Patent · US Active

Graceful termination of security-violation client connections in a network protection system (NPS)

US11228607B2 · kind B2 · utility

0Cited by

2References

18Claims

0Family size

Assignee

International Business Machines Corporation · US

Inventors

Leonid Rodniansky · Brookline, US
Viktor Ginzburg · Newton, US
Richard Ory Jerrell · Littleton, US
Galia Diamant · Littleton, US

Key dates

Filing date	Nov 9, 2019
Grant date	Jan 18, 2022
Priority date	—
Expiry date	Apr 7, 2040

Classification

Technology area (CPC H)Electricity
CPC primaryH04L67/10
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

A network protection system (NPS) is augmented to provide additional functionality—preferably within the SSL/TLS connection at the OSI presentation layer—to enable efficient management and handling of security-violating client connections. When the NPS determines to suspend a suspect application client connection, the NPS modifies the request (the TLS encrypted packet) at a random offset to include a random byte value. When the modified request is then received at the server, a TLS decryption error occurs. In response, the server drops the request gracefully and, in particular, a termination response is returned from the server to the NPS, which then passes the termination response back to the requesting client.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.