writing
Famous Quotes from Famous People
Song Lyric Information
New US Patent Information
Comprehensive List of Content by Category
Online Auctions and Shopping Related Articles
Article Search
Most Recent Articles
Title: Multi-application data display
Patent Number: 6,937,926 Issued on 08/30/2005 to Lipscomb,   et al.

Title: Mass spectrometer
Patent Number: 6,762,404 Issued on 07/13/2004 to Bateman,   et al.

Title: Biodegradable aliphatic-aromatic copolyester films
Patent Number: 7,153,569 Issued on 12/26/2006 to Kaufman,   et al.

Title: Previewing digital audio clips
Patent Number: 7,149,593 Issued on 12/12/2006 to Wiser,   et al.

Title: Process for the purification of marigold xanthophylls
Patent Number: 7,150,890 Issued on 12/19/2006 to Rosales,   et al.

Title: Vibration sound reducing device, and process for assembling elastic membrane in vibration sound reducing device
Patent Number: 6,763,794 Issued on 07/20/2004 to Torikai,   et al.

Title: Firing direction system for a rocket launcher
Patent Number: 7,143,681 Issued on 12/05/2006 to Hartmann,   et al.

Title: Loop systems and methods of using the same for conveying and distributing thermal energy into a wellbore
Patent Number: 7,147,057 Issued on 12/12/2006 to Steele,   et al.

Title: Modular multi-function fluid flow control device
Patent Number: 7,147,002 Issued on 12/12/2006 to Reilly

Title: Variable pitch electrode array
Patent Number: 7,149,586 Issued on 12/12/2006 to Greenberg,   et al.

Title: Multisheet sandwich panel using superplastic forming and adhesive bonding
Patent Number: 7,146,727 Issued on 12/12/2006 to Kistner,   et al.

Title: Endoscope device
Patent Number: 6,767,322 Issued on 07/27/2004 to Futatsugi,   et al.

Title: Method of and system for production of hydrocarbons
Patent Number: 7,147,058 Issued on 12/12/2006 to Shaposhnikov,   et al.

Title: Operating point independent digital automatic level control
Patent Number: 7,154,968 Issued on 12/26/2006 to Gould

Title: Parameter linking system for data visualization in integrated circuit technology development
Patent Number: 7,143,370 Issued on 11/28/2006 to Erhardt

Title: Check valve and fuel cell system using the same
Patent Number: 7,144,650 Issued on 12/05/2006 to Fukuma,   et al.

Title: Constellation rearrangement for ARQ transmit diversity schemes
Patent Number: 7,154,961 Issued on 12/26/2006 to Wengerter,   et al.

Title: R2D2: an enzyme of RNA silencing
Patent Number: 7,144,714 Issued on 12/05/2006 to Wang,   et al.

Title: Insulating device for a system on chip (SOC)
Patent Number: 6,963,231 Issued on 11/08/2005 to Yang

Title: Modular fluid handling device
Patent Number: 7,146,999 Issued on 12/12/2006 to Giese,   et al.

Title: Substrate processing unit
Patent Number: 6,773,510 Issued on 08/10/2004 to Kitano,   et al.

Title: Regulator with flow diffuser
Patent Number: 7,146,997 Issued on 12/12/2006 to Francis,   et al.

Title: Method, system and apparatus for orienting casing and liners
Patent Number: 7,147,060 Issued on 12/12/2006 to Huber,   et al.

Title: Two-cycle combustion engine with air scavenging system having pressure reducing device
Patent Number: 7,146,942 Issued on 12/12/2006 to Yuasa,   et al.

Title: Hyperbranched chemoselective silicon-based polymers for chemical sensor applications
Patent Number: 7,153,582 Issued on 12/26/2006 to Houser,   et al.

Title: Calving enclosure
Patent Number: 7,146,933 Issued on 12/12/2006 to Dubas

Title: Multiple clutch unit
Patent Number: 7,147,092 Issued on 12/12/2006 to Friedmann

Title: Implantable medical device with slotted housing serving as an antenna
Patent Number: 7,149,578 Issued on 12/12/2006 to Edvardsson

Title: Cationic resin composition
Patent Number: 6,761,973 Issued on 07/13/2004 to Nishiguchi,   et al.

Title: Stabilized semiconductor nanocrystals
Patent Number: 7,160,613 Issued on 01/09/2007 to Bawendi,   et al.

