(12) United States Patent
`DObner et al.
`
`USOO6874084B1
`(10) Patent No.:
`US 6,874,084 B1
`(45) Date of Patent:
`Mar. 29, 2005
`
`(54) METHOD AND APPARATUS FOR
`ESTABLISHING ASECURE
`COMMUNICATION CONNECTION
`BETWEENA JAVAAPPLICATION AND
`SECURE SERVER
`
`(75) Inventors: Edward Joseph Dobner, Raleigh, NC
`(US); David Gerard Kuehr-McLaren,
`Apex, NC (US); Anthony Joseph
`Nadalin, Austin, TX (US); Xiaoyan
`Zhang, Austin, TX (US)
`
`(73) Assignee: International Business Machines
`Corporation, Armonk, NY (US)
`Subject to any disclaimer, the term of this
`patent is extended or adjusted under 35
`U.S.C. 154(b) by 0 days.
`
`(*) Notice:
`
`(21) Appl. No.: 09/562,196
`(22) Filed:
`May 2, 2000
`9
`(51) Int. Cl." .................................................. H04L 9/00
`(52) U.S. Cl. ........................................ 713/156; 709/223
`
`(58) Field of Search ................................. 713/156, 200,
`713/155, 201; 709/223, 227, 228, 229
`
`(56)
`
`References Cited
`U.S. PATENT DOCUMENTS
`
`... 713/155
`6,105,131. A * 8/2000 Carroll .............
`... 713/178
`6,223,287 B1 * 4/2001 Douglas et al. ...
`6,598,167 B2 * 7/2003 Devine et al. .............. 713/201
`* cited b
`cited by examiner
`Primary Examiner Kim Vu
`ASSistant Examiner Thanhnga Truong
`(74) Attorney, Agent, or Firm-Duke W. Yee; Jeffrey S.
`LaBaw; Stephen J. Walder, Jr.
`(57)
`ABSTRACT
`A method and apparatus for establishing a Secure commu
`nication connection between a Java application or applet and
`a secure server is provided. An HTTPS handler is provided
`that may be used by Java applications or applets to establish
`Secure communication connections with Secure Web Servers.
`
`46 Claims, 8 Drawing Sheets
`
`
`
`150
`
`120
`
`Request HTML Page
`
`Deliver HTML Page
`
`Download JAR File (containing application classes,
`keyring class, HTTPS classes)
`
`Send HTTPS Request
`
`Deliver Server Certificate and Server Public Key
`
`Send Key Encrypted with Server Public Key
`
`stablish Secure Connection Between JAVA Applet
`and Web Server
`
`Performed by
`Secure
`Connection
`Handler
`
`

`

`U.S. Patent
`
`Mar. 29, 2005
`
`Sheet 1 of 8
`
`US 6,874,084 B1
`
`
`
`120
`
`Figure 1
`
`

`

`U.S. Patent
`
`Mar. 29, 2005
`
`Sheet 2 of 8
`
`US 6,874,084 B1
`
`Processor
`202
`
`Processor
`204
`
`206
`
`208
`
`Memory
`Controllerd
`Cache
`
`-
`I/O Bridge
`
`210
`
`
`
`212
`
`local Memory
`209
`
`200
`
`PCI Bus Bridge
`214
`
`
`
`ICBus
`
`PCI Bus Bridge
`222
`
`226
`
`A
`
`
`
`228
`
`PC Bus Bridge
`224
`
`PGEs
`
`HardDisk
`232
`
`Figure 2
`
`

`

`U.S. Patent
`
`Mar. 29, 2005
`
`Sheet 3 of 8
`
`US 6,874,084 B1
`
`Pro
`
`host/PC
`Cachel Bridge
`308
`
`–
`
`Main Memory
`304
`
`Audio
`Adapt
`apter
`316
`
`
`
`:
`
`Disk
`326
`
`Tape
`328
`
`CD-
`ROM
`330
`
`Bus
`
`306
`
`- Expansion Bus
`interface
`3.14.
`
`AN
`Adapter
`310
`
`Audio/Video
`Adapter
`3.19
`
`
`
`300
`
`Modem
`322
`
`

