ES2410681B1 - Método y sistema para realizar análisis y control cuando se intercambian flujos de datos cifrados - Google Patents
Método y sistema para realizar análisis y control cuando se intercambian flujos de datos cifrados Download PDFInfo
- Publication number
- ES2410681B1 ES2410681B1 ES201131889A ES201131889A ES2410681B1 ES 2410681 B1 ES2410681 B1 ES 2410681B1 ES 201131889 A ES201131889 A ES 201131889A ES 201131889 A ES201131889 A ES 201131889A ES 2410681 B1 ES2410681 B1 ES 2410681B1
- Authority
- ES
- Spain
- Prior art keywords
- encrypted data
- encrypted
- user
- control
- channel
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn - After Issue
Links
- 238000000034 method Methods 0.000 title abstract 4
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/166—Implementing security features at a particular protocol layer at the transport layer
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0281—Proxies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/029—Firewall traversal, e.g. tunnelling or, creating pinholes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0464—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload using hop-by-hop encryption, i.e. wherein an intermediate entity decrypts the information and re-encrypts it before forwarding it
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0471—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload applying encryption by an intermediary, e.g. receiving clear information at the intermediary and encrypting the received information at the intermediary before forwarding
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Facsimiles In General (AREA)
Abstract
Sistema y método para realizar análisis y control eficaz cuando se intercambian flujos de datos cifrados.#En el método de la invención dichos flujos de datos cifrados se envían por medio de un canal cifrado principal entre un usuario y un servidor y hay un analizador de tráfico que intercepta el tráfico cifrado.#Comprende:#- establecer un primer canal cifrado entre dicho usuario y dicho analizador de tráfico usando parámetros de sesión de cifrado;#- analizar, dicho analizador de tráfico, al menos parte de los flujos de datos cifrados recibidos a través de dicho primer canal cifrado con el fin de determinar si debería permitirse la comunicación entre dicho usuario y dicho servidor;#- realizar, dicho analizador de tráfico, un traspaso de dichos parámetros de sesión de cifrado entre dicho servidor y dicho usuario si se determina que se permite dicha comunicación; y#- establecer dicho canal cifrado principal usando al menos dichos primeros parámetros de sesión de cifrado.#El sistema de la invención está dispuesto para implementar el método de la invención.
Description
Claims (1)
-
imagen1 imagen2 imagen3
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| ES201131889A ES2410681B1 (es) | 2011-11-23 | 2011-11-23 | Método y sistema para realizar análisis y control cuando se intercambian flujos de datos cifrados |
| PCT/EP2012/072074 WO2013075948A1 (en) | 2011-11-23 | 2012-11-07 | A method and a system to perform analysis and control when exchanging ciphered data flows |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| ES201131889A ES2410681B1 (es) | 2011-11-23 | 2011-11-23 | Método y sistema para realizar análisis y control cuando se intercambian flujos de datos cifrados |
Publications (3)
| Publication Number | Publication Date |
|---|---|
| ES2410681A2 ES2410681A2 (es) | 2013-07-02 |
| ES2410681R1 ES2410681R1 (es) | 2013-12-18 |
| ES2410681B1 true ES2410681B1 (es) | 2014-12-16 |
Family
ID=47324041
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| ES201131889A Withdrawn - After Issue ES2410681B1 (es) | 2011-11-23 | 2011-11-23 | Método y sistema para realizar análisis y control cuando se intercambian flujos de datos cifrados |
Country Status (2)
| Country | Link |
|---|---|
| ES (1) | ES2410681B1 (es) |
| WO (1) | WO2013075948A1 (es) |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20040015725A1 (en) * | 2000-08-07 | 2004-01-22 | Dan Boneh | Client-side inspection and processing of secure content |
| US6988147B2 (en) * | 2001-05-31 | 2006-01-17 | Openwave Systems Inc. | Method of establishing a secure tunnel through a proxy server between a user device and a secure server |