Title: Three-phase toroidal coil type permanent magnet electric rotating machine
Patent Number: 6,765,321 Issued on 07/20/2004 to Sakamoto

Title: Dynamic optimizing method for speed data and positioning device using this method
Patent Number: 6,765,360 Issued on 07/20/2004 to Hashimoto

Title: Method of manufacturing a micromechanical structure
Patent Number: 7,152,300 Issued on 12/26/2006 to Suzuki

Title: Method and apparatus for liquid preparation of photographic reagent
Patent Number: 7,144,663 Issued on 12/05/2006 to Sano,   et al.

Title: Holding receptacle for vehicles
Patent Number: 7,147,280 Issued on 12/12/2006 to Duerr,   et al.

Title: Lamination features for stator grounding
Patent Number: 6,762,529 Issued on 07/13/2004 to Herndon,   et al.

Title: Flash memory device
Patent Number: 6,762,970 Issued on 07/13/2004 to Joo

Title: Cable management apparatus
Patent Number: 7,147,062 Issued on 12/12/2006 to Kolacz,   et al.

Title: One-piece tab assembly for a cathode cup of an X-ray imaging machine
Patent Number: 6,762,540 Issued on 07/13/2004 to Schaefer,   et al.

Title: Dental floss holder
Patent Number: 7,146,989 Issued on 12/12/2006 to Forssell

Title: External battery pack apparatus
Patent Number: 6,765,365 Issued on 07/20/2004 to Kim,   et al.

Title: Automatic pool cleaner power conduit including stiff sections
Patent Number: 7,145,074 Issued on 12/05/2006 to Henkin,   et al.

Title: Apparatus and method for viewing data processor bus transactions on address pins during memory idle cycles
Patent Number: 7,143,225 Issued on 11/28/2006 to Tischler,   et al.

Title: Method for decomposing chlorine-containing organic compound contained in exhaust gas and catalyst for use in the method
Patent Number: 6,759,565 Issued on 07/06/2004 to Kato,   et al.

Title: Azeotrope-like compositions of 1,1,1,3,3-pentafluorobutane
Patent Number: 6,951,835 Issued on 10/04/2005 to Minor,   et al.

Title: Method and system for transparent dynamic optimization in a multiprocessing environment
Patent Number: 7,146,607 Issued on 12/05/2006 to Nair,   et al.

Title: Connector with a capacitor connected to a metal casing
Patent Number: 7,156,699 Issued on 01/02/2007 to Liu

Title: Photosensitive member having vision pigment deletion control additive
Patent Number: 7,144,664 Issued on 12/05/2006 to Fuller,   et al.

Title: Method and system for print stream job determination and analysis
Patent Number: 6,762,851 Issued on 07/13/2004 to Lynch,   et al.

Title: Multi-resolution controller
Patent Number: 7,149,591 Issued on 12/12/2006 to Gao,   et al.

Title: Method for producing (1,1',4, 11")-terphenyl compounds
Patent Number: 6,762,315 Issued on 07/13/2004 to Scherer,   et al.

Title: Patient monitoring device with multi-antenna receiver
Patent Number: 7,149,581 Issued on 12/12/2006 to Goedeke

Title: Advanced rapid thermal processing (RTP) using a linearly-moving heating assembly with an axisymmetric and radially-tunable thermal radiation profile
Patent Number: 6,768,084 Issued on 07/27/2004 to Liu,   et al.

Title: Parts washer system
Patent Number: 7,146,991 Issued on 12/12/2006 to Stockert

Title: Fixing device
Patent Number: 6,761,112 Issued on 07/13/2004 to Faist,   et al.

Title: Cooling tower method and apparatus
Patent Number: 7,146,726 Issued on 12/12/2006 to Kinney, Jr.,   et al.

Title: Tap process for hard workpieces
Patent Number: 7,143,490 Issued on 12/05/2006 to Hughes, Jr.,   et al.

Title: Method and apparatus for detecting free fall
Patent Number: 6,768,066 Issued on 07/27/2004 to Wehrenberg

Title: Expansion ring assembly
Patent Number: 7,146,689 Issued on 12/12/2006 to Neuhaus,   et al.

Title: Electrostatic charge image developing toner, and developer, image forming apparatus and image forming method using the same toner
Patent Number: 7,144,667 Issued on 12/05/2006 to Kawanishi,   et al.

