首页>
外国专利>
METHOD AND SYSTEM FOR ANALYSING AND FILTERING HTTPS TRAFFIC IN CORPORATE NETWORKS
METHOD AND SYSTEM FOR ANALYSING AND FILTERING HTTPS TRAFFIC IN CORPORATE NETWORKS
展开▼
机译:企业网络中HTTPS流量的分析和过滤方法及系统
展开▼
页面导航
摘要
著录项
相似文献
摘要
The proxy system according to the present invention, consists of forwarding the content of the HTTPS requests in an unusual way, by automatically generating a new certificate for the requested destination server. This new certificate is faked. It is signed by a corporate internal Certificate Authority (CA). The new certificate is included in the response sent by the proxy to the client during the SSL session establishment (according to the SSL protocol, the destination server, which in this case will be the proxy server, identifies itself using a certificate). The request is then transparently forwarded to the destination server as a normal or standard HTTP Proxy server does. To prevent clients from detecting this 'man-in-the middle attack', the internal corporate Certificate Authority (CA) used to sign the 'fake' certificates, must be included in the list of Certificates Authorities recognized by the clients in the corporate network.
展开▼