Tuning of SSL session caches based on SSL session IDS
First Claim
1. A method for managing a network communication, comprising:
- executing on one or more processors, actions including;
receiving a Secured Socket Layer (SSL) session identifier (ID) within an SSL handshake protocol message for establishing an SSL connection;
performing a reversible exclusive-or operation on the SSL session ID with a pre-determined ID associated with a network device to generate an other ID, wherein the other ID comprises a plurality of information associated with an operation for caching the SSL session ID and other information usable for re-establishing an SSL session;
determining, based on at least a portion of the other ID, a failure statistic associated with re-establishing the SSL session for the SSL connection; and
tuning the operation for caching based on the failure statistic.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods, systems, and apparatus are directed towards managing a network communication. A Secured Socket Layer (SSL) session identifier (ID) is received within an SSL handshake protocol message for establishing an SSL connection. The SSL session ID is combined with a pre-determined ID associated with a network device to generate another ID. The other ID may comprise a plurality of information associated with an operation for caching the SSL session ID and/or for caching other information usable in re-establishing an SSL session over the SSL connection. The plurality of information may comprise an expiration time, a cache line, a cache ID, and a unique ID. Based on at least a portion of the other ID, a failure statistic associated with re-establishing the SSL session for the SSL connection is determined. A session cache and/or the operation for caching are tuned based on the failure statistic.
-
Citations
14 Claims
-
1. A method for managing a network communication, comprising:
-
executing on one or more processors, actions including; receiving a Secured Socket Layer (SSL) session identifier (ID) within an SSL handshake protocol message for establishing an SSL connection; performing a reversible exclusive-or operation on the SSL session ID with a pre-determined ID associated with a network device to generate an other ID, wherein the other ID comprises a plurality of information associated with an operation for caching the SSL session ID and other information usable for re-establishing an SSL session; determining, based on at least a portion of the other ID, a failure statistic associated with re-establishing the SSL session for the SSL connection; and tuning the operation for caching based on the failure statistic. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A network communication management system comprising:
-
a memory that stores executable instructions, which when executed, manages a secure socket layer (SSL) session cache; and a processor that executes the stored machine executable instructions to manage the SSL session cache by performing actions including; generating an SSL session identifier for an SSL session within an SSL connection by performing a reversible exclusive-or operation using a first identifier and a second identifier as operands, at least a portion of the first identifier including SSL session information that can be used for of determining a failure statistic associated with re-establishing the SSL session; and sending or receiving the SSL session identifier during at least one SSL handshake to establish or re-establish the SSL session. - View Dependent Claims (8, 9, 10, 11, 12, 13, 14)
-
Specification