Title: Pharyngeal wall treatment
Patent Number: 7,146,981 Issued on 12/12/2006 to Knudson,   et al.

Title: Slipcovers for support pillows
Patent Number: 7,146,663 Issued on 12/12/2006 to Brown,   et al.

Title: Methods and apparatus for cementing drill strings in place for one pass drilling and completion of oil and gas wells
Patent Number: 7,147,068 Issued on 12/12/2006 to Vail, III

Title: Electron beam lithography method using new material
Patent Number: 7,144,680 Issued on 12/05/2006 to Park,   et al.

Title: Luteinizing hormone and follicle stimulating hormone for use in inducing folliculogenesis
Patent Number: 7,151,083 Issued on 12/19/2006 to Franks,   et al.

Title: Low-voltage drive circuit and method for the same
Patent Number: 6,812,740 Issued on 11/02/2004 to Oda

Title: Process and apparatus for the production of butylacetate and isobutylacetate
Patent Number: 7,160,524 Issued on 01/09/2007 to Lederer,   et al.

Title: System and method for synchronizing raster and vector map images
Patent Number: 7,161,604 Issued on 01/09/2007 to Higgins,   et al.

Title: Process for detoxification of CCA-treated wood
Patent Number: 7,160,526 Issued on 01/09/2007 to Lianzhen,   et al.

Title: Wire cover and a connector provided therewith
Patent Number: 6,762,363 Issued on 07/13/2004 to Yamashita,   et al.

Title: Multi-purpose peripheral interface for computing systems
Patent Number: 7,152,127 Issued on 12/19/2006 to Brisebois,   et al.

Title: Collapsible truck bed cover
Patent Number: 7,147,265 Issued on 12/12/2006 to Schmeichel

Title: Equalizer and equalization method for return-to-zero signals
Patent Number: 7,154,946 Issued on 12/26/2006 to Katic,   et al.

Title: Dual mount charger with inverting display
Patent Number: 6,765,366 Issued on 07/20/2004 to Maggert,   et al.

Title: Filtering device
Patent Number: 7,172,692 Issued on 02/06/2007 to Liao

Method and system for accelerating the conversion process between encryption schemes Number:7,386,717 from the United States Patent and Trademark Office (PTO) owispatent

Home    Author Login    Submit Article    Article Search    Add Your Link    Edit Your Link    Contact Us    Advertising    Disclaimer

   

 
Web LinkGrinder.com

Top Breaking News
     Greek, Cypriot Leaders Resume Unification Talks in Nicosia by Nathan Morley
     Indonesia Tobacco Sales Grow, Raising Health Fears
     South Korea Allows Top Defector to Travel Overseas by VOA News

Title: Method and system for accelerating the conversion process between encryption schemes

Abstract: A method and system is provided for accelerating the conversion process between encryption schemes. The system includes a board in a gateway. The board includes a controller to receive security parameters and data encrypted according to a first encryption scheme and control the transmission of the data. The system includes a hardware device coupled to the controller to decrypt the data and encrypt the data according to a second encryption scheme. The data is then transmitted to the controller to be forwarded out of the gateway.

Patent Number: 7,386,717 Issued on 06/10/2008 to Adusumilli

Inventors: Adusumilli; Koteshwerrao (San Diego, CA)
Assignee: Intel Corporation (Santa Clara, CA)
Appl. No.: 10/094,350
Filed: March 7, 2002

Current U.S. Class: 713/153 ; 713/192
Field of Search: 380/37 713/153,192

References Cited [Referenced By]
U.S. Patent Documents
5701343 December 1997 Takashima et al.
5812671 September 1998 Ross, Jr.
5825878 October 1998 Takahashi et al.
5838165 November 1998 Chatter
5995628 November 1999 Kitaj et al.
6199163 March 2001 Dumas et al.
6240514 May 2001 Inoue et al.
6356637 March 2002 Garnett
6389533 May 2002 Davis et al.
2002/0114453 August 2002 Bartholet et al.
2003/0115447 June 2003 Pham et al.
Foreign Patent Documents
1 083 722 Mar., 2001 EP
20010056418 Jul., 2001 KR
WO 0201368 Jun., 2001 WO
WO 02/15523 Feb., 2002 WO
WO 03/036913 May., 2003 WO