`

`U.S. Patent
`
`Mar. 29, 2005
`
`Sheet 4 of 8
`
`US 6,874,084 B1
`
`
`
`120
`
`Request HTML Page
`
`Deliver HTML Page
`
`Download JAR File (containing application classes,
`keyring class, HTTPS classes)
`
`Send HTTPS Request
`
`and Web Server
`
`Figure 4
`
`Performed by
`Secure
`Connection
`Handler
`
`

`

`U.S. Patent
`U.S. Patent
`
`Mar. 29, 2005
`Mar.29, 2005
`
`Sheet 5 of 8
`Sheet 5 of 8
`
`US 6,874,084 B1
`US 6,874,084 B1
`
`jsenbey
`
`
`
`
`
`
`
`yiddyVAYrUsemjagUOl}OaUUOeuNdasYsIge}s
`
`JOAIaSqapue
`
`Gainbi4
`
`
`
`
`
`
`
`Janaganapue
`
`
`
`
`
`
`
`
`
`abegIWLH
`
`
`
`
`
`AdyONQNd199gpueayeaynIEDASSsonboy
`
`
`
`
`
`
`
`
`
`
`
`ysanboySdLLHpuag
`
`
`
`ysanbeySdiLHpuss
`
`
`
`
`
`
`
`
`
`Aaya11qNgJOAI@gYIMpaydéuoLRAeypues
`
`
`
`
`
`abledTWLHJealeg
`
`
`
`
`
`
`
`‘sassepuoljeajddeBuruleyuos)ey4yrpeojuMog
`
`(sesseloSGLLH‘ssejoGuuAay
`
`
`
`AayouqngJaAiagpueayeoyresJaAlasJOAI0q
`
`
`
`
`
`AayoandJanlagpueayeoyenJenlasJanog
`
`
`
`
`
`
`
`
`
`
`Agyd1GNdJaAIaSpueayeoWNIEDJEe/uasJaAIEq
`
`fayo1qndJaniagYMpo}dAiougAaypuas
`
`Ad»OIGJ8AI9gUMpaydAiougAaypuas
`
`
`
`
`
`
`
`yalddyYAYPUeamjeagUOIALUODandesYsI|ge}s
`
`Petitioners Ex-1012, Page 6 of 17
`
`

`

`U.S. Patent
`
`Mar. 29, 2005
`
`Sheet 6 of 8
`
`US 6,874,084 B1
`
`new URL object
`
`getURLStreamHandler();
`
`
`
`HTTPS Hander
`
`HTTP Handler
`
`KeyRing
`
`SecureGlue
`
`HTTPSUR Connection
`
`HTTPSClient
`
`new SSLSocket
`
`Figure 6A
`
`

`

`U.S. Patent
`
`Mar. 29, 2005
`
`Sheet 7 of 8
`
`US 6,874,084 B1
`
`
`
`610
`
`630
`
`SecureGlue
`
`Data Field:
`
`Secure Registry
`
`Methods:
`setCipherSuitelevel
`setKeyRing
`SetStep up
`
`
`
`
`
`640
`650
`660
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Figure 6B
`
`indicator: certificate type: personal
`private key
`Certificate Or Certificate chain
`
`indicator: certificate type: site
`Certificate or Certificate chain
`
`indicator: certificate type; site
`Certificate or Certificate chain
`
`Figure 6C
`
`

`

`U.S. Patent
`
`Mar. 29, 2005
`
`Sheet 8 of 8
`
`US 6,874,084 B1
`
`Start
`
`Figure 7
`
`702
`
`714.
`
`Set Proxy
`Configuration
`g
`
`704
`
`716
`
`Create New
`h
`TTPS client
`
`REFs 718
`cleft for
`cache
`
`Open
`Connection
`
`720
`
`ls Proxy
`Defined?
`
`Open Socket
`to Proxy
`Server
`
`722
`
`Open Socket
`to Web Server
`
`724
`
`Authenticate
`Server
`
`726
`
`Establish
`Secure
`Connection
`
`728
`
`
`
`
`
`
`
`
`
`
`
`7O6
`
`708
`
`710
`
`install
`Certificate
`Database
`
`Set Cipher
`Suite Level
`
`712
`
`Set Step-up
`Cryptography
`
`

