Patent · US Active

Cloud based inspection of secure content avoiding man-in-the-middle attacks

US8869259B1 · kind B1 · utility

97Cited by

7References

18Claims

0Family size

Assignee

Zscaler, Inc. · US

Inventors

Sivaprasad Udupa · Sunnyvale, US
Narinder Paul · Sunnyvale, US
Jose Raphel · Austin, US
Kailash Kailash · San Jose, US

Key dates

Filing date	May 19, 2011
Grant date	Oct 21, 2014
Priority date	—
Expiry date	Mar 4, 2032

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/20
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

A cloud based system that facilitates inspection of secure content and inexpensively detects the presence of a Man-in-the-Middle attack in a client-server communication is disclosed. Through inspection of the server certificate, no Man-in-the-Middle attack between server and the system is ensured; through inspection and designation of the client certificate, absence of a Man-in-the-Middle attack between the cloud based system and the client is ensured. In this way, the cloud based system can perform its usual policy enforcement functions with respect to secure content while avoiding Man-in-the-Middle attacks.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.