Other References

Zrobok (Dan Zrobok, http://www.cas.mcmaster.ca/.about.wmfarmer/SE-4C03-01/papers/Zrobok-WAP.h- tml). cited by examiner .
Schneier (Bruce Schneier, "Applied Cryptography, Protocols, Algorithms and Source Code in C", 2nd edition, 1996 ISBN: 0471128457). cited by examiner .
Jormalainen (Sami Jormalainen "Security in the WTLS", 1999, http://www.tml.tkk.fi/Opinnot/Tik-110.501/1999/papers/wtls/wtls.html) in view of Kitaj et al. (U.S. Patent No. 5995628). cited by examiner .
Tamzin C. Jeffs; "Wireless Application Protocol 2.0 Security"; SANS Institute; Nov. 2001; XP-002249401; http://www.sans.org/rr/papers/68/159.pdf. cited by other .
Eun-Kyeong Kwon et al.; "Integrated Transport Layer Security: End-to-End Security Model Between WTLS and TLS"; 2001 IEEE; Jan. 31, 2001-Feb. 2, 2001, pp. 65-71; XP010534256. cited by other.

Primary Examiner: Zand; Kambiz
Assistant Examiner: Poltorak; Peter
Attorney, Agent or Firm: Blakely, Sokoloff, Taylor & Zafman LLP
Claims


What is claimed is:

1. An apparatus comprising: a controller included in a security acceleration board in a gateway between a wireless network and a content provider, the controller coupled on a first side to a bus external to the security acceleration board to receive security parameters and data encrypted using a first transport layer security protocol from a first user, the controller to control transmission of the data and the security parameters; a Field Programmable Gate Array (FPGA) device located on the security acceleration board and coupled to a second side of the controller to receive the data and security parameters from the controller, to convert the data from the first transport layer security protocol to a second transport layer security protocol and to send the converted data to the controller, the controller to receive the converted data from the FPGA and to transmit the converted data to a second user via the bus external to the security acceleration board; and a memory coupled to the FPGA device and the controller, the memory to store the data during conversion from the first transport layer security protocol to the second transport layer security protocol, wherein the controller is coupled to prevent external access to data in the memory by the gateway and the FPGA during conversion of the data from the first transport layer security protocol to the second transport layer security protocol.

2. The apparatus of claim 1, wherein the first transport layer security protocol comprises a Secure Sockets Layer Protocol.

3. The apparatus of claim 1, wherein the first-transport layer security protocol comprises a Wireless Transport Layer Security Protocol.

4. The apparatus of claim 1, wherein the second transport layer security protocol comprises a Wireless Transport Layer Security Protocol (WTLS).

5. The apparatus of claim 1, wherein the second transport layer security protocol comprises a Secure Sockets Layer Protocol.

6. The apparatus of claim 1, wherein controller comprises an FPGA.

7. An apparatus, comprising: a controller included in a security acceleration board in a gateway between a wireless network and a content provider, the controller coupled on a first side to a bus external to the security acceleration board to receive security parameters and data encrypted using a first transport layer security protocol from a first user, the controller to control transmission of the data and the security parameters; a first Field Programmable Gate Array (FPGA) located on the security acceleration board and coupled to a second side of the controller to receive the data and security parameters from the controller and to decrypt the data; a second FPGA coupled to the first FPGA to receive the decrypted data and to encrypt the data using a second transport layer security protocol and to send the converted data to the controller, the controller to receive the converted data from the second FPGA and to transmit the converted data to a second user via the bus external to the security acceleration board; and a memory coupled to the first and second FPGA's and the controller, the memory to store the data during conversion from the first transport layer security protocol to the second transport layer security protocol, wherein the controller is coupled to prevent external access to data in the memory by the gateway and at least one of the first and second FPGA's during conversion of the data from the first transport layer security protocol to the second transport layer security protocol.

8. The apparatus of claim 7, wherein the first transport layer security protocol comprises a Secure Sockets Layer Protocol.

9. The apparatus of claim 7, wherein the first transport layer security protocol comprises a Wireless Transport Layer Security Protocol.

10. The apparatus of claim 9, wherein the second transport layer security protocol comprises a Secure Sockets Layer Protocol.

11. The apparatus of claim 8, wherein the second transport layer security protocol comprises a Wireless Transport Layer Security Protocol.

