Split termination of secure communication sessions with mutual certificate-based authentication

Split termination of secure communication sessions with mutual certificate-based authentication

A method and apparatus are provided for split-terminating a secure client-server communication connection when the client and server perform mutual authentication by exchanging certificates, such as within a Lotus Notes environment. When the client submits a certificate to the server, an intermediar...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: WASON PRASHANT, GUPTA NITIN, ADLER ROBERT
Format: Patent
Sprache:eng
Schlagworte:
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:A method and apparatus are provided for split-terminating a secure client-server communication connection when the client and server perform mutual authentication by exchanging certificates, such as within a Lotus Notes environment. When the client submits a certificate to the server, an intermediary device intercepts the certificate and submits to the server a substitute client certificate generated by that intermediary. A certificate authority's private key is previously installed on the intermediary to enable it to generate public keys, private keys and digital certificates. With the private key corresponding to the substitute certificate, the intermediary extracts a temporary key from a subsequent server message. The intermediary uses the temporary key to read a session key issued later by the server. Thereafter, the intermediary shares the session key with another intermediary, and together they use the session keys to access and optimize (e.g., accelerate) messages sent by the client and the server.