Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Protection at a particular protocol layer
Reexamination Certificate
2006-05-30
2006-05-30
Revak, Christopher (Department: 2131)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Protection at a particular protocol layer
C709S223000, C709S224000, C726S003000
Reexamination Certificate
active
07055027
ABSTRACT:
A network architecture allows an intermediary to inspect an encrypted data stream on a virtual private network (VPN) in a secure and trusted manner. The endpoints establish a virtual private network by negotiating a session key used to encrypt data being exchanged between them. The endpoints know the session key, but not the intermediary. To grant the intermediary trusted access to the data stream on the VPN, one endpoint securely transfers the session key to the firewall by encrypting the session key using the intermediary's public key and then signing the encrypted session key. The intermediary authenticates the signature and decrypts the session key using its own private key. If the process yields a valid key, the intermediary is assured that the session key was sent by the endpoint and was not subsequently tampered with in route. Once the session key is transferred, the firewall can decrypt and inspect the data stream on the VPN in a manner that is transparent to the endpoints.
REFERENCES:
patent: 5214702 (1993-05-01), Fischer
patent: 5835726 (1998-11-01), Shwed et al.
patent: 2001/0034708 (2001-10-01), Walker et al.
Bruce Schneier, Applied Cryptography, 1996, John Willey & Sons, Inc. Second Edition, p. 31-48.
Gunter David
Shachaf Leeon Moshe
Arani Taghi T.
Lee & Hayes PLLC
Microsoft Corporation
Revak Christopher
LandOfFree
System and method for trusted inspection of a data stream does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with System and method for trusted inspection of a data stream, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and System and method for trusted inspection of a data stream will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3613518