12. A method comprising: receiving encrypted data at a controller, the controller included in a security acceleration board in a gateway between a wireless network and a content provider, the controller coupled on a first side to a bus external to the security acceleration board to receive security parameters and data encrypted using a first transport layer security protocol from a first user, the controller to control transmission of the data and the security parameters; transmitting the encrypted data from the controller to a Field Programmable Gate Array (FPGA) located on the security acceleration board and coupled to a second side of the controller to receive the data and security parameters from the controller; decrypting the encrypted data at the FPGA; storing the decrypted data in a memory; and re-encrypting the decrypted data using a second transport layer security protocol, wherein the controller is coupled to prevent access to data from the gateway during conversion from the first transport layer security protocol to the second transport layer security protocol; sending the re-encrypted data to the controller; and transmitting the re-encrypted data from the controller to a second user via the bus external to the security acceleration board.

13. The method of claim 12, wherein the first transport layer security protocol comprises a Secure Sockets Layer (SSL) Protocol.

14. The method of claim 13, wherein the second transport layer security protocol comprises a Wireless Transport Layer Security (WTLS) protocol.

15. The method of claim 12, wherein the first transport layer security protocol comprises a Wireless Transport Layer Security (WTLS) protocol.

16. The method of claim 15, wherein the second transport layer security protocol comprises a Secure Sockets Layer (SSL) protocol.

17. The method of claim 12, wherein re-encrypting the decrypted data using the second transport layer security protocol comprises re-encrypting the decrypted data at the FPGA using the second transport layer security protocol.

18. The method of claim 12, wherein re-encrypting the decrypted data using the second transport layer security protocol comprises encrypting the decrypted data at a second FPGA using the second transport layer security protocol.

19. The method of claim 12 wherein re-encrypting the decrypted data using the second transport layer security protocol comprises encrypting the decrypted data at an Application Specific Integrated Circuit using the second transport layer security protocol.
Description


BACKGROUND OF THE INVENTION

1. Field of the Invention

The invention relates to the field of network security protocol conversion. In particular, the invention relates to the conversion between the Wireless Transport Layer Security and Secure Sockets Layer protocols.

2. Background Information and Description of Related Art

The Wireless Application Protocol (WAP) defines a set of protocols for wireless applications. The Wireless Transport Layer Security (WTLS) is the security layer of the WAP and provides privacy, data integrity, and authentication for WAP services.

WTLS is based on the Transport Layer Security (TLS), a security layer widely used in the Internet, with modifications to accommodate bandwidth, datagram connection, processing power, memory capacity, and cryptography limitations typical in wireless communications.

Secure Sockets Layer (SSL) is a protocol for transmitting private documents via the Internet. Currently, SSL is not directly compatible with WTLS. Hence, it is not possible to convert between WTLS encrypted data and SSL encrypted data without decrypting the data.

The common method of converting between SSL data and WTLS data uses software executing inside a WAP gateway. Wireless messages travel through the air to a carrier's receiver, where they are received and passed to the gateway. If the message is WTLS encrypted, the encrypted message is decrypted, then encrypted using SSL. If the message is SSL encrypted, the encrypted message is decrypted, then encrypted using WTLS. Then, the encrypted message is transmitted out of the gateway.

The data is decrypted and stored in the memory of the WAP gateway temporarily, allowing a period of time when the message is unencrypted and unprotected in the WAP gateway. This creates a security vulnerability. Furthermore, since the conversion is done using software, a considerable amount of CPU resources are consumed and a latency in the response to a client request may be experienced.

BRIEF DESCRIPTION OF DRAWINGS

The invention is illustrated by way of example, and not by way of limitation, in the figures of the accompanying drawings in which like reference numerals refer to similar elements.

FIG. 1 illustrates an embodiment of a system implementing the invention.

FIG. 2 illustrates an example of a security procedure implemented with an embodiment of the method of the invention.

FIG. 3 illustrates an embodiment of a board according to the invention.

FIG. 4 illustrates an embodiment of the method of the invention.

DETAILED DESCRIPTION OF THE INVENTION

Embodiments of a system and method for accelerating the conversion process between encryption schemes are described. In the following description, numerous specific details are provided for a thorough understanding of embodiments of the invention. One skilled in the relevant art will recognize, however, that the invention can be practiced without one or more of the specific details, or with other methods, components, materials, etc. In other instances, well-known structures, materials, or operations are not shown or described in detail to avoid obscuring aspects of the invention.

