IPC분류정보
국가/구분 |
United States(US) Patent
등록
|
국제특허분류(IPC7판) |
|
출원번호 |
US-0355228
(2012-01-20)
|
등록번호 |
US-8761396
(2014-06-24)
|
발명자
/ 주소 |
- Little, Herbert A.
- Brown, Michael K.
- Hammell, Jonathan F.
- Brown, Michael S.
- Kirkup, Michael G.
- Adams, Neil P.
|
출원인 / 주소 |
|
대리인 / 주소 |
Schwegman Lundberg & Woessner, P.A.
|
인용정보 |
피인용 횟수 :
1 인용 특허 :
43 |
초록
▼
A system and method for securing data for redirecting and transporting over a wireless network are generally described herein. In accordance with some embodiments, when it is determined that an electronic message that is protected with a first encryption algorithm is to be transported over a wireles
A system and method for securing data for redirecting and transporting over a wireless network are generally described herein. In accordance with some embodiments, when it is determined that an electronic message that is protected with a first encryption algorithm is to be transported over a wireless network to a wireless device, the electronic message is converted to a data structure that is recognizable by the wireless device and the data structure is encrypted with a second encryption algorithm using a random session key. The second encryption algorithm has a stronger security than the first encryption algorithm. The random session key is encrypted with a public key and packets that comprise the encrypted data structure and the encrypted random session key are transmitted to the wireless device over the wireless network.
대표청구항
▼
1. A method performed within a protected network for redirecting electronic messages for transporting over a wireless network to a wireless device, the method comprises: determining when an electronic message that is protected with a first encryption algorithm is to be redirected over the wireless n
1. A method performed within a protected network for redirecting electronic messages for transporting over a wireless network to a wireless device, the method comprises: determining when an electronic message that is protected with a first encryption algorithm is to be redirected over the wireless network to the wireless device based on information within the electronic message, the wireless network being external to the protected network;when the electronic message is to be redirected over the wireless network, the method comprises:converting the protected electronic message to a data structure that is recognizable by the wireless device;encrypting the data structure with a second encryption algorithm using a random session key, the second encryption algorithm having a stronger security than the first encryption algorithm;encrypting the random session key with a public key; andtransmitting packets that comprise the encrypted data structure and the encrypted random session key to the wireless device over the wireless network, andwhen the electronic message is not to be redirected over the wireless network, the method comprises:refraining from converting the protected electronic message, refraining from encrypting the data structure, refraining from encrypting the random session key and refraining from transmitting the packets over the wireless network; andsending the protected electronic message to a destination within the protected network. 2. The method of claim 1 wherein the electronic message is protected with the first encryption algorithm by at least one of a digital signature and encryption. 3. The method of claim 2 further comprising determining wireless device identification information associated with the wireless device from the electronic message, wherein the electronic message is converted to the data structure based at least in part on the wireless device identification information to be recognizable by the wireless device. 4. The method of claim 3 further comprising retrieving the public key from a public key look-up database that is associated with the wireless device and generating the random session key. 5. The method of claim 4 further comprising encapsulating the encrypted data structure and the encrypted random session key into one or more data packets along with the wireless identification information for transmission to the wireless device over the wireless network. 6. The method of claim 5 wherein transmitting comprises communicating with the wireless device using a higher-level connection with a wireless gateway that provides an interface with the wireless network. 7. The method of claim 6 further comprising receiving the electronic message by an enterprise server from an electronic messaging server, the electronic message being addressed to a message recipient in a wired local area network, the message recipient having an associated wireless device operable in the wireless network, wherein the enterprise server has the wireless device identification information of the associated wireless device stored therein for use in communicating with the wireless device using the higher-level connection with a wireless gateway that provides an interface with the wireless network. 8. The method of claim 6 wherein the second encryption algorithm is a symmetric algorithm, and wherein the gateway is configured to utilize the wireless device identification information to transmit the data packets containing the electronic message over the wireless network to the associated wireless device. 9. A system arranged to operate within a protected network to redirect electronic messages over a wireless network to a wireless device, the system comprising: a wireless network interface to provide connectivity to the wireless network; andprocessing circuitry to:determining when an electronic message that is protected with a first encryption algorithm is to be redirected over the wireless network to the wireless device based on information within the electronic message, the wireless network being external to the protected network; andwhen the electronic message is to be redirected over the wireless network, the processing circuitry is arranged to:convert the electronic message to a data structure that is recognizable by the wireless device;encrypt the data structure with a second encryption algorithm using a random session key, the second encryption algorithm having a stronger security than the first encryption algorithm; andencrypt the random session key with a public key,wherein the network interface is configured by the processing circuitry to transmit packets that comprise the encrypted data structure and the encrypted random session key to the wireless device over the wireless network, andwhen the electronic message is not to be redirected over the wireless network, the processing circuitry is arranged to:refrain from converting the protected electronic message, refrain from encrypting the data structure, refrain from encrypting the random session key and refrain from transmitting the packets over the wireless network; andsend the protected electronic message to a destination within the protected network. 