公开(公告)号：US09124628B2

公开(公告)日：2015-09-01

申请号：US13623127

申请日：2012-09-20

Applicant: Cisco Technology, Inc.

Inventor： Hari Shankar ,  Jianxin Wang ,  Daryl Odnert ,  Manju Radhakrishnan ,  Andrew E. Ossipov

IPC: G06F15/16 ,  H04L29/06

CPC classification number: H04L63/166

Abstract: Techniques are presented for seamless engagement and disengagement of Transport Layer Security proxy services. A first initial message of a handshaking procedure for a first secure communication session between a first device and a second device is intercepted at a proxy device. The first initial message of the handshaking procedure is saved at the proxy device. A second initial message of a second handshaking procedure for a second secure communication session between the proxy device and the second device is sent from the proxy device to the second device. It is determined from the second handshaking procedure that inspection of the first secure communication session is not to be performed by the proxy device. The first secure communication session is established without examination of the communication traffic by the proxy device.

Abstract translation: 介绍了传输层安全代理服务的无缝接合和脱离接口的技术。 在代理设备处拦截用于第一设备和第二设备之间的第一安全通信会话的握手过程的第一初始消息。 握手过程的第一个初始消息保存在代理设备中。 用于代理设备和第二设备之间的第二安全通信会话的第二握手过程的第二初始消息被从代理设备发送到第二设备。 从第二握手程序确定第一安全通信会话的检查不被代理设备执行。 建立第一安全通信会话而不检查代理设备的通信流量。

公开(公告)号：US20150304340A1

公开(公告)日：2015-10-22

申请号：US14753743

申请日：2015-06-29

Applicant: Cisco Technology, Inc.

Inventor： Haiyan Luo ,  Hari Shankar ,  Daryl Odnert ,  Niranjan Koduri

IPC: H04L29/06

CPC classification number: H04L63/105 ,  G06F21/552 ,  G06F21/6218 ,  H04L63/0227 ,  H04L63/0281

Abstract: A policy is established comprising a condition having a multiphase attribute of a multiphase transaction. Phase specific policies are established for each phase in which the multiphase attribute may become known. The multiphase transaction is evaluated according to the phase specific policies at each phase of the multiphase transaction in which the multiphase attribute may become known until a policy decision of the policy is determined.

Abstract translation: 建立包括具有多相交易的多相属性的条件的策略。 针对可以将多相属性知道的每个阶段建立相位特定策略。 根据多阶段事务的每个阶段的阶段特定策略来评估多阶段事务，其中多阶段属性可以在其中被确定，直到策略的策略决定被确定为止。

公开(公告)号：US20140082204A1

公开(公告)日：2014-03-20

申请号：US13623127

申请日：2012-09-20

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Hari Shankar ,  Jianxin Wang ,  Daryl Odnert ,  Manju Radhakrishnan ,  Andrew E. Ossipov

IPC: G06F15/16

CPC classification number: H04L63/166

Abstract: Techniques are presented for seamless engagement and disengagement of Transport Layer Security proxy services. A first initial message of a handshaking procedure for a first secure communication session between a first device and a second device is intercepted at a proxy device. The first initial message of the handshaking procedure is saved at the proxy device. A second initial message of a second handshaking procedure for a second secure communication session between the proxy device and the second device is sent from the proxy device to the second device. It is determined from the second handshaking procedure that inspection of the first secure communication session is not to be performed by the proxy device. The first secure communication session is established without examination of the communication traffic by the proxy device.

Abstract translation: 介绍了传输层安全代理服务的无缝接合和脱离接口的技术。 在代理设备处拦截用于第一设备和第二设备之间的第一安全通信会话的握手过程的第一初始消息。 握手过程的第一个初始消息保存在代理设备中。 用于代理设备和第二设备之间的第二安全通信会话的第二握手过程的第二初始消息被从代理设备发送到第二设备。 从第二握手程序确定第一安全通信会话的检查不被代理设备执行。 建立第一安全通信会话而不检查代理设备的通信流量。

公开(公告)号：US09306955B2

公开(公告)日：2016-04-05

申请号：US14753743

申请日：2015-06-29

Applicant: Cisco Technology, Inc.

Inventor： Haiyan Luo ,  Hari Shankar ,  Daryl Odnert ,  Niranjan Koduri

IPC: H04L29/06 ,  G06F21/55 ,  G06F21/62

CPC classification number: H04L63/105 ,  G06F21/552 ,  G06F21/6218 ,  H04L63/0227 ,  H04L63/0281

Abstract: A policy is established comprising a condition having a multiphase attribute of a multiphase transaction. Phase specific policies are established for each phase in which the multiphase attribute may become known. The multiphase transaction is evaluated according to the phase specific policies at each phase of the multiphase transaction in which the multiphase attribute may become known until a policy decision of the policy is determined.