Reference throughout this specification to "one embodiment" or "an embodiment" means that a particular feature, structure, or characteristic described in connection with the embodiment is included in at least one embodiment of the present invention. Thus, the appearances of the phrases "in one embodiment" or "in an embodiment" in various places throughout this specification are not necessarily all referring to the same embodiment. Furthermore, the particular features, structures, or characteristics may be combined in any suitable manner in one or more embodiments.

Referring to FIG. 1, a block diagram illustrates an embodiment of a system 100 implementing the invention. Those of ordinary skill in the art will appreciate that the system 100 may include more components than those shown in FIG. 1. However, it is not necessary that all of these generally conventional components be shown in order to disclose an illustrative embodiment for practicing the invention. System 100 includes a service provider 102, a client 104, and a content provider 106. The client has a device 110. In one embodiment of the invention, the device 110 is a wireless device, which typically uses Wireless Application Protocol (WAP), a set of protocols for wireless applications. The content provider 106 has a server 112 to store content. The service provider 102 provides a gateway 108. The gateway 108 connects the client 104 to the content provider 106. The gateway 108 encrypts and decrypts data as necessary to provide compatibility between the different protocols used by the client and the content provider. For example, the client device 110 typically encrypts data according Wireless Transport Layer Security Protocol (WTLS), a security layer for WAP that provides privacy, data integrity, and authentication for WAP services. Data on the Internet is typically encrypted according to Secure Sockets Layer Protocol (SSL). Therefore, the gateway will decrypt and encrypt the data from WTLS to SSL and vice versa if the client wants to access an Internet web page.

The gateway 108 contains a security acceleration board 114 for decrypting and encrypting data. In one embodiment of the invention, the board 114 is a plug and play device that fits into a Peripheral Component Interconnect (PCI) slot or a single or dual in-line memory module (SIMM or DIMM) slot.

The client uses the device 110 to send a request 116, which is encrypted according to an encryption scheme. For example, a client may use a cellular phone to send a request for an Internet web page. The request 116 is received in the gateway 108. The board 114 decrypts the request 116 and encrypts the request according to another encryption scheme. In one embodiment of the invention, the request is encrypted according to WTLS. The board 114 may decrypt the request and encrypt the request according SSL. The request 118 is sent to a content provider 106. The content provider accesses the requested content and sends a response 120, which is encrypted according to an encryption scheme. In one embodiment of the invention, the response is encrypted according to SSL. The response 120 is received in the gateway 108. The board 114 decrypts the response and encrypts the response according to another encryption scheme. In one embodiment of the invention, the board decrypts the response and encrypts the response according to WTLS. Then, the response 122 is sent to the client device 110.

Referring to FIG. 2, an example of a security procedure implemented with an embodiment of the method of the invention is illustrated. At 200, there is a security protocol handshake between the client and the gateway. Then, at 202, the client provides the gateway with an indication of security parameters, including security protocol and cryptographic parameters. Then, at 204, the gateway receives data encrypted according to a first encryption scheme. Then, at 206, the data and security parameters are transmitted to the board. Then, at 208, the board decrypts the data and prevents access to the data from outside the board. Then, at 210, the gateway initiates a security protocol handshake with a server, and they both agree upon the required security parameters. Then, at 212, the board receives security parameters from the gateway. Then, at 214, the board encrypts the data according to a second encryption scheme and transmits the data to the gateway. Then, at 216, the gateway transmits the encrypted data to the server. A similar security procedure is used when data from the server is received by the gateway and transmitted to the client.

FIG. 3 illustrates one embodiment of the security acceleration board 114 of the invention. The board includes a controller 300 and a hardware device 302. The controller receives data and security parameters from a bus 306. In one embodiment of the invention, the controller is a Field Programmable Gate Array (FPGA). The data is encrypted according to an encryption scheme. The controller 300 determines what conversion is needed and then transmits the data to the hardware device 302. In one embodiment of the invention, the hardware device 302 is a programmable hardware device. For example, the hardware device 302 may be a FPGA. In another embodiment of the invention, the hardware device 302 is a non-programmable hardware device. For example, the hardware device 302 may be an Application Specific Integrated Circuit (ASIC). The hardware device 302 decrypts the data received from the controller and encrypts the data according to another encryption scheme.