`

`US 6,874,084 B1
`
`1
`METHOD AND APPARATUS FOR
`ESTABLISHING ASECURE
`COMMUNICATION CONNECTION
`BETWEEN A JAVAAPPLICATION AND
`SECURE SERVER
`
`BACKGROUND OF THE INVENTION
`
`2
`managed by a Security protocol, Such as SSL, that encrypts
`and decrypts messages for online transmission.
`Increasingly, Java applications and applets, i.e. Small
`application programs, are being hosted by Web Servers to
`provide a platform independent mechanism by which the
`Web Servers may share programs with client devices. Java is
`a programming language for Internet and intranet applica
`tions that was created by the Sun Corporation. Java pro
`grams can be called from within HTML documents or
`launched Stand alone.
`Java is an interpreted language that uses an intermediate
`language. The Source code of a Java program is compiled
`into “byte code, which cannot be run by itself. The byte
`code must be converted into machine code at runtime. Upon
`finding a Java applet, a Web browser on a client device
`switches to its Java interpreter (Java Virtual Machine) which
`translates the byte code into machine code and runs it. This
`means Java programs are not dependent on any specific
`hardware and will run in any computer with the Java Virtual
`Machine.
`Java applications and applets may be created using, for
`example, the Java Development Kit (JDK). JDK provides
`the java.net package which provides a Java application or
`applet the ability to create its own network connections by
`initializing URL objects (url=URL(“http://www.ibm.com').
`However, JDK, and Java applications and applets in general,
`do not provide any Support for Secure communication con
`nections. For example, Java and JDK do not provide Support
`for the HTTPS protocol.
`Web servers must still rely on HTML documents and a
`Web browser's ability to create secure communication con
`nections. This is undesirable Since many Internet/Intranet
`applications need to use Java applets or applications to
`provide more Sophisticated and powerful front ends to users,
`and take advantage of Java's platform independent nature.
`Therefore, it would be advantageous to have a method and
`apparatus for establishing a Secure communication connec
`tion between a Java application and a network Server.
`SUMMARY OF THE INVENTION
`The present invention provides a method and apparatus
`for establishing a Secure communication connection
`between a Java application or applet and a Secure Server. In
`particular, the present invention provides a Secure connec
`tion handler that may be used by platform independent
`applications or applets to Setup Secure communication con
`nections with Secure Web servers.
`The method and apparatus of the present invention pro
`vides a mechanism in which a Secure connection is estab
`lished between a client device and a secure Web server. A
`platform independent application is downloaded from the
`Secure Web server and executed on a client device. The
`Secure connection handler, which may be downloaded with
`the platform independent application or may already be
`resident on the client device, establishes a Secure commu
`nication connection between the platform independent
`application and the secure Web server. The establishment of
`a Secure communication connection directly between the
`platform independent application and the Secure Web Server
`may include the authenticating of the Secure Web Server and
`use of public and Secret keys to encrypt the information Sent
