Distributed SSL processing
First Claim
1. A method of securely communicating data between a server and a remote client computer, the method comprising:
- a. providing an SSL server proxy, and a certificate manager comprising a decryption facility;
b. establishing a secure socket layer (SSL) connection between the client computer and the server utilizing communications between the SSL server proxy and the certificate manager; and
c. conducting a SSL communication session between the client computer and the server via the SSL server proxy.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods and systems for communicating data between a server and a remote client computer through a secure socket layer (“SSL”). In accordance with the present invention, server-side SSL functions are performed by a network device located remotely from a secure data center, while maintaining the secure use of centralized certificates and their associated private keys. The invention may be employed in conjunction with acceleration functions operating within coordinated network devices, facilitating acceleration of overall SSL traffic. The invention improves on the prior art by allowing the remotely located acceleration device to use the certificate and private key of the target application server, but without compromising the security of the server'"'"'s private key.
-
Citations
20 Claims
-
1. A method of securely communicating data between a server and a remote client computer, the method comprising:
-
a. providing an SSL server proxy, and a certificate manager comprising a decryption facility;
b. establishing a secure socket layer (SSL) connection between the client computer and the server utilizing communications between the SSL server proxy and the certificate manager; and
c. conducting a SSL communication session between the client computer and the server via the SSL server proxy. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system for facilitating secure communication of data between a server and a remote client computer, the system comprising:
-
a certificate manager comprising a decryption facility;
a secure socket layer (SSL) server proxy;
a connector for establishing an SSL connection between the client computer and the server via the SSL server proxy and the certificate manager using the decryption facility;
and a transceiver for conducting a SSL communication session between the client computer and the server via the SSL server proxy. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification