Application-level service access to encrypted data streams
US8788805B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Feb 29, 2008 |
| Grant date | Jul 22, 2014 |
| Priority date | — |
| Expiry date | May 19, 2032 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/166
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
Techniques for securely providing cryptographic keys to trusted intermediate nodes or monitoring devices are described so that SSL, TLS, or IPSec communications can be monitored, compressed over a WAN, or otherwise used. In an embodiment, a trusted intermediate node establishes a secure connection to a key server; receiving session identification data for an encrypted session between a client and a content server during negotiation of the encrypted session, and storing a copy of the session identification data; requesting from the key server, over the secure connection, a decryption key associated with the encrypted session; receiving an encrypted message communicated between the client and the content server; forwarding the encrypted message without modification to a destination address in the encrypted message; and decrypting the encrypted message using the decryption key to result in decrypted data and using or storing the decrypted data in a storage unit.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.