Authentication of unknown parties in secure computer communications
First Claim
1. A computer-implemented method of authenticating a party for secure computer communication, the method comprising:
- a first computer receiving an SSL certificate from a second computer over a computer network, the second computer initiating a secure computer communication with the first computer over the computer network in accordance with SSL protocol, the second computer being an unknown party to the first computer and not authenticated by a certificate authority;
the first computer locally processing the SSL certificate in the first computer to determine a trustworthiness of the second computer even without necessarily having to consult a remotely located public whitelist of trusted parties;
the first computer converting the SSL certificate into an input vector having fields of the SSL certificate as features;
the first computer using the input vector to classify the SSL certificate to determine the trustworthiness of the SSL certificate;
wherein the first computer locally processing the SSL certificate to determine the trustworthiness of the second computer comprises;
the first computer extracting the fields of the SSL certificate; and
the first computer taking a hash of each of the fields to create input data; and
wherein the first computer provides the input data to a model configured to determine if the SSL certificate is a trusted or non-trusted digital certificate.
1 Assignment
0 Petitions
Accused Products
Abstract
Authentication of an unknown party in a secure computer communication may be performed even without consulting a public whitelist of trusted parties. A digital certificate from an unknown party not authenticated by a trusted certificate authority may be locally processed to determine if the digital certificate is a trusted, non-trusted, or unknown digital certificate. For example, a model may be created by training a support vector machine to classify a digital certificate. The model may be provided to a computer involved in secure computer communication. The computer may receive an incoming digital certificate, extract fields from the incoming digital certificate, and take a hash of the extracted fields perform input data that may be employed by the model to determine if the incoming digital certificate is a trusted, non-trusted, or unknown digital certificate.
-
Citations
9 Claims
-
1. A computer-implemented method of authenticating a party for secure computer communication, the method comprising:
-
a first computer receiving an SSL certificate from a second computer over a computer network, the second computer initiating a secure computer communication with the first computer over the computer network in accordance with SSL protocol, the second computer being an unknown party to the first computer and not authenticated by a certificate authority; the first computer locally processing the SSL certificate in the first computer to determine a trustworthiness of the second computer even without necessarily having to consult a remotely located public whitelist of trusted parties; the first computer converting the SSL certificate into an input vector having fields of the SSL certificate as features; the first computer using the input vector to classify the SSL certificate to determine the trustworthiness of the SSL certificate;
wherein the first computer locally processing the SSL certificate to determine the trustworthiness of the second computer comprises;
the first computer extracting the fields of the SSL certificate; and
the first computer taking a hash of each of the fields to create input data; and
wherein the first computer provides the input data to a model configured to determine if the SSL certificate is a trusted or non-trusted digital certificate. - View Dependent Claims (2, 3, 4)
-
-
5. A computer-implemented method of authenticating a party for secure computer communication, the method comprising:
-
a first computer receiving a digital certificate from a second computer over a computer network, the second computer initiating a secure computer communication with the first computer over the computer network, the second computer being an unknown party to the first computer and not authenticated by a certificate authority; the first computer processing the digital certificate in the first computer to determine a trustworthiness of the second computer even without necessarily having to consult a remotely located public whitelist of trusted parties; the first computer converting the digital certificate into an input vector having fields of the digital certificate as features; the first computer using the input vector to classify the digital certificate to determine the trustworthiness of the digital certificate;
wherein the first computer processing the digital certificate to determine the trustworthiness of the second computer comprises;
the first computer extracting the fields of the digital certificate; and
the first computer taking a hash of each of the fields to create input data; and
wherein the first computer provides the input data to a model configured to determine if the digital certificate is a trusted or non-trusted digital certificate. - View Dependent Claims (6, 7, 8, 9)
-
Specification