Inspecting encrypted communications with end-to-end integrity
US7562211B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Oct 27, 2005 |
| Grant date | Jul 14, 2009 |
| Priority date | — |
| Expiry date | Jan 13, 2026 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/166
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
Encrypted communications between peers are inspected by a proxy server, for bugs, viruses, malicious software and the like, while the proxy server is prevented from modifying the encrypted communications. A proxy server functioning as a gateway processor between the peers includes a security processor. The security processor is coupled to one of the peers via a channel that is separate from the channel carrying the encrypted communications between the peers. Cryptographic keys needed to decrypt the encrypted communications are provided via the separate channel to the security processor prior to commencement of encrypted communications. The security processor monitors the encrypted communications. The security processor decrypts the monitored encrypted communications without perturbing the encrypted communications. The security processor decrypts the encrypted communications utilizing the previously provided cryptographic keys. The security processor inspects the decrypted communications. If any faults are found, the security processor provides appropriate notification.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.