Transferring data via a secure network connection

US 20030131259A1
Filed: 01/10/2002
Published: 07/10/2003
Est. Priority Date: 01/10/2002
Status: Active Grant

First Claim

Patent Images

1. A computer program product for controlling a proxy computer to transfer data via a secure network connection, said computer program product comprising:

first link establishing code operable to establish a first secure link between a first computer and said proxy computer;

second link establishing code operable to establish a second secure link between said proxy computer and a second computer;

receiving code operable to receive at said proxy computer said data in encrypted form from said second computer;

decrypting code operable to decrypt said data at said proxy computer;

scanning code operable to scan said data at said proxy computer for illegal content and triggering illegal content found action if illegal content is found within said data; and

sending code operable to send said data in encrypted form from said proxy computer to said first computer.

View all claims

11 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A request for secure data sent from a client computer 2 to a webtsite server computer 4 is redirected to a proxy computer 6. A secure connection is established with the proxy computer 6 using a protocol such as HTTPS and Certificate Exchange. The proxy computer 6 then establishes its own secure connection with the website server 4. The data requested is passed in encrypted form from the website server computer 4 to the proxy computer 6. The proxy computer 6 decrypts this data and then scans it for illegal content, such as computer viruses, worms, Trojans, banned computer files, banned words, banned combinations of words or banned images and the like. Providing no illegal content is found, the data is encrypted again for transfer over the secure link between the proxy computer 6 and the client computer 2. The proxy computer 6 may conveniently be the firewall computer within a local area network.

Citations

24 Claims

1. A computer program product for controlling a proxy computer to transfer data via a secure network connection, said computer program product comprising:
- first link establishing code operable to establish a first secure link between a first computer and said proxy computer;
  
  second link establishing code operable to establish a second secure link between said proxy computer and a second computer;
  
  receiving code operable to receive at said proxy computer said data in encrypted form from said second computer;
  
  decrypting code operable to decrypt said data at said proxy computer;
  
  scanning code operable to scan said data at said proxy computer for illegal content and triggering illegal content found action if illegal content is found within said data; and
  
  sending code operable to send said data in encrypted form from said proxy computer to said first computer.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 16)
- - 2. A computer program product as claimed in claim 1, wherein said first computer and said second computer are respective ones of a client computer accessing said data via a browser and a website server computer.
  - 3. A computer program product as claimed in claim 1, wherein said data is secure web content.
  - 4. A computer program product as claimed in claim 1, wherein said first secure link is made using a HTTPS secure protocol.
  - 5. A computer program product as claimed in claim 1, wherein said second secure link is made using a HTTPS secure protocol.
  - 6. A computer program product as claimed in claim 1, wherein said illegal content includes one or more of:
    - a computer virus, a worm, a Trojan, a banned computer file, a banned word, a banned combination of words and a banned image.
  - 7. A computer program product as claimed in claim 2, wherein said website server computer associates a security Certificate with said data send from said website server computer to said proxy computer for use by said proxy computer to authenticate said data and said proxy computer associates a security Certificate issued by said proxy computer with said data sent from said proxy computer to said client computer for use by said client computer to authenticate said data.
  - 8. A computer program product as claimed in claim 1, wherein said proxy computer is a firewall computer.
  - 16. A method as claimed in claim 1, wherein said proxy computer is a firewall computer.

9. A method of transferring data via a secure network connection, said method comprising the steps of:
- establishing a first secure link between a first computer and a proxy computer;
  
  establishing a second secure link between said proxy computer and a second computer;
  
  receiving at said proxy computer said data in encrypted form from said second computer;
  
  decrypting said data at said proxy computer;
  
  scanning said data at said proxy computer for illegal content and triggering illegal content found action if illegal content is found within said data; and
  
  sending said data in encrypted form from said proxy computer to said first computer.
- View Dependent Claims (10, 11, 12, 13, 14, 15)
- - 10. A method as claimed in claim 9, wherein said first computer and said second computer are respective ones of a client computer accessing said data via a browser and a website server computer.
  - 11. A method as claimed in claim 9, wherein said data is secure web content.
  - 12. A method as claimed in claim 9, wherein said first secure link is made using a HTTPS secure protocol.
  - 13. A method as claimed in claim 9, wherein said second secure link is made using a HTTPS secure protocol.
  - 14. A method as claimed in claim 9, wherein said illegal content includes one or more of:
    - a computer virus, a worm, a Trojan, a banned computer file, a banned word, a banned combination of words and a banned image.
  - 15. A method as claimed in claim 10, wherein said website server computer associates a security Certificate with said data send from said website server computer to said proxy computer for use by said proxy computer to authenticate said data and said proxy computer associates a security Certificate issued by said proxy computer with said data sent from said proxy computer to said client computer for use by said client computer to authenticate said data.

17. Apparatus for transferring data via a secure network connection, said apparatus comprising:
- first link establishing logic operable to establish a first secure link between a first computer and said proxy computer;
  
  second link establishing logic operable to establish a second secure link between said proxy computer and a second computer;
  
  receiving logic operable to receive at said proxy computer said data in encrypted form from said second computer;
  
  decrypting logic operable to decrypt said data at said proxy computer;
  
  scanning logic operable to scan said data at said proxy computer for illegal content and triggering illegal content found action if illegal content is found within said data; and
  
  sending logic operable to send said data in encrypted form from said proxy computer to said first computer.
- View Dependent Claims (18, 19, 20, 21, 22, 23, 24)
- - 18. Apparatus as claimed in claim 17, wherein said first computer and said second computer are respective ones of a client computer accessing said data via a browser and a website server computer.
  - 19. Apparatus as claimed in claim 17, wherein said data is secure web content.
  - 20. Apparatus as claimed in claim 17, wherein said first secure link is made using a HTTPS secure protocol.
  - 21. Apparatus as claimed in claim 17, wherein said second secure link is made using a HTTPS secure protocol.
  - 22. Apparatus as claimed in claim 17, wherein said illegal content includes one or more of:
    - a computer virus, a worm, a Trojan, a banned computer file, a banned word, a banned combination of words and a banned image.
  - 23. Apparatus as claimed in claim 18, wherein said website server computer associates a security Certificate with said data send from said website server computer to said proxy computer for use by said proxy computer to authenticate said data and said proxy computer associates a security Certificate issued by said proxy computer with said data sent from said proxy computer to said client computer for use by said client computer to authenticate said data.
  - 24. Apparatus as claimed in claim 17, wherein said proxy computer is a firewall computer.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
McAfee, LLC
Original Assignee
McAfee, Inc. (McAfee, LLC)
Inventors
Barton, Christopher Andrew, Clarke, Graham Andrew, Crowe, Simon

Granted Patent

US 7,093,121 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/201
CPC Class Codes

H04L 63/0281   Proxies

H04L 63/029   Firewall traversal, e.g. tu...

H04L 63/0464   using hop-by-hop encryption...

H04L 63/0823   using certificates cryptogr...

H04L 63/168   above the transport layer

Transferring data via a secure network connection

First Claim

11 Assignments

0 Petitions

Accused Products

Abstract

Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

Transferring data via a secure network connection

First Claim

11 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links