Detecting Compromised Certificate Authority
First Claim
Patent Images
1. A computer-implemented method comprising:
- receiving over time reports containing data describing certificate authority certificates captured from messages exchanged between clients and servers;
storing metadata and statistics for certificates contained in the reports; and
determining whether a certificate authority has been compromised based on the metadata and statistics.
1 Assignment
0 Petitions
Accused Products
Abstract
A computer-implemented method is provided to detect a compromised Certificate Authority (CA). Over time reports are received containing data describing certificate authority certificates captured from messages exchanged between clients and servers. These reports may be received by a central computing entity. Metadata and statistics for certificates contained in the reports are stored. It is determined whether a certificate authority has been compromised based on the metadata and statistics.
-
Citations
20 Claims
-
1. A computer-implemented method comprising:
-
receiving over time reports containing data describing certificate authority certificates captured from messages exchanged between clients and servers; storing metadata and statistics for certificates contained in the reports; and determining whether a certificate authority has been compromised based on the metadata and statistics. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. An apparatus comprising:
-
a network interface unit configured to enable communications over a network; a memory; a processor coupled to the network interface unit and the memory, wherein the processor is configured to; receive over time reports containing data describing certificate authority certificates captured from messages exchanged between clients and servers; store in the memory metadata and statistics for certificates contained in the reports; and determine whether a certificate authority has been compromised based on the metadata and statistics. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. One or more non-transitory computer readable storage media encoded with instructions that, when executed by a processor, cause the processor to:
-
receive over time reports containing data describing certificate authority certificates captured from messages exchanged between clients and servers; store in a memory metadata and statistics for certificates contained in the reports; and determine whether a certificate authority has been compromised based on the metadata and statistics. - View Dependent Claims (17, 18, 19, 20)
-
Specification