`over the Secure communication connection.
`In a preferred embodiment, the platform independent
`application is a Java application or applet. The Secure
`connection handler, in the preferred embodiment, is an
`HTTPS handler that establishes an HTTPS connection
`
`15
`
`25
`
`1. Technical Field
`The present invention is directed to a method and appa
`ratus for establishing a Secure communication connection
`over a network. In particular, the present invention is
`directed to a method and apparatus for establishing a Secure
`communication connection between a Java application run
`ning on a client device and a Secure network Server using a
`Secure communication protocol.
`2. Description of Related Art
`The Internet is increasingly being used as a mechanism by
`which confidential transactions are conducted. For example,
`the Internet is increasingly being used in electronic com
`merce to provide individuals the ability to purchase items
`using their credit cards, and Such. With increased use of the
`Internet in confidential transactions, the demand for Secure
`communication connections through which to conduct these
`confidential transactions also increases.
`Traditionally, these Secure communication connections
`are created using HyperText Markup Language (HTML)
`documents and the HyperText Transport Protocol Secure
`(HTTPS) protocol. HTML is a document format used on the
`World Wide Web (the Web). With HTML, web pages are
`built with HTML tags, or codes, embedded in the text.
`HTML defines the page layout, fonts and graphic elements
`as well as the hypertext links to other documents on the Web.
`Each link contains the Universal Resource Locator (URL),
`or address, of a Web page residing on the same Server or any
`server worldwide.
`HTTPS is one of the protocols for accessing a secure Web
`server. HTTPS is a unique combination of the Secure Socket
`Layer (SSL) and HTTP protocols. SSL is a protocol that was
`designed to ensure that data transferS between a client and a
`Server remain Secret, and it also allows the client to authen
`ticate the identity of the Server to prevent imperSonation
`attackS. SSL can be used with most any Internet protocol,
`such as Simple Mail Transport Protocol (SMTP) or File
`Transport Protocol (FTP). Today, SSL is mainly used for
`Securing transactions on the Web. SSL uses a mechanism
`known as public key encryption. Digital keys are generated
`as random combinations of complex mathematical expres
`50
`Sions along with a Series of primary numbers. These com
`binations of values are extremely difficult to guess because
`of the sheer number of possible combinations.
`HTTPS behaves just like the HTTP protocol, but requires
`the SSL protocol to Safeguard any data that is exchanged.
`The conversation between an HTTPS enabled client device
`and a Secure Web Server Starts as a normal readable trans
`action. However, before data is transmitted over the Internet,
`SSL protocol Stack takes over and Scrambles the data
`according to the digital keys the browser and the Server
`agree to use. When the Sensitive information reaches the
`other Side it is unscrambled and processed as readable text.
`Anyone who may be watching the conversation just sees
`what looks like gibberish.
`Using HTTPS in the URL, e.g. "https://... ', instead of
`HTTP directs the message to a secure port number rather
`than the default Web port number of 80. The session is then
`
`35
`
`40
`
`45
`
`55
`
`60
`
`65
`
`

