1. Field of the Invention
The invention concerns a method for secure communication between two entities connected to an internet network.
It applies more specifically to communications via an internet network comprising a wireless transmission segment.
The invention also concerns an architecture of a communication system for implementing this method.
Within the context of the invention, the term “entity” should be understood in its most general sense. It includes both hardware or software computer resources and, according to a characteristic of the invention that will be explained below, human beings, using any of the components of the communication system.
The term “internet” should also be understood in its most general sense. It includes, in addition to the Internet per se, private enterprise or similar networks, known as “intranets,” and the networks that extend them to the outside, known as “extranets,” and generally any network in which data is exchanged using an Internet protocol. However, to illustrate the concepts without in any way limiting the scope of the invention, hereinafter we will consider the case of the Internet per se, unless otherwise indicated.
2. Description of the Related Art
Normally, communications in networks of any nature take place in conformity with protocols that conform to standards comprising several superposed software layers.
The architecture of communication networks is described by various logical layers. For example, the “OSI” (“Open Systems Interconnection”) standard defined by the “ISO” comprises seven layers, which run from the so-called lower layers (for example the so-called “physical” layer that supports physical transmission) to the so-called upper layers (for example the so-called “application” layer), passing through intermediate layers, including the so-called “transport” layer. A data layer offers its services to the layer that is immediately above it and requests other services from the layer immediately below it, via appropriate interfaces. The layers communicate by means of primitives. They can also communicate with layers on the same level. In certain architectures, one of these layers or another may be nonexistent.
In the case of an internet network, communications take place in conformity with protocols that are specific to this type of communication, but that also comprise several software layers. There are five layers, and more precisely, going from the top layer to the bottom layer: the application layer (HTTP, “ftp”, “e-mail”, etc.), the transport layer (“TCP”), the network address layer (“IP”), the data link layer (“PPP”, “Slip”, etc.) and the physical layer. The communication protocol is chosen based on the application specifically envisioned: interrogation of “web” pages (HTTP), file transfers (“FTP”), electronic mail (or “e-mail”), forums or “news,” etc.
Overall, an internet network comprises, to begin with, one or more actual data transmission networks, possibly divided into sub-networks. These networks specifically include channels of physical links, which constitute the lowest level. Communications can be handled by relatively low-speed links i.e., telephone links, or high or very high-speed links i.e., fiber optics, microwave systems, or satellite links, particularly for the backbone routes. Various systems, subsystems, machines and/or terminals are connected to this network or networks. The connection may be direct (using a modem, for example) or indirect, through a so-called “fire-wall” system, a “proxy”, or through the computer system of an Internet service provider (or “ISP”).
The range of connected entities, in the prior art, can run from large-scale computers (for example of the so-called “main-frame” type) to so-called “low power” terminals, i.e. having few computer resources of their own, for example dedicated terminals, or even simple smart card reading terminals. These entities, which may be referred to generically as “systems,” have an operating system (or “OS”), which may or may not be proprietary. For example, there is the “UNIX” (registered trademark) operating system, frequently used in connection with applications related to the Internet.
Generally, communications between connected entities take place in a so-called client-server mode and implement the so-called object-oriented technology. A server may be defined as being a software program, an application or any software entity that renders a given service (for example the transfer of a requested file). Such an entity is hosted by systems connected to the Internet, which are called “servers”. A “client” entity may be defined as being the counterpart of the “server” entity, i.e., the entity requesting a given service. However, there is nothing to prevent a system or an application from being both “client” and “server.”
As indicated above, one of the software communication layers is constituted by the so-called “IP” address layer. It is in fact necessary for a client, for example, to be able to selectively address a server, via the Internet. For this reason, Internet technology implements the concept known as a “URL” (for “Uniform Resource Locator”), which uses an address known as an “IP” (for “Internet Protocol”) address. The Internet is organized very hierarchically into domains and subdomains, which themselves correspond to networks and subnetworks, managed by electronic directory systems called “DNS” (for “Domain Name Servers”). The structure of the IP address reflects this hierarchical organization. It comprises an IP address per se, itself comprising a destination subnetwork address and an address of an entity within this subnetwork. It is associated with a port number that makes it possible to address a server inside the aforementioned entity.
For a single entity connected to the Internet, the IP addresses can be permanent or can vary over time. For example, systems connected to the Internet via a service provider are generally assigned a different address at the start of each session.
Recently, a certain number of needs have arisen.
A first need has to do with mobility. Users may be said to be “mobile.”These users have mobile terminals, such as portable microcomputers, and they want to be able to connect at any point in the network without excessive restrictions. In particular, migration from one domain to another should be transparent for the user. He should also be able to preserve his usual environment, for example to retain access to a list of services to which he has subscribed, for free or otherwise, to an address list, etc. The data that characterize this environment can be stored in a remote server that the subscriber can access. He can also transport them with him, for example in the memory of a smart card.
More recently, it has been proposed to connect mobile telephones, either alone or in combination with organizer type devices or the like, directly to the Internet. This connection takes place physically via a wireless transmission network, such as the network in the “Global System for Mobile communications” (“GSM”) standard. This network is itself connected to the Internet via specialized “gateways.”
This arrangement is very advantageous, because it allows for extreme mobility. It is no longer necessary to use fixed points to connect to the Internet. A priori, the only limit on this mobility results from the extent of the territorial coverage of a given operator's “GSM” network.
However, there are other types of limitations due to this mode of transmission.