10. The system of claim 9 wherein the electronic message is protected with the first encryption algorithm by at least one of a digital signature and encryption. 11. The system of claim 10 wherein the processing circuitry is configured to determine wireless device identification information associated with the wireless device from the electronic message, wherein the electronic message is converted to the data structure based at least in part on the wireless device identification information to be recognizable by the wireless device. 12. The system of claim 11 wherein the system is configured to retrieve the public key from a public key look-up database that is associated with the wireless device and generate the random session key. 13. The system of claim 12 wherein the processing circuitry is configured to encapsulate the encrypted data structure and the encrypted random session key into one or more data packets along with the wireless identification information for transmission to the wireless device over the wireless network. 14. The system of claim 13 wherein the wireless network interface is configured for communicating with the wireless device using a higher-level connection with a wireless gateway that provides an interface with the wireless network. 15. The system of claim 14 further comprising a wireless local area network interface configured to receive the electronic message from an electronic messaging server, the electronic message being addressed to a message recipient in a wired local area network, the message recipient having an associated wireless device operable in the wireless network, wherein the system includes an enterprise server that has the wireless device identification information of the associated wireless device stored therein for use in communicating with the wireless device using the higher-level connection with a wireless gateway that provides an interface with the wireless network. 16. The system of claim 14 wherein the second encryption algorithm is a symmetric algorithm, and wherein the gateway is configured to utilize the wireless device identification information to transmit the data packets containing the electronic message over the wireless network to the associated wireless device. 17. A server system comprising: a wireless network interface that operates behind a firewall within a protected network and provides connectivity to a wireless network;a local-area network interface that provides connectivity to a local area network, the local-area network interface to receive an electronic message that is protected with a first encryption algorithm for transporting over the wireless network to a wireless device; andprocessing circuitry arranged to:determine when the electronic message is to be redirected over the wireless network to the wireless device based on information within the electronic message, the wireless network being external to the protected network; andwhen the electronic message is to be redirected over the wireless network, the processing circuitry is arranged to:convert the protected electronic message to a data structure that is recognizable by the wireless device when it is determined that the electronic message is to be transported over the wireless network to the wireless device, encrypt the data structure with a second encryption algorithm using a random session key, the second encryption algorithm having a stronger security than the first encryption algorithm, and encrypt the random session key with a public key,wherein the wireless network interface is configured by the processing circuitry to transmit packets that comprise the encrypted data structure and the encrypted random session key to the wireless device over the wireless network, andwhen the electronic message is not to be redirected over the wireless network, the processing circuitry is arranged to:refrain from converting the protected electronic message, refrain from encrypting the data structure, refrain from encrypting the random session key and refrain from transmitting the packets over the wireless network; andsend the protected electronic message to a destination within the protected network. 18. The server system of claim 17 wherein the wireless network interface is configured for communicating with the wireless device using a higher-level connection with a wireless gateway that provides an interface with the wireless network. 19. The server system of claim 18 wherein the processing circuitry is configured to determine wireless device identification information associated with the wireless device from the electronic message, and wherein the electronic message is converted to the data structure based at least in part on the wireless device identification information to be recognizable by the wireless device. 20. The server system of claim 19 wherein the second encryption algorithm is a symmetric algorithm, and wherein the gateway is configured to utilize the wireless device identification information to transmit the data packets containing the electronic message over the wireless network to the associated wireless device. 21. The server system of claim 20 wherein the system is configured to retrieve the public key from a public key look-up database that is associated with the wireless device and generate the random session key, and wherein the processing circuitry is configured to encapsulate the encrypted data structure and the encrypted random session key into one or more data packets along with the wireless identification information for transmission to the wireless device over the wireless network.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.