`

`US 6,874,084 B1
`
`3
`between the Java application or applet and a Secure Web
`Server directly, i.e. without having to be routed through a
`web browser. The HTTPS handler preferably is a Java applet
`that makes use of an HTTPSURLConnection class, Secure
`Glue class, HTTPSClient class, and new SSLSocket class.
`With the method and apparatus of the present invention,
`Secure Web Servers may use platform independent applica
`tions to provide a front end interface for communication
`with users of client devices while maintaining a Secure
`communication connection. This greatly enhances the
`portability, flexibility and features of the front ends to client
`devices operating under different platform environments.
`Other features and advantages of the present invention
`will be described in the following detailed description or
`will become apparent to those of ordinary skill in the art in
`view of the following detailed description of the preferred
`embodiments.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`The novel features believed characteristic of the invention
`are set forth in the appended claims. The invention itself,
`however, as well as a preferred mode of use, further objec
`tives and advantages thereof, will best be understood by
`reference to the following detailed description of an illus
`trative embodiment when read in conjunction with the
`accompanying drawings, wherein:
`FIG. 1 is an exemplary diagram of a distributed data
`processing System in which the present invention may be
`implemented;
`FIG. 2 is an exemplary block diagram of a Server accord
`ing to the present invention;
`FIG.3 is an exemplary block diagram of a data processing
`System in which the present invention may be implemented;
`FIG. 4 is an exemplary message flow diagram illustrating
`the interaction between a client device and a Secure Server,
`in accordance with the present invention;
`FIG. 5 is an exemplary message flow diagram illustrating
`the interaction between a client device and multiple Secure
`Servers, in accordance with the present invention;
`FIG. 6A is an a partial flow diagram of a Java application
`invoking the Secure connection handler of the present inven
`tion;
`FIG. 6B is an exemplary diagram of the SecureGlue
`Structure in accordance with the present invention;
`FIG. 6C is an exemplary diagram of the Key Ring Struc
`ture in accordance with the present invention; and
`FIG. 7 is a flowchart outlining an exemplary operation of
`the present invention.
`DETAILED DESCRIPTION OF THE
`PREFERRED EMBODIMENTS
`FIG. 1 is an exemplary block diagram illustrating a
`distributed data processing system 100 in which the present
`invention may be implemented. As shown in FIG. 1, the
`system 100 includes at least one network 110, one or more
`client devices 120 and 130, and one or more servers 140 and
`150. Any number of networks, client devices and servers
`may be used in the distributed data processing system 100
`according to the present invention.
`The client devices 120, 130 communicate with and
`exchange information with the servers 140, 150, as is well
`known in the art. The client devices 120, 130 may connect
`directly to a server, such as shown with client device 130 and
`server 140, or may connect to the server via the network 110,
`Such as shown with client device 120 and server 150.
`
`4
`The client devices 120, 130 are any type of computing
`device that may communicate with servers 140, 150 over
`communication links 125, 135, 145 and 155. For example,
`the client devices 120, 130 may be personal computers,
`workstations, personal digital assistants (PDAS), computer
`ized telecommunications equipment, WebTVTM devices,
`portable computers with wired or wireleSS communication
`capability, and the like.
`The communication links 125, 135, 145 and 155 may be
`any type of wired or wireleSS communication link that
`provides a medium by which information may be transmit
`ted. For example, the communication links 125, 135, 145
`and 155 may be landline telephone wires, coaxial cable
`communication links, cellular communication links, Satellite
`communication links, fiber optical communication links,
`infrared communication links, radio communication links,
`and the like.
`The network 110 may be any type of communication
`network over which information may be transmitted. For
`example, the network 110 may be a data network, telecom
`munications network, the Internet, an intranet, wide area
`network (WAN), local area network (LAN), or the like. The
`network 110 may be a single network or a plurality of
`networks of the same or different types. In a preferred
`embodiment of the present invention, the network 110 is the
`Internet.
`The servers 140, 150 may be any type of computing
`device that is shared by one or more client devices 120, 130.
`The servers 140,150 store information that may be accessed
`by authorized client devices 120, 130. For example, the
`servers 140, 150 may store computer files, data files, appli
`cation programs, applets, and the like, that may be utilized
`by the client devices 120, 130.
`The servers 140, 150 may be secure servers or unsecured
`Servers. In a preferred embodiment of the present invention,
`the servers 140 and 150 are secure servers requiring secure
`communication connections for the exchange of information
`with the client devices 120, 130. In particular, a preferred
`embodiment of the present invention makes use of Secure
`Web ServerS 140 and 150.
`For purposes of the following explanation of the exem
`plary embodiments of the present invention, it will be
`assumed that the client device 120 communicates with the
`secure Web server 150 via the network 110 using the
`Transmission Control Protocol/Internet Protocol (TCP/IP)
`Suite of protocols, of which HyperText Transport Protocol
`(HTTP) and Hypertext Transport Protocol Secure (HTTPS)
`are included. However, as will be apparent to those of
`ordinary skill in the art, other types of protocols, Such as
`UDP, may be used without departing from the spirit and
`Scope of the present invention.
`When a client device 120 wishes to communicate with a
`secure Web server 150, for example, the client device 120
`initiates a Web browser program resident on the client
`device 120. The Universal Resource Locator (URL) for the
`Secure Web server 150 is entered into the Web browser
`program either by a user of the client device 120 or auto
`matically by an application program running on the client
`device 120. In a preferred embodiment of the present
`invention, the URL for the secure Web server 150 identifies
`a secure communication protocol, such as HTTPS. For
`example, the URL may take the form of “https://
`www.ibm.com” where “https' identifies the secure commu
`nication protocol being used to create a communication
`connection with the secure Web server identified as
`"www.ibm.com.”
`
`15
`
`25
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`