A first limitation is related to bandwidth In the current state of the art, the transmission speed is very low: 9600 bps. Even in the case of a simple conventional wired telephone line, the V90 standard, for example, makes it possible to obtain a maximum speed of 56000 bps. It is possible to obtain much higher speeds if using ADSL technology (470 kbps to 1 Mbps). In addition, links of the RNIS type by cable or satellite allow high or very high speeds. New technologies are currently being developed or installed, such as GPRS (“Global Packet Radio Service”) or UTMS (“Universal Mobile Telecommunication Service”) and will allow higher transmission speeds, but they are not yet fully operational. At the very least, the GSM network in its current version will last for an indeterminate amount of time, since modifications and/or complete changes of equipment will be necessary, particularly for the so-called “G3” version of GSM.
A second limitation, a consequence of the miniaturization of wireless communication devices, is due to the reduced, and often extremely reduced, area of the display screens of these devices.
It follows that Internet protocols, especially where the web itself is concerned (HTTP protocol) are not well adapted. In particular, the language currently used for these applications is an interpreted page description language called HTML (“Hyper Text Markup Language”); this language is not suitable for the aforementioned types of screens.
Also, a new protocol has been proposed, derived from Internet protocols of the proprietary type known as WAP, for “Wireless Application Protocol”. This protocol allows mobile telephones to access e-mail, web or multimedia (video for example) applications, while adapting to the specific characteristics of these devices and of the communication network to which they are connected, (for example the GSM network).
Although it allows access to the above applications, this solution is not without its drawbacks.
The Internet sites must be adapted, since it is not possible to display on the screen of a mobile telephone, which moreover is usually monochrome, what can be displayed on a screen of larger dimensions and higher definition, like that of a microcomputer. A specific language has been developed for these uses: WML (“WAP Markup Language”). It is therefore necessary to use a specific browser.
Most of the services offered by telephony operators using WAP technology concern services for accessing stock market quotations, weather reports, schedules for trains or other means of transport, schedules for various shows, etc., or for displaying simple videograms or games that are not very resource-hungry.
However, using this solution for e-commerce or banking applications, for example, poses problems with respect to security, as will be shown below.
In fact, another need that has arisen in many fields of application is the level of security offered by the system during transmissions between two entities.
In the context of the invention, the term “security” should be understood in a general sense. It concerns, first of all, confidentiality: certain data are said to be sensitive, and should not be able to be accessed by unauthorized entities, whether they be physical persons or software applications. For this reason, various encryption techniques are commonly used. Security also concerns the problems of authentication between parties, which are even more acute when these parties can be mobile on the Internet. Authentication can be achieved by means of identification data (passwords) and/or by using the so-called certificate technique, in association with encryption keys, for example stored in a smart card. Security also concerns anything having to do with the integrity of the data transmitted. It must be possible to ensure that the data received has not been subject to undesirable modifications, whether accidental (failure of transmission circuits, for example) or intentional (maliciousness, etc.). To do this, redundancy techniques and/or electronic signature techniques (integrity locking) can be implemented.
For the “conventional” internet network, one of the most commonly used security techniques uses the technology known as SSL/TLS (“Secure Socket Layer/Transport Layer Security”). However, this technology provides only a minimal level of security. A higher level, already made mandatory by the so-called “IPV6” version of the Internet protocols (i.e., version 6, the version used currently being primarily version 4 or “IPV4”), is provided by the security protocol known as “IPSec”. It provides a standardized level of security that allows end-to-end protection, at the network level.
In the case of WAP technology, a security layer having a functionality similar to the aforementioned SSL/TLS layer has been proposed, which can be used for wireless transmissions and is known as WTLS (“Wireless Transport Layer Security”). This technology, which is optional, adds a substantial level of complexity and does not offer a high level of security. Also, since as mentioned, the majority of the services offered do not require any particular security measures, the operators of telephone networks are not very inclined to implement it.
Moreover, and above all, as indicated, there is generally a gateway that serves as the interface between the Internet and the wireless transmission network.
FIG. 1, located at the end of the present specification, schematically illustrates an architecture, according to the prior art, of a communication system 1 between a user U1 equipped with a mobile terminal of the WAP type 10 (for example a mobile telephone), connected to a radio transmission network RTT (for example in the GSM or GPRS standard), and a computer device 12, connected to the Internet RI, for example a remote server. The mobile terminal 10 has the role of a client vis-à-vis the server 12. The network RTT forms the “aerial” segment of the mobile communication network, a segment linked to a second segment RT, called a PLM (“Public Land Mobile Network”), via transmitting/receiving beacons (not represented) that define cells.
This technology is well known to one skilled in the art and does not need to be described further. For a non-limiting example, it may be beneficial to refer to the article by Jean CELLMER entitled “Réseaux cellulaires, Système GSM” in “Techniques de l'Ingénieur”, Volume TE 7364, November 1999, pages 1 through 23.
The Internet RI is interconnected with the segment RT.
The land and aerial RTT segments are interconnected by a gateway 11. Within the context of WAP technology, this gateway 11 generally plays the role of an interface that allows two-way WAP conversions to or from HTTP. It specifically comprises a WAP protocol logical layer 110a, and an HTTP protocol logical layer 111a, supplemented by an SLL/TLS security layer 111b on the HTTP end, and a WTLS security layer 110b (optional) on the WAP end.
Lastly, the gateway 11 comprises an interface 113 between the two series of logical layers for performing the aforementioned two-way conversion. To be precise, this interface 113 between the SSL/TLS 111b and WTSL 110b security protocols introduces a security loophole, thus creating a non-secure area that makes the so-called “WAP gateway” concept just described practically incompatible with e-commerce and banking applications, and in general, with any so-called sensitive application requiring a high level of security.
On the other hand, looking at a workstation 13, or any similar device under the control of a user U2, connected directly to the Internet RI, the communication protocols used between this workstation 13 and the server 12 are homogeneous. There is no security loophole intrinsic to the system. The same would be true if the workstation 13 were connected to the server 12 via an intranet or an extranet.