Patent · US Active

Security policy enforcement

US9288234B2 · kind B2 · utility

11Cited by

3References

18Claims

0Family size

Assignee

International Business Machines Corporation · US

Inventors

Arthur J. Barr · Southampton, GB
Oliver M. Deakin · Southampton, GB
Robert B. Nicholson · Winchester, GB
Colin J. Thorne · Southampton, GB

Key dates

Filing date	Jul 31, 2012
Grant date	Mar 15, 2016
Priority date	—
Expiry date	Jul 31, 2032

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/10
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

A method of operating a network message interceptor for enforcing a security policy for communication over a network between first and second network endpoints, the interceptor being in communication with the network and external to the first and second endpoints, the network including transport layer security, and the security policy identifying at least one valid security standards for communication over the network, the method comprising the steps of: intercepting a handshake message transmitted over the network between the first and second endpoints; extracting from the handshake message an identification of a security standard selected for the communication between the first and second endpoints; determining a validity status of the identified security standard based on the security policy; and preventing communication between the first and second endpoints based on a negatively determined validity status of the identified security standard.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.