1. The Field of the Invention
The present invention relates to the field of notification technology. Specifically, the present invention relates to methods, systems and computer program products for providing secure end-to-end notifications over networks that include one or more intermediary message transit point.
2. Background and Related Art
Most would agree that intelligent decision-making requires access to relevant and timely information. Computer networking has greatly enhanced our ability to access such information, resulting in this modem era often being termed “the information age”.
Some access to information is synchronous or “pull-oriented”. In other words, information is accessed each time a request for the information is submitted. For example, users may use Internet-enabled computers to request access to information such as Web pages, e-mail accounts, calendaring applications, or the like. In this manner, synchronous access allows for broad control over the type of information accessed.
There are some cases in which it may be inefficient to perform synchronous access of information. For example, some information changes relatively often. A user may desire to know the current information despite such frequent changes. It that case, synchronous access would require frequent requests for updated information. Such information may include, for example, stock prices. In addition, perhaps the user does not care about the information unless the information has a certain value. For example, perhaps a user is not interested in a certain fifteen-year mortgage rate unless the value drops below 6%, at which time the user may consider refinancing. In this case, synchronous access might result in numerous requests for updated information even if the interest rate was not yet low enough to be interesting to the user.
In order to meet avoid these inefficiencies, computer networks may also be used to implement notifications in which a user subscribes to be notified upon the occurrence of predetermined events. If the event occurs, the notification is dispatched to the user without the user needing to request each notification. Such communication is often termed asynchronous or “push-oriented” since there need not be a user-issued request before each notification.
As a notification travels from the source computer system that generates the notification (called herein, the “notification source”) to the destination computer system that receives the notification (called herein, the “notification sink”), the notification may travel through a number of different computer systems (called herein “routing points”). While many of these routing points simply forward the notification on to the next routing point, some routing points actually may have access to the notification so as to be able to intercept the content of the notification perhaps even at the application level. Such routing points are called herein “message transit points”. Such message transit points perform useful tasks such as protocol translation in order to conform the notification with subsequent steps in the notification delivery. However, since the message transit points have access to the notification at such a high level, the message transit points may access and intercept the content of the notification.
FIG. 1 illustrates a network 100 in which a notification source 101 issues a notification 102 to a notification sink 103 via one or more message transit points 104. Two message transit points 104A and 104B are illustrated in FIG. 1 by way of example only. In the example where there are two message transit points, there are three hops in the transmission, one from the notification source 101 to the first transit point 104a (represented by arrow 105A), one from the first message transit point 104a to the second message transit point 104B (represented by arrow 105B), and one from the second message transit point 104B to the notification sink 103. Security is implemented on each hop.
In some cases, it may be perfectly acceptable for the message transit points to have such access to the notification. For example, the notification may not be sensitive in which case it may not matter if the message transit points read the notification. Also, the notification may be highly sensitive, but the message transit point is within a common sphere of trust with the notification source or with the notification sink. However, there may also be cases in which the notification is sensitive and in which the message transit points 104 are not within the same sphere of trust as the notification source 101 or the notification sink 103. However, in the prior art network illustrated in FIG. 1, the message transit points 104 may potentially have unfettered access to such highly sensitive notifications.
FIG. 2 illustrates a push network 200 that represents an example of the network 100 illustrated in FIG. 1. The push network 200 is described in the Wireless Application Protocol (also called “WAP”) specifications published by the WAP Forum. In this example, the notification source 101 of FIG. 1 is a push initiator 201, the notification 102 is a push message 202, the notification sink 103 is a wireless device 203 and the at least one transit point 104 is a single transit point in the form of a push proxy gateway 204.
The push initiator 201 transmits the push message 202 to the push proxy gateway 204 using Push Access Protocol (also called “PAP”). In the PAP push message, eXtensible Markup Language (XML) is used to specify delivery instructions and the push content may be a Multipurpose Internet Mail Extensions (also called “MIME”) media type. The push proxy gateway 204 follows the delivery instructions in performing protocol translation from PAP to Push Over-the-Air Protocol, and in forwarding the push content to the wireless device 203 using the Push Over-the-Air protocol.
While the push proxy gateway 204 may be co-located with the push initiator, the push proxy gateway 204 may also be maintained by a wireless carrier. This carrier may be in a different sphere of trust than the push initiator. However, in conventional notification technology, the push proxy gateway 204 may have unfettered access to the push message. Accordingly, what is desired are methods, systems, and computer program products for providing secure end-to-end notifications in networks that includes one or more message transit points.