`

`US 6,874,084 B1
`
`15
`
`25
`
`S
`In response to receiving a URL, the Web browser program
`initiates a URL request that requests access to the Secure
`Web server 150. Upon receiving a reply from the secure Web
`server 150, the Secure Web server 150 is authenticated, an
`encryption key is sent to the secure Web server 150 for use
`during the Session, and a Secure communication connection
`between the Secure Web server 150 and the client device 120
`for HTML pages is established.
`Once the Secure HTML page communication connection
`is established, the secure Web server 150 may send a set of
`Java classes or a Java Archive (JAR) file to the client device
`120, either automatically or at the request of the client
`device 120. JAR is a file format used to distribute Java
`applications. It contains all the resources required to install
`and run a Java program in a single compressed file.
`Alternatively, a Java application that is already resident on
`the client device 120 may be executed, either automatically
`or at the request of a user of the client device 120 or another
`application running on the client device 120. For purposes of
`the following discussion, it will be assumed that the Java
`application is downloaded from the secure Web server 150
`as a JAR file.
`Included in the JAR file is a Secure Java communication
`connection establishing application or Set of Java classes,
`hereafter referred to as the Secure connection handler.
`Alternatively, the Secure connection handler may be embod
`ied as a plug in device for a Web browser, a Separate
`application resident on the client device 120, or as a portion
`of a Java application or applet.
`In a preferred embodiment, the Secure connection handler
`is an HTTPS handler downloaded when the JAR file is
`downloaded and used as a plug-in device to the Web
`browser. The HTTPS handler provides a mechanism by
`which Java applications and Java applets can establish
`Secure communication connections with Secure Web Servers
`directly using the HTTPS protocol, i.e. without intervention
`by a web browser. However, other secure protocols may be
`used without departing from the Spirit and Scope of the
`present invention.
`40
`The Secure connection handler establishes a Secure com
`munication connection with a secure Web server by first
`sending an HTTPS request to the secure Web server. In
`response, the Secure Web Server Sends a Server certificate
`and a Server public key to the Secure connection handler. The
`Secure connection handler then Verifies the Server certificate.
`In a preferred embodiment, the Secure connection handler
`Verifies the Server certificate by comparing the received
`Server certificate with an trusted Server certificate database
`asSociated with the Secure connection handler, as will be
`discussed in more detail hereafter.
`If the received server certificate is verified, the Secure
`connection handler responds to the secure Web server with
`a Session key encrypted with the Server public key.
`Thereafter, any data transmissions between the secure Web
`Server and the client device on which the Secure connection
`handler resides, will be encrypted using the Session key. In
`this way, a Secure communication connection is established
`between the secure Web server and the Secure connection
`handler on the client device. Thereby, any Java applications
`or applets that are run on the client device will communicate
`with the Secure Web Server using the Secure connection
`established by the Secure connection handler.
`FIG. 2 is an exemplary block diagram of a data processing
`System that may be implemented as a Server, Such as Secure
`Web server 150 in FIG. 1. Data processing system 200 may
