The recent proliferation of electronic devices for communication, information management and recreation has taken routine computing power far away from the desk-bound personal computer. Users are using devices such as cell phones, camera phones, personal digital assistants (PDAs) and navigation systems, not only in the office and in the home, but also in the field and on the road. There is a diverse range of possible applications for such devices, including communication, business, navigation, entertainment and even managing basic daily activities. Many users today only use a single device for a single task, for example, using cell phones for making and receiving phone calls. However, these devices are no longer single-function devices. They are capable of creating various types of data, for instance, electronic mail, voice messages, photos, video, etc. Increasing the number of functions of a device increases the desirability of personalization for each user. It is desirable to provide users a connected-service to connect and access their data wherever they are, with whatever device they are using and whatever service they are connected to.
One of the challenges of providing such a connected-service to a user is the need to securely transfer information between the content router server and one or more client devices in the communication network. Traditional means for ensuring security through the Secure Socket Layer (SSL) protocol is not practical for many mobile client devices with small memory footprint and low computing capabilities. For example, the client device needs to implement Rivest-Shamir-Adleman (RSA) encryption, which requires a large amount of memory for executing the RSA encryption software code. In addition, implementing the SSL protocol client authentication requires the client device to manage a large number of client certifications, which imposes significant implementation and performance burdens on the client device.
There are also issues for implementing the SSL protocol on the server. For example, with RSA encryption, the decryption algorithm at the server requires a large amount of computing power to execute. Also, each device has to share a session key, which imposes the burden on the server to keep track of the multiple communication requests from the same client device.
Therefore, there is a need to address the problems of the existing SSL protocol in conducting secured communicationss between a server and a client in a network.