×

METHODS FOR INSPECTING SECURITY CERTIFICATES BY NETWORK SECURITY DEVICES TO DETECT AND PREVENT THE USE OF INVALID CERTIFICATES

  • US 20120167212A1
  • Filed: 03/04/2012
  • Published: 06/28/2012
  • Est. Priority Date: 01/20/2009
  • Status: Active Grant
First Claim
Patent Images

1. A method for inspecting security certificates, the method comprising the steps of:

  • (a) scanning, by a network security device, messages of a security protocol between a server and a client system, by steps including;

    (i) scanning said messages for an object ID (OID) of a compromised cryptographic hash function, and(ii) scanning said messages for an OID of a certificate extension;

    (b) detecting said messages having a security certificate;

    (c) detecting suspicious security certificates from said messages; and

    (d) aborting particular sessions of said security protocol associated with said suspicious security certificates.

View all claims
  • 0 Assignments
Timeline View
Assignment View
    ×
    ×