We used TCP/IP as the communication protocol because it is also common, well supported and independent of physical media. Although modems are used in the MHCID system today, we anticipate other media in the future.
In order to secure the database communications, we needed an efficient, robust and proven encryption protocol. Developing encryption algorithms and secure protocols is a complex task, fraught with danger. Rather than invent our own, it was preferable to use something ``tried and true.'' SSL, developed by Netscape, is just such a protocol. It can use public-key cryptography to authenticate the server and to exchange a secret session key in a secure fashion.
Fortunately, an efficient implementation of SSL is available on the Internet, courtesy the hard work of Eric Young and Tim Hudson - SSLeay.
We developed our own DBMS protocol using a simple syntax, on top of SSL sockets. A set of three-letter commands was defined, which supports everything from logging in, to multi-record read and write operations. The client sends commands to the server, and the server replies with any relevant data, plus a status code. The protocol was designed to be terse, simple and to support every operation required by our client software in a single operation.
Some examples of how the protocol speeds up the client/server interaction are: