Methods and systems for non-intrusive analysis of secure communications

US 9,137,215 B2
Filed: 12/19/2011
Issued: 09/15/2015
Est. Priority Date: 05/30/2003
Status: Expired due to Fees

First Claim

Patent Images

1. A method for non-intrusive real-time analysis of secure communications between at least one first application and at least one second application, wherein the first and second applications communicate through a communication channel, comprising:

non-intrusively and securely capturing a plurality of secure communications between the at least one first application and the at least one second application;

processing the plurality of communications to process communications from at least one physical layer to at least one network layer;

grouping the plurality of communications into a plurality of streams and adding connection meta information to each stream, wherein each stream represents a single network connection;

creating a plurality of transactions from the communications included in the plurality of streams, wherein at least one stream within the plurality of streams is encrypted; and

decrypting the at least one encrypted stream.

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and Systems for non-intrusive real-time analysis of secure communications between a first application and a second application, wherein the first and second applications communicate through a communication channel. A plurality of secure communications between the first application and the second application is non-intrusively and securely captured. The plurality of communications is processed to process communications from a physical layer to a network layer. The plurality of communications is grouped into a plurality of streams and connection meta information is added to each stream, wherein each stream represents a single network connection. A plurality of transactions is created from the communications included in the plurality of streams, wherein a stream within the plurality of streams is encrypted, and the encrypted stream is decrypted.

33 Citations

12 Claims

1. A method for non-intrusive real-time analysis of secure communications between at least one first application and at least one second application, wherein the first and second applications communicate through a communication channel, comprising:
- non-intrusively and securely capturing a plurality of secure communications between the at least one first application and the at least one second application;
  
  processing the plurality of communications to process communications from at least one physical layer to at least one network layer;
  
  grouping the plurality of communications into a plurality of streams and adding connection meta information to each stream, wherein each stream represents a single network connection;
  
  creating a plurality of transactions from the communications included in the plurality of streams, wherein at least one stream within the plurality of streams is encrypted; and
  
  decrypting the at least one encrypted stream.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, wherein processing the plurality of communications further comprises forming a first plurality of information units, wherein each information unit comprises application level information, identification data, and monitoring data.
  - 3. The method of claim 2, wherein each information unit comprises a transaction.
  - 4. The method of claim 1, wherein the analyzing comprises performing processing associated with parsing the application level information of at least one of a second plurality of information units.
  - 5. The method of claim 1, wherein the decrypting further comprises performing processing associated with generating a session key from a previously provided pre-master secret.
  - 6. The method of claim 1, further comprising performing processing associated with using the hierarchical data structure with a plug-in monitoring application selected from:
    - a session visualization application, a statistics module, a monitoring and alerting module, test script generation module, a service level validation module, a click path analysis module, or a customer support assistance application, or any combination thereof.

7. A system for non-intrusive real-time analysis of secure communications between a first application and a second application, wherein the first and second applications communicate through a communication channel, comprising:
- a processor configured for;
  
  non-intrusively and securely capturing a plurality of secure communications between at least one first application and at least one second application;
  
  processing the plurality of communications to process communications from at least one physical layer to at least one network layer;
  
  grouping the plurality of communications into a plurality of streams and adding connection meta information to each stream, wherein each stream represents a single network connection;
  
  creating a plurality of transactions from the communications included in the plurality of streams, wherein at least one stream within the plurality of streams is encrypted; and
  
  decrypting the at least one encrypted stream.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The system of claim 7, wherein processing the plurality of communications further comprises forming a first plurality of information units, wherein each information unit comprises application level information, identification data, and monitoring data.
  - 9. The system of claim 8, wherein each information unit comprises a transaction.
  - 10. The system of claim 7, wherein the analyzing comprises performing processing associated with parsing the application level information of at least one of a second plurality of information units.
  - 11. The system of claim 7, wherein the decrypting further comprises performing processing associated with generating a session key from a previously provided pre-master secret.
  - 12. The system of claim 7, further comprising performing processing associated with using the hierarchical data structure with a plug-in monitoring application selected from:
    - a session visualization application, a statistics module, a monitoring and alerting module, test script generation module, a service level validation module, a click path analysis module, or a customer support assistance application, or any combination thereof.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Borland Software Corporation (Open Text Corporation)
Original Assignee
Borland Software Corporation (Open Text Corporation)
Inventors
Greifeneder, Bernd, Reichl, Bernhard, Spiegl, Helmut, Schwarzbauer, Gunter
Primary Examiner(s)
Meky, Moustafa M

Application Number

US13/330,225
Publication Number

US 20120158987A1
Time in Patent Office

1,366 Days
Field of Search

709200-203, 709217-227, 709/231, 709/232, 709/233, 709/238
US Class Current

1/1
CPC Class Codes

G06F 2221/2119   Authenticating web pages, e...

G06F 2221/2145   Inheriting rights or proper...

H04L 63/0428   wherein the data content is...

H04L 63/1408   by monitoring network traff...

H04L 63/166   at the transport layer

Methods and systems for non-intrusive analysis of secure communications

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

33 Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

Methods and systems for non-intrusive analysis of secure communications

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

33 Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links