CRYPTOGRAPHIC POLICY ENFORCEMENT
9 Assignments
0 Petitions
Accused Products
Abstract
Objects can be extracted from data flows captured by a capture device. In one embodiment, the invention includes assigning to each captured object a cryptographic status based on whether the captured object is encrypted. In one embodiment, the invention further includes determining whether the object violated a cryptographic policy using the assigned cryptographic status of the object.
171 Citations
52 Claims
-
1-32. -32. (canceled)
-
33. A method, comprising:
-
capturing packets in a network environment; assembling an object from the captured packets; determining whether the object is encrypted; and assigning a cryptographic status to the object, wherein the cryptographic status is provided for the object based, at least, on a statistical analysis of bytes in the object. - View Dependent Claims (34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44)
-
-
45. A capture system, comprising:
-
a packet capture module configured to capture packets in a network environment; an object assembly module configured to assemble an object from the captured packets; and a cryptographic analyzer configured to determine a cryptographic status of the object, wherein the cryptographic status is based, at least, on a statistical analysis of bytes in the object. - View Dependent Claims (46, 47, 48)
-
-
49. A non-transitory medium having stored thereon data representing instructions configured for execution by a processor of a capture system, the instructions causing the capture system to perform operations comprising:
-
assembling an object from packets captured in a network environment; determining whether the object is encrypted; and identifying a cryptographic status of the object, wherein the cryptographic status is based, at least, on a statistical analysis of bytes in the object. - View Dependent Claims (50, 51, 52)
-
Specification