1. Field of the Invention
The present invention relates to a method and a system for establishing a dynamic communications channel between a first terminal and a second terminal, wherein the first terminal is connected over a first secured communications channel to a secured network, and wherein the second terminal is connected over a second secured communications channel to the secured network.
2. Description of the Related Art
Mobile devices—especially mobile devices with more than one network interface—are used more and more extensively by mobile or nomadic users for e.g. accessing, reading, writing, manipulating, or storing different kinds of data. Mobile devices comprise, for example, cellular phones, personal digital assistants, or mobile personal computers, which are also known as notebooks or laptops. Network interfaces comprise, for example, wired network interfaces for accessing e.g. a Local Area Network (LAN), modems for accessing remote networks over e.g. a Public Switched Telephone Network (PSTN), or wireless network interfaces for accessing e.g. a Wireless Local Area Network (WLAN). Users of mobile devices may read and write e-mail messages or text documents, or may access or manipulate multimedia data such as images, audio data, or video data. For example, a sales person of a company who is visiting a client also has a need to access secured, trusted data of his company. In order to access secured data, a mobile device may be connected through a secured connection to a security gateway of a corporate network. Such secured connections comprise, for example, authenticated and encrypted connections using the IPsec protocol (IPsec: Internet Protocol secured) or the SSL protocol (SSL: Secured Socket Layer). For example, a sales person with a need to access secured data of his company may connect his mobile device to a network of the client, for example with a WLAN network. The WLAN network may provide access to the Internet. The security gateway of the corporate network, for example, is configured to receive IPsec connections from the Internet. As soon as the sales person connects his mobile device through a secured communications channel, such as an EPsec connection, to the security gateway of his company, the mobile device may become part of the network of the company, and may benefit from various access rights to corporate data stored on computers or servers of the company. In other words, the mobile device of the sales person is, to at least some extent, part of the network of the sales person's company. Through the security gateway of the company, mobile devices are connectable to the network of the company from various locations. Therefore, a sales person using his mobile device at a first location and a technical advisor using his mobile device at a second location, for example, are able—through the secured network—to access data on each other's mobile device. However, it is a drawback that all traffic between mobile devices has to go through the network of the company, even if, for example, the mobile devices of the sales person and the technical advisor would be connectable through a further, maybe more efficient network. A further drawback is that the secured network of the company may become compromised or broken up, if, for example, the sales person or the technical advisor decide to configure their mobile devices to establish a peer-to-peer communication channel between their mobile devices. It is also a drawback that data transfer—through the secured network—between mobile devices requires many data encapsulations diminishing the performance of the data transfer and that the security gateway of the secured network may be a bottleneck due to the concentration of traffic load.