| GB2378009B (en) * | 2001-07-27 | 2005-08-31 | Hewlett Packard Co | Method of establishing a secure data connection |
| US8214635B2 (en) * | 2006-11-28 | 2012-07-03 | Cisco Technology, Inc. | Transparent proxy of encrypted sessions |
| US8190879B2 (en) * | 2009-12-17 | 2012-05-29 | Cisco Technology, Inc. | Graceful conversion of a security to a non-security transparent proxy |
-
2011
- 2011-11-23 ES ES201131889A patent/ES2410681B1/es not_active Withdrawn - After Issue
-
2012
- 2012-11-07 WO PCT/EP2012/072074 patent/WO2013075948A1/en not_active Ceased
Also Published As
| Publication number | Publication date |
|---|---|
| ES2410681R1 (es) | 2013-12-18 |
| ES2410681A2 (es) | 2013-07-02 |
| WO2013075948A1 (en) | 2013-05-30 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CL2014000495A1 (es) | Metodo y sistema para determinar la localizacion de un dispositivo movil y utilizar dicha localizacion para controlar el acceso al servicio de contenido, donde el metodo comprende comunicar una solicitud de contenido de un dispositivo movil a una cabecera de red, solicitar los datos de localizacion por coordenadas geograficas del dispositivo movil y controlar dicho dispositivo en respuesta a una primera, segunda y tercera region geografica asociadas al dispositivo. | |
| CL2017000865A1 (es) | Métodos, aparatos y sistemas para análisis de redes | |
| BR112018068975A2 (pt) | seleção de classe de prioridade de acesso a canal | |
| EP2982216A4 (en) | DEVICE, SYSTEM AND METHOD FOR CENTRALIZED TRAFFIC CIRCUIT FOR A USER DEVICE | |
| BR112018002250A2 (pt) | métodos para permuta de capacidade de conexão | |
| MX360484B (es) | Capa de red eficiente para protocolo ipv6. | |
| BR112018001939A2 (pt) | sistema de gerenciamento de acesso a uma rede wifi, método de gerenciamento de acesso a uma rede wifi, e meio legível não transitório | |
| WO2012096532A3 (ko) | 무선 통신 시스템에서 채널상태정보 측정 자원 설정 방법 및 장치 | |
| BR112013016988A2 (pt) | métodos para transportar uma pluralidade de fluxos de mídia sobre um portador mbms compartilhado em um sistema de comunicação conforme 3gpp | |
| EP4243372A3 (en) | Method and system for intercepting and decrypting fingerprint protected media traffic | |
| GB2548037A (en) | Network service header metadata for load balancing | |
| BR112016028758A2 (pt) | controle de feedback para comunicações d2d | |
| BR112014027950A2 (pt) | método, sistema e aparelho para troca de dados entre dispositivos de cliente. | |
| BRPI0813767A2 (pt) | entidade de gerenciamento de mobilidade, dispositivo de telecomunicações móvel, métodos para operar equipamento de usuário em uma rede de telecomunicações e para fornecer serviço de voz, e, rede de acesso via rádio terrestre do sistema de telecomunicações móvel universal evoluído. | |
| EP3018852A4 (en) | METHOD FOR DETERMINING A PRE-CODING MATRIX INDICATOR, RECEPTOR DEVICE AND TRANSMISSION DEVICE | |
| AR086967A1 (es) | Sistema y metodo de autenticacion para el acceso a servicios | |
| IN2014MN01490A (es) | ||
| AR109218A1 (es) | Métodos y aparatos para la operación de por lo menos una unidad de red o un dispositivo de red en un sistema de comunicación inalámbrica, y unidades y dispositivos de red | |
| GB2545824A (en) | Surfactant selection methods for wetting alteration in subterranean formations | |
| EP3777066C0 (en) | PDU SESSION FOR ENCRYPTED TRAFFIC DETECTION | |
| FR2956541B1 (fr) | Procede cryptographique de communication d'une information confidentielle. | |
| BR112019006507A2 (pt) | método em um nó de rede, método em um dispositivo sem fio, nó de rede e dispositivo sem fio | |
| BRPI1006123A2 (pt) | "método e dispositivo para recepção de caracteres de controle, e dispositivo para transmissão do mesmo". | |
| EP2621134A4 (en) | METHOD FOR TRANSMITTING AND RECEIVING DATA TRAFFIC PACKAGES AND DEVICE AND SYSTEM THEREFOR | |
| ATE477638T1 (de) | Verfahren, system und einrichtung zum behandeln über einen von ue und externen geräten gemeinsam benutzten chiffrierschlüssel |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| FG2A | Definitive protection |
Ref document number: 2410681 Country of ref document: ES Kind code of ref document: B1 Effective date: 20141216 |
|
| FA2A | Application withdrawