Abstract: A multi-level encryption scheme is provided for a wireless network. A first level of encryption is provided primarily for wireless communications taking place between a mobile terminal and an access point. In addition, a second, higher level of encryption is provided which is distributed beyond the wireless communications onto the system backbone itself. Through a key distribution server/access point arrangement, the second level of encryption provides a secure means for distributing the encryption scheme of the first level without compromising the integrity of the network.

Abstract: A Secure Key Management Framework (SKMF) defines an infrastructure for a complete set of cryptographic services augmented with key recovery enablement. There are three major layers—the application layer invokes the SKMF layer, while the SKMF layer invokes the service provider (SP) layer. The application layer code invokes the cryptographic API and key-recovery API supported by the SKMF. Multiple key recovery mechanisms and cryptographic mechanisms can be implemented as service providers that log-in underneath the framework using the well-defined service provider interfaces provided by the framework. The SKMF implements the supported ATP calls by making appropriate invocations of the service provider modules using the SPIs.