SSL validation and stripping using trustworthiness factors
First Claim
Patent Images
1. A computer-implemented method for thwarting computer attacks, said method comprising the steps of:
- examining a digital certificate presented by a server computer in response to a secure sockets layer (SSL) session initiated by a client computer;
compiling a set of suspicion indications gleaned from said examining step;
feeding said suspicion indications to a trustworthiness calculation engine;
outputting from said engine a trustworthiness factor that indicates a suspicion that the digital certificate is part of a computer attack;
determining whether to use SSL stripping on communications with said server computer responsive to an evaluation of said trustworthiness factor; and
responsive to a positive determination to use SSL stripping, performing SSL stripping on communications between said client computer and said server computer.
2 Assignments
0 Petitions
Accused Products
Abstract
Computer-implemented methods, apparati, and computer-readable media for thwarting computer attacks. A method embodiment of the present invention comprises the steps of examining (52) a digital certificate (20) presented by a server computer (2); compiling (53) a set of suspicion indications (31) gleaned from said examining step (52); feeding (54) said suspicion indications (31) to a trustworthiness calculation engine (30); and outputting from said engine (30) a trustworthiness factor (32) that determines whether SSL stripping is to be used (57) on communications with said server computer (2).
181 Citations
20 Claims
-
1. A computer-implemented method for thwarting computer attacks, said method comprising the steps of:
-
examining a digital certificate presented by a server computer in response to a secure sockets layer (SSL) session initiated by a client computer; compiling a set of suspicion indications gleaned from said examining step; feeding said suspicion indications to a trustworthiness calculation engine; outputting from said engine a trustworthiness factor that indicates a suspicion that the digital certificate is part of a computer attack; determining whether to use SSL stripping on communications with said server computer responsive to an evaluation of said trustworthiness factor; and responsive to a positive determination to use SSL stripping, performing SSL stripping on communications between said client computer and said server computer. - View Dependent Claims (2, 3, 4, 5)
-
-
6. At least one non-transitory computer-readable storage medium containing executable computer program instructions for thwarting computer attacks, said computer program instructions performing the steps of:
-
examining a digital certificate presented by a server computer in response to a secure sockets layer (SSL) session initiated by a client computer; compiling a set of suspicion indications gleaned from said examining step; feeding said suspicion indications to a trustworthiness calculation engine; outputting from said engine a trustworthiness factor that indicates a suspicion that the digital certificate is part of a computer attack; determining whether to use SSL stripping on communications with said server computer responsive to an evaluation of said trustworthiness factor; and responsive to a positive determination to use SSL stripping, performing SSL stripping on communications between said client computer and said server computer. - View Dependent Claims (7, 8, 9, 10)
-
-
11. An apparatus for thwarting computer attacks, said apparatus comprising:
at least one non-transitory computer-readable storage medium containing executable computer program instructions, said computer program instructions performing the steps of; examining a digital certificate presented by a server computer in response to a secure sockets layer (SSL) session initiated by a client computer; compiling a set of suspicion indications gleaned from said examining step; feeding said suspicion indications to a trustworthiness calculation engine; outputting from said engine a trustworthiness factor that indicates a suspicion that the digital certificate is part of a computer attack; determining whether to use SSL stripping on communications with said server computer responsive to an evaluation of said trustworthiness factor; and responsive to a positive determination to use SSL stripping, performing SSL stripping on communications between said client computer and said server computer. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
Specification