In one embodiment of the invention, the data is stored in a memory 308 during the conversion process. The controller 300 controls the access of memory 308. In one embodiment, the controller 300 prevents access to the memory from outside the board 114. This prevents the gateway 108 and sources outside the gateway from accessing the memory. In one embodiment of the invention, there may be more than one memory used to store the data during the conversion process. After the data is converted from one encryption scheme to another encryption scheme, the data is transmitted to the controller 300 to forward out of the gateway 108.

In one embodiment of the invention, board 114 includes a second hardware device 304. In this embodiment, the hardware device 302 does the decryption and encryption of data according to one encryption scheme while the second hardware device 304 does the decryption and encryption of data according to another encryption scheme. For example, suppose that the board 114 is used to convert data from WTLS to SSL and from SSL to WTLS. The hardware device 302 may be configured for SSL encryption and decryption while the second hardware device 304 may be configured for WTLS encryption and decryption. Therefore, if the data received at the controller 300 is SSL encrypted, the controller will transmit the data to hardware device 302 to decrypt the data. Then, hardware device 302 will transmit the data to the second hardware device 304 to encrypt the data according to WTLS. The data is then transmitted to the controller for forwarding out of the gateway. Conversely, if the data received at the controller is WTLS encrypted, the controller will transmit the data to the second hardware device 304 to decrypt the data. Then, the second hardware device 304 will transmit the data to the hardware device 302 to encrypt the data according to SSL.

In one embodiment of the invention, the second hardware device 302 is a programmable hardware device, for example, a FPGA. In another embodiment of the invention, the second hardware device 302 is a non-programmable hardware device, for example, an ASIC.

FIG. 4 illustrates one embodiment of the method of the invention. At 400, data is received at a first hardware device encrypted according to a first encryption scheme. In one embodiment of the invention, the data is received from a controller. In one embodiment of the invention, data and security parameters are received at the first hardware device. Then, at 402, the data is decrypted at the first hardware device. In one embodiment of the invention, the data is then transmitted to a second hardware device. At 404, the data is encrypted according to a second encryption scheme. In one embodiment of the invention, the data is encrypted according to a second encryption scheme at the first hardware device. In another embodiment of the invention, the data is encrypted according to a second encryption scheme at the second hardware device. In one embodiment of the invention, the decrypted data is stored and retrieved during the conversion from the first encryption scheme to the second encryption scheme. The data may be stored in a memory. In one embodiment of the invention, access to the stored decrypted data from outside the board 114 is prevented. This prevents access to the stored decrypted data from the gateway 108 and any source outside the gateway. In one embodiment of the invention, access to the stored decrypted data is prevented by the controller 300. In one embodiment of the invention, the data encrypted according to the second encryption scheme is transmitted to the controller to forward out of a gateway.

The above description of illustrated embodiments of the invention, including what is described in the Abstract, is not intended to be exhaustive or to limit the invention to the precise forms disclosed. While specific embodiments of, and examples for, the invention are described herein for illustrative purposes, various equivalent modifications are possible within the scope of the invention, as those skilled in the relevant art will recognize.

These modifications can be made to the invention in light of the above detailed description. The terms used in the following claims should not be construed to limit the invention to the specific embodiments disclosed in the specification and the claims. Rather, the scope of the invention is to be determined entirely by the following claims, which are to be construed in accordance with established doctrines of claim interpretation.

*


Free Web Sudoku Puzzles.
Solve with your browser.
2   7   9   4   8
4     1     9    
            1    
8 7   2         3
      5   9      
6         3   1 2
    4            
    3     7     4
5   1   2   7   9
What is it?



Add Your Site · Terms Of Service · Privacy Policy


DISCLAIMER
Linkgrinder is a free service that searches the Internet and indexes all files found so that you may search quickly and easily for shared files. These files are created and made available individually by users whose identity we are not aware of and who we have no control over. In essence we function like a search engine tool; these files ARE NOT STORED OR SERVED BY OUR NETWORK. We are not responsible for any materials obtained by using our service. We do not monitor any of the contents of these files. These files may contain viruses, illegal materials, materials inappropriate for minors, offensive files and the like. BY USING OUR SERVICE, YOU ASSUME FULL RESPONSIBILITY FOR DOWNLOADING THESE MATERIALS AND WILL INDEMNIFY US FOR ANY DAMAGES THAT MAY BE INCURRED.

For More Specific Information VIEW OUR TERMS OF SERVICE.

Thank you and Enjoy!