Based on the recent explosive growth of Internet use, there has been a proliferation of web-based computer applications (web applications). Concurrent to this growth has been an expansion of the use of wireless communication networks. Much of this wireless development has been in the realm of WAP (wireless area protocol) environments which are generally separate from the Internet.
The division between the Internet and WAP environments results in increased development costs in that separate applications are generally required for both the Internet and WAP environments. Furthermore, applications are often not operable between the two environments. Web applications are advantageous to traditional computer applications in many ways, including: simplified client requirements, centralized administration, simplified software updates, and the ability to reach a larger audience of users.
Prior art solutions have shown that the use of web browsers on computers connected to a wireless network has enabled these applications to be made accessible through web servers and computer networks. For instance, there are many solutions that provide a gateway device that functions as a bridge between the WAP network and the Internet. These solutions usually employ a scaled down version of a browser (“mini browser”) in a wireless device (cellular phones, personal digital assistant etc.) capable of accessing and retrieving “web pages” developed for the web. These mini browsers operate in tandem with a proxy server or gateway which translates WAP requests to Internet protocol formats and thereby returning, answers to such requests back to the wireless device, in a manner that is well known. Generally, in known applications of such proxy servers, images and other large data sets are stripped from web pages accessible via the Internet, such that the request will be transmitted relatively quickly to the wireless device and the data can be viewed in the display space of the wireless device that is generally restricted as compared to the colour monitor of a laptop, for example.
The value of privacy and security of data is of growing concern, particularly with the implementation of e-commerce applications. Currently, there are three main technologies that protect data traffic. The most popular is SSL, or the secure socket layer, where the server that hosts the Internet application establishes a secure connection with the browser connected to it. The other technologies are VPN (virtual private network technologies) and IPSEC (Internet protocol security), which are based on derivatives of various cryptographic techniques. These technologies are advantageous in their simplicity of use and deployment.
There are also certain disadvantages associated with the use of such data protection technologies. SSL, for example, operates in a wired network environment only. While VPN provides data security in a wireless network as well as a wired network, systems, computer products and methods for data security in a wireless environment are generally such that data arrives at a wireless device on an unencrypted basis. Unfortunately, this requires the user of the wireless device to rely on the security and data integrity of the system from which the data is forwarded, whether this is based on proprietary wireless security standards or VPN or IPSEC. This also means that data stored on, for instance, a computer network can, notwithstanding the security technology employed during transmission, be stolen by hacking or other means.
Prior art systems, computer products and methods for providing communication of data to a wireless device described above generally fail to provide means for authenticating the sender of such data, for example, by means of digital signatures, as opposed to mere encryption of the data.
In contrast to such prior art data security systems, computer products and methods described above, a further system, computer product or method based on the well known PKI provides means for delivering data on an encrypted basis, as well as the authentication of the sender of such data. With the PKI method of preserving the confidentiality of a message, both the sender and the recipient of the data have a pair of keys, one being a private key and the other being a public key. The encryption method is asymmetric in that if a user's public key was used to encrypt the message, decryption can only occur with a user's private key.
PKI is especially useful in applications where the authentication of documents is expected to conform with certain industry standards, such as with the legal acceptance of electronic documents.
However, PKI has been difficult to implement in wireless applications, This is because the deployment of PKI in a wireless environment has generally required costly custom development of wireless PKI applications.
Therefore there is a need for a system, computer product and method that allows the deployment of PKI in a wireless environment that is relatively easy to use and inexpensive to deploy across a wide array of web applications having varying functionality.
Another disadvantage of prior art PKI solutions is the need for the use of a remote gateway to perform the function of authentication of the sender. Thus, there is a need for deploying PKI in a wireless environment wherein authorization occurs at a wireless device without need for such a third party gateway.