TLS connection abandoning
A network-based appliance includes a mechanism to enable the appliance to extract itself from man-in-the-middle (MITM) processing during a client-server handshake and without interrupting that connection. The mechanism enables the appliance to decide (e.g., based on a rule match against a received s...
Saved in:
Main Authors | , |
---|---|
Format | Patent |
Language | English |
Published |
26.09.2017
|
Subjects | |
Online Access | Get full text |
Cover
Loading…
Abstract | A network-based appliance includes a mechanism to enable the appliance to extract itself from man-in-the-middle (MITM) processing during a client-server handshake and without interrupting that connection. The mechanism enables the appliance to decide (e.g., based on a rule match against a received server certificate) to stop performing MITM during the handshake and thus to de-insert itself transparently, i.e., without interfering or signaling to either end of the session that this operation is occurring. Once the connection is abandoned in the manner, the appliance ignores additional traffic flow and thus can free up processing resources (CPU, memory, and the like) that would otherwise be required to decrypt the connection (even if no further inspection or rewrite processing would be expected to occur). |
---|---|
AbstractList | A network-based appliance includes a mechanism to enable the appliance to extract itself from man-in-the-middle (MITM) processing during a client-server handshake and without interrupting that connection. The mechanism enables the appliance to decide (e.g., based on a rule match against a received server certificate) to stop performing MITM during the handshake and thus to de-insert itself transparently, i.e., without interfering or signaling to either end of the session that this operation is occurring. Once the connection is abandoned in the manner, the appliance ignores additional traffic flow and thus can free up processing resources (CPU, memory, and the like) that would otherwise be required to decrypt the connection (even if no further inspection or rewrite processing would be expected to occur). |
Author | Kubilus, Jr. Matthew Joseph Mazur Steven Ashley |
Author_xml | – fullname: Kubilus, Jr. Matthew Joseph – fullname: Mazur Steven Ashley |
BookMark | eNrjYmDJy89L5WSQDPEJVkjOz8tLTS7JzM9TSExKzEvJz8vMS-dhYE1LzClO5YXS3AwKbq4hzh66qQX58anFBYnJqXmpJfGhwZbm5iZmxoZORsZEKAEAmf4kDg |
ContentType | Patent |
DBID | EVB |
DatabaseName | esp@cenet |
DatabaseTitleList | |
Database_xml | – sequence: 1 dbid: EVB name: esp@cenet url: http://worldwide.espacenet.com/singleLineSearch?locale=en_EP sourceTypes: Open Access Repository |
DeliveryMethod | fulltext_linktorsrc |
Discipline | Medicine Chemistry Sciences |
ExternalDocumentID | US9774631B2 |
GroupedDBID | EVB |
ID | FETCH-epo_espacenet_US9774631B23 |
IEDL.DBID | EVB |
IngestDate | Fri Jul 19 15:03:03 EDT 2024 |
IsOpenAccess | true |
IsPeerReviewed | false |
IsScholarly | false |
Language | English |
LinkModel | DirectLink |
MergedId | FETCHMERGED-epo_espacenet_US9774631B23 |
Notes | Application Number: US201414527475 |
OpenAccessLink | https://worldwide.espacenet.com/publicationDetails/biblio?FT=D&date=20170926&DB=EPODOC&CC=US&NR=9774631B2 |
ParticipantIDs | epo_espacenet_US9774631B2 |
PublicationCentury | 2000 |
PublicationDate | 20170926 |
PublicationDateYYYYMMDD | 2017-09-26 |
PublicationDate_xml | – month: 09 year: 2017 text: 20170926 day: 26 |
PublicationDecade | 2010 |
PublicationYear | 2017 |
RelatedCompanies | International Business Machines Corporation |
RelatedCompanies_xml | – name: International Business Machines Corporation |
Score | 3.11564 |
Snippet | A network-based appliance includes a mechanism to enable the appliance to extract itself from man-in-the-middle (MITM) processing during a client-server... |
SourceID | epo |
SourceType | Open Access Repository |
SubjectTerms | ELECTRIC COMMUNICATION TECHNIQUE ELECTRICITY TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION |
Title | TLS connection abandoning |
URI | https://worldwide.espacenet.com/publicationDetails/biblio?FT=D&date=20170926&DB=EPODOC&locale=&CC=US&NR=9774631B2 |
hasFullText | 1 |
inHoldings | 1 |
isFullTextHit | |
isPrint | |
link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwfV1LS8NAEB5KFfWmVTG-yEFyC2YfickhCNkkFLEPTCK9lTy20EtbbMS_7-ySVi96W3ZhdndgZr7ZnQfAAyIChjDUsUufU5tTR9plgHKFYLRuKsJql6p859HYGxb8ZebOerDc5cLoOqFfujgiSlSN8t5qfb35ecSKdWzl9rFa4tT6Oc3D2Oq8Y_LkBNSz4ihMppN4IiwhwiKzxm-hgjkeIxFq6wOFolWZ_eQ9Ukkpm98WJT2FwykSW7Vn0JOrARyLXeO1ARyNuv9uHHaitz0HI3_NzFqFpehMBLOsStWIAy3PBZhpkouhjXvM9_eZF9n-NOwS-ujmyyswmSR-IwPmLhjjDfF9XgaSU9UJvmHVghtg_Enm-p-1GzhRjFExDtS7hX778Snv0JC21b1mwTeb3nXU |
link.rule.ids | 230,309,786,891,25594,76906 |
linkProvider | European Patent Office |
linkToHtml | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwfV1LT4NAEJ401VhvWjXik4PhRgR2S-FATIASVKCNgOmN8NgmvbSNxfj3nd3Q6kVvm91kdneSmflmdx4AD4gICMJQTS0taqjU0Jha2ihXCEbrptJJPTJ4vnOcmGFOX-ajeQ-Wu1wYUSf0SxRHRImqUd5boa83P49Yvoit3D5WS5xaPwWZ4yudd6yPNdswFd91JrOpP_UUz3PyVEneHA5zTKK7qK0Pxrw4L0dO7y5PStn8tijBCRzOkNiqPYUeWw1h4O0arw3hKO7-u3HYid72DKQsSuWah6WITAS5rEreiAMtzznIwSTzQhX3KPb3KfJ0fxpyAX1089klyITpVsNsMloQQhvdsmhpM2rwTvANqRZUAulPMlf_rN3DIMziqIiek9drOOZM4vEOhnkD_fbjk92iUW2rO8GOb0XCeME |
openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Apatent&rft.title=TLS+connection+abandoning&rft.inventor=Kubilus%2C+Jr.+Matthew+Joseph&rft.inventor=Mazur+Steven+Ashley&rft.date=2017-09-26&rft.externalDBID=B2&rft.externalDocID=US9774631B2 |