`be a symmetric multiprocessor (SMP) system including a
`
`6
`plurality of processors 202 and 204 connected to system bus
`206. Alternatively, a single processor System may be
`employed. Also connected to system bus 206 is memory
`controller/cache 208, which provides an interface to local
`memory 209. I/O bus bridge 210 is connected to system bus
`206 and provides an interface to I/O bus 212. Memory
`controller/cache 208 and I/O bus bridge 210 may be inte
`grated as depicted.
`Peripheral component interconnect (PCI) bus bridge 214
`connected to I/O bus 212 provides an interface to PCI local
`bus 216. A number of modems may be connected to PCI bus
`216. Typical PCI bus implementations will support four PCI
`expansion slots or add-in connectors. Communications links
`to network computers 120-140 in FIG. 1 may be provided
`through modem 218 and network adapter 220 connected to
`PCI local bus 216 through add-in boards.
`Additional PCI bus bridges 222 and 224 provide inter
`faces for additional PCI buses 226 and 228, from which
`additional modems or network adapters may be Supported.
`In this manner, data processing System 200 allows connec
`tions to multiple network computers. A memory-mapped
`graphics adapter 230 and hard disk 232 may also be con
`nected to I/O bus 212 as depicted, either directly or indi
`rectly.
`Those of ordinary skill in the art will appreciate that the
`hardware depicted in FIG.2 may vary. For example, other
`peripheral devices, Such as optical disk drives and the like,
`also may be used in addition to or in place of the hardware
`depicted. The depicted example is not meant to imply
`architectural limitations with respect to the present inven
`tion.
`The data processing System depicted in FIG.2 may be, for
`example, an IBM RISC/System 6000 system, a product of
`International BusineSS Machines Corporation in Armonk,
`N.Y., running the Advanced Interactive Executive (AIX)
`operating System.
`The JAR file that is downloaded to the client device 120,
`for example, is Stored on the Server and is downloaded when
`a communication connection is established with the Server.
`The download of the JAR file may be automatic, in response
`to a selection of a hyperlink from an HTML document, or
`the like. The JAR file, in a preferred embodiment of the
`invention, includes the Secure connection handler of the
`present invention. However, as mentioned above, the Secure
`connection handler may be Stored on the client device and
`may be implemented in response to the receipt of a JAR file.
`FIG. 3 is an exemplary block diagram illustrating a data
`processing System in which the present invention may be
`implemented. Data processing System 300 is an example of
`a client computer, such as client device 120 in FIG. 1. Data
`processing System 300 employs a peripheral component
`interconnect (PCI) local bus architecture. Although the
`depicted example employs a PCI bus, other bus architectures
`such as Accelerated Graphics Port (AGP) and Industry
`Standard Architecture (ISA) may be used. Processor 302 and
`main memory 304 are connected to PCI local bus 306
`through PCI bridge 308. PCI bridge 308 also may include an
`integrated memory controller and cache memory for pro
`cessor 302. Additional connections to PCI local bus 306 may
`be made through direct component interconnection or
`through add-in boards. In the depicted example, local area
`network (LAN) adapter 310, SCSI hostbus adapter 312, and
`expansion bus interface 314 are connected to PCI local bus
`306 by direct component connection. In contrast, audio
`adapter 316, graphics adapter 318, and audio/video adapter
`319 are connected to PCI local bus 306 by add-in boards
`
`35
`
`45
`
`50
`
`55
`
`60
`
`65
`
`

