Telecommunications – Radiotelephone system – Security or fraud prevention
Reexamination Certificate
2001-08-01
2004-11-30
Trost, William (Department: 2683)
Telecommunications
Radiotelephone system
Security or fraud prevention
C455S410000, C455S414100, C705S064000, C705S067000, C705S071000
Reexamination Certificate
active
06826395
ABSTRACT:
FIELD OF THE INVENTION
The present invention relates to systems and methods for secure trading mechanisms, and more particularly, to a system and a method for a secure trading mechanism combining wireless communication and wired communication, applied to a security mechanism for e-commerce (electronic commerce) over the internet so as to assure the security of end-to-end trading in the current use of the wireless communication.
BACKGROUND OF THE INVENTION
Conventionally, a network is primarily used for transmitting e-mail and sharing peripheral computer resources. With the progress of electronic and communication technologies, the internet further provides a function of e-commerce, that is, access to processing a bank account, purchasing, claiming tax through the internet, etc. This makes human life more convenient and time-saving.
Currently, in order to claim tax through e-commerce, a user must apply an identity certificate from the government certification authority (GCA). At first, application software is downloaded from a web site of GCA, in which the user personally sets up a key to be stored in a “private key disk” and accordingly inputs related data to a “certificate disk” for storage. Subsequently, the user having an identification card thereof and the “certificate disk” can file for application at a service counter of the Taiwan Communication Company. After the application is successfully passed through examination, the user is able to download the identity certificate to the “certificate disk” through the internet. Alternatively, if the user is a Hinet user, application for the identity certificate can be filed directly through the internet, while examination for the application is executed by a controlling system of Hinet. In this case, people can complete a process for claiming tax in a manner of acquiring an electronic pocket software and a trading certificate, and then uploading claim-related data to the government tax office through the internet. This therefore provides benefits such as convenience and time-saving for people, who had been always queued for claiming tax in the past.
However, the security for trading through the network is a potential problem. Since the internet and local networks are connected through communication protocols such as TCP, IP, UDP, FTP, RPC, PIC, HTTP, SMTP, IEEE802.3 (Ethernet), etc. Intrinsically, these communication protocols have no encryption mechanism. Therefore, the internet environment is opened, for example, a packet password can be easily captured from a local network. Obviously, in the condition of no encryption and no secure communication protocol available for data transmitted between different levels (or layers) of the networks, the transmitted data can not be securely protected.
Moreover, wireless mobile communication services have become a mainstream in current communication services. Further due to the difficulty in construction, a wired, dedicated or fiber communication system must be gradually replaced by a wireless communication system. Therefore, IEEE defines the IEEE 802.11 as a standard for a wireless local network; whereas security-related services include a secure socket layer (SSL) communication protocol from Netscape family, a secure electronic transaction (SET) protocol for a secure paying mechanism of e-commerce, etc., which are commonly used security mechanisms. For the wireless local network, a wireless modem is originally used, which only allows end-to-end connection and employs radio frequency as a wireless transmission medium, that is therefore easy to be illegally acquired, used and destroyed. In this case, security is a significant consideration in the use of such a wireless local network.
In conclusion, it is desired to develop a novel system for securely trading through network communications, in which security can be assured for two-way trading, and a transaction can be performed in real time.
SUMMARY OF THE INVENTION
A primary objective of the present invention is to provide a system and a method for a secure trading mechanism combining wireless communication and wired communication, which, in the condition of two-way trading constructed based on network connection of a wireless communication device functioning in two-way transmission to a trading server and a trading host of a wired communication devices, allow the trading to be performed in real time. Moreover, the system and method of the invention in the foregoing condition can determine the correctness for data transmitted between different levels of the network according to a secure communication protocol defined in each communication device, so as to assure the security of trading data in transmission. In addition, in the system and method of the invention under the foregoing condition, first, a personal identification number (PIN) input by a user and a device identification code of the wireless communication device are encrypted, respectively. Then, the encrypted PIN and device identification code are incorporated and digitally signed. Subsequently, the encrypted PIN, the encrypted device identification code and the digitally-signed data are incorporated and further encrypted. In the use of multiple and different encryption processes, the trading data can therefore be prevented from being acquired or changed without authorization.
According to the foregoing and other objectives, the present invention provides a system and a method for a secure trading mechanism combining wireless communication and wired communication. The system of the invention comprises: wired communication devices including a plurality of trading hosts, a plurality of trading servers, and a plurality of wireless and wired data exchange gateways; and wireless communication devices including a plurality of wireless communication message interchange centers and a wireless two-way communication device.
The trading hosts each has a memory unit for storing an identity identification code, a personal identification number, a device identification code dedicated for a wireless two-way communication device of a user and a plurality of sets of keys, which are input by the user to the trading host; a secure communication protocol for allowing data transmission and communication with the trading servers; encryption and decryption software for encrypting and decrypting data received and transmitted by the trading host; a method for determining correctness of the personal identification number during trading; a method for modifying the personal identification number; and a function of being a router, so as to allow the trading hosts to serve as devices for registration prior to performing trading.
The trading servers each has a memory unit for recording a look-up table of correlation between the trading server and the trading hosts; a secure communication protocol for data transmission and communication with the trading hosts, and with the wireless and wired data exchange gateways; and a function of being a router; and the trading servers serve as communication interfaces between the trading hosts and the wireless and wired data exchange gateways, in a manner that the trading servers receive data from the trading hosts and transmit the data to the wireless and wired data exchange gateways, or receive data from the wireless and wired data exchange gateways and transmit the data to the trading hosts.
The wireless and wired data exchange gateways each has a memory unit for recording a look-up table of correlation between a trading type and the trading servers; a secure communication protocol for data transmission and communication with the trading servers, and with the wireless communication message interchange centers; and a function of being a router; and the wireless and wired data exchange gateways receive data from the trading servers and transmit the data to the wireless communication message interchange centers, or receive data from the wireless communication message interchange centers and transmit the data to the trading servers, so as to allow the wireless and wired data
Chang Sung-Yao
Lee Jun-Yih
Wang Ching-Feng
Corless Peter F.
Edwards & Angell LLP
Jensen Steven M.
Telepaq Technology, Inc.
Torres Marcos L
LandOfFree
System and method for secure trading mechanism combining... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with System and method for secure trading mechanism combining..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and System and method for secure trading mechanism combining... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3339598