A user in a secure database may find it difficult to change the communication device used for accessing the database. Thus, for example, the database may know that the user uses a specific wireline system to access the database.
Now, the same user may desire to use a cellular telephone to access the same database.
This task may be difficult to accomplish.
The wireline system may include a computer with encryption keys stored therein. In a public encryption system, the secret private key is used to encrypt and decrypt messages.
It may be difficult or impossible to remove the private key from the computer to store it in another device, since the private key is well protected in the computer. Usually the private key is made inaccessible from outside the computer, to prevent an unauthorized person from gaining access to that key.
Initially, the private key may be generated in the computer. From that moment on, the key is well guarded inside that computer, to achieve the level of security as desired. There is no point in encrypting messages, if the encryption key is compromised, thence the need to protect the key and not to allow its transfer to another device.
This very advantage happens to work against the user; when the legitimate user himself desires to transfer the private key to another computer.
To use a cellular phone, the user needs the private key that is kept inside the computer, since the database expects the same known keys to be used by the user.
Therefore, the user may find it difficult or impossible to change from a wireline telephone to a cellular telephone.
The same problem occurs if the user desires to access the secure database from another wireline system: Again, the encryption keys have to be transferred from the first computer to a second computer. For example, a user may desire to access a database both from office and from home. At present, this is a difficult or impossible task.
Thus, although a user may be authorized to access a secure database, that user may find it very difficult to access the same database using another communication device.
Now a user may buy a cellular phone or another wireless device with a digital certificate built in, or with a private key with encryption means built in. The secure database, however, does not recognize the new device as belonging to the authorized user in the system. Therefore, the authorized user will be denied access when connecting to the database with the new device.
Moreover, a user may buy a prepaid, disposable telephone or device. The user may desire to access a secure database with that telephone. He/she may find it difficult or impossible, for the reasons detailed above.
Presently available wireless communication devices include encryption means. Internet devices may include SSL means for secure communications. These systems allow secure communications. A user who has access to a secure database, however, may find it difficult to use these devices to access the database, as the database does not recognize the new secure device.
A user may decide to enter a password or to use a private key manually. This, however, may be a difficult, tedious and error-prone process. It may require typing manually a long string, for each connection to the database. A private key or certificate stored in the communication device may be a much better solution. This cannot be achieved, however, if the private key cannot be transferred from the old communication device to the new device.
A user may personally visit the database's facilities to solve the problem, however this may waste his time. The database may be located at a remote location, thus making a physical solution difficult.
Another problem in prior art is the reception of secure, encrypted E-mail messages. The computer of the receiving party may include decryption means and a secret private key. The same user may desire to also receive secure E-mail at another facility or with another computer. Again, the problem arises as of how to transfer the secret, private key from the first computer to the second.
At present, a communication device serves as identification means for their owner. That is, a secure database recognizes a specific device and accepts this as user identification. The user is known to the database by the communication device that he/she owns.
Each device may have a different identity, with a different certificate or secret encryption key built in, so a secure database may not recognize a different device.
A problem in this approach is that users tend to change their communication devices. These devices become obsolete in a short time, and new communication devices are made to replace them. This fact refers, for example, to cellular telephones and personal computers. The problem is that a user may be precluded to replace his/her telephone or computer, if that device holds a secret key that is recognized by a database, and if that key cannot be transferred to another device. Each device has a different identity, so a secure database may not recognize a different device.
It is not realistic to force customers to continue holding and using obsolete devices for the sake of secure access to a database.
A possible solution is the use of smart card, a miniature card or other insertable identification means. A user inserts a smart card into a connector, to indicate a specific identity that is recognized by a database. Each user has a different identification device. A possible problem in that approach is that it requires a special-purpose hardware including, for example, a smart card connector and its interface. There are many communication devices that do not have such capabilities.
It is an objective of the present invention to overcome the abovedetailed problems as well as other problems in communication systems.