`

`25
`
`7
`inserted into expansion slots. Expansion bus interface 314
`provides a connection for a keyboard and mouse adapter
`320, modem 322, and additional memory 324. Small com
`puter system interface (SCSI) hostbus adapter 312 provides
`a connection for hard disk drive 326, tape drive 328, and
`CD-ROM drive 330. Typical PCI local bus implementations
`will support three or four PCI expansion slots or add-in
`COnnectOrS.
`An operating System runs on processor 302 and is used to
`coordinate and provide control of various components
`within data processing system 300 in FIG. 3. The operating
`System may be a commercially available operating System
`Such as OS/2, which is available from International Business
`Machines Corporation. “OS/2” is a trademark of Interna
`tional BusineSS Machines Corporation. An object oriented
`programming System Such as Java may run in conjunction
`with the operating System and provides calls to the operating
`System from Java programs or applications executing on
`data processing system 300. “Java” is a trademark of Sun
`MicroSystems, Inc. Instructions for the operating System, the
`object-oriented operating System, and applications or pro
`grams are located on Storage devices, Such as hard disk drive
`326, and may be loaded into main memory 304 for execution
`by processor 302.
`Those of ordinary skill in the art will appreciate that the
`hardware in FIG. 3 may vary depending on the implemen
`tation. Other internal hardware or peripheral devices, Such as
`flash ROM (or equivalent nonvolatile memory) or optical
`disk drives and the like, may be used in addition to or in
`place of the hardware depicted in FIG. 3. Also, the processes
`of the present invention may be applied to a multiprocessor
`data processing System.
`For example, data processing System 300, if configured as
`a network computer, may not include SCSI hostbus adapter
`312, hard disk drive 326, tape drive 328, and CD-ROM 330,
`as noted by dotted line 332 in FIG. 3 denoting optional
`inclusion. In that case, the computer, to be properly called a
`client computer, must include Some type of network com
`munication interface, such as LAN adapter 310, modem
`40
`322, or the like. AS another example, data processing System
`300 may be a stand-alone system configured to be bootable
`without relying on Some type of network communication
`interface, whether or not data processing System 300 com
`prises Some type of network communication interface. AS a
`45
`further example, data processing System 300 may be a
`Personal Digital Assistant (PDA) device which is configured
`with ROM and/or flash ROM in order to provide non
`Volatile memory for Storing operating System files and/or
`user-generated data.
`The depicted example in FIG. 3 and above-described
`examples are not meant to imply architectural limitations.
`For example, data processing System 300 also may be a
`notebook computer or hand held computer in addition to
`taking the form of a PDA. Data processing system 300 also
`may be a kiosk or a Web appliance.
`The data processing system 300 executes the Java appli
`cation or applet received in the JAR file from the secure Web
`Server, along with the Secure connection handler of the
`present invention. Alternatively, as mentioned above, the
`Java application and the Secure connection handler may be
`resident as one or more classes Stored in memory on the data
`processing system 300 or on a peripheral device of the data
`processing system 300.
`FIG. 4 is an exemplary data flow diagram illustrating the
`process of Setting up a Secure communication connection
`between a client device 120 and a secure Web server 150 in
`
`50
`
`55
`
`60
`
`65
`
`US 6,874,084 B1
`
`15
`
`35
`
`8
`accordance with the present invention. AS Shown in FIG. 4,
`the process Starts with the client device 120 Sending an
`HTML page request to the secure Web server 150. In
`response, the secure web server 150 sends the requested
`HTML page to the client device 120. In addition to the
`requested HTML page, the secure web server 150 may send
`a JAR file containing the Java application classes, keyring
`class, and the like.
`The JAR file is only provided if the secure web server 150
`is verified. In other words, it is verified that the JAR file is
`downloaded from a known secure web server. The verifica
`tion may be performed, for example, by way of certificate
`Verification or may be performed by Signature verification of
`the JAR file.
`With certificate verification, the client device 120 requests
`that the secure web server 150 send the client device 120 a
`server certificate and a public key. The client device 120
`Verifies the Server certificate and, if verified, uses the
`received public key to encrypt a Session key.
`The client device 120 may verify the server certificate by
`comparing the Server certificate with a database of trusted
`server certificates associated with the client device 120. The
`database of trusted Server certificates may be Stored, for
`example, in a memory and may be updated automatically or
`manually by the user of the client device 120, in a manner
`known in the art. The server certificate is verified when the
`comparison to the trusted Server certificate database indi
`cates that the Server certificate is in the trusted Server
`certificate; database. If not, the Server certificate is not
`Verified and a Secure communication connection with the
`secure Web server 150 cannot be established. This may be
`due to tampering with the data stream by a third party, or the
`like, which alters the data Stream and thus, the Server
`certificate information forwarded by the secure Web server
`150.
`Once the secure Web server 150 is verified, the client
`device 120 Sends a Secret Session key encrypted with the
`public key, to the secure Web server 150. This session key
`is then used to send and receive HTML documents, HTML
`data, and the JAR file over a Secure communication con
`nection with the Secure Web server 150.
`Alternatively, the JAR file may be “signed” by the secure
`web server 150 when the JAR file is sent to the client device
`120. The signature on the JAR file is then verified by the
`client device 120 through, for example, comparison to a
`trusted Server Signature database, or the like. For purposes of
`explanation, the following description will assume that
`certificate Verification is performed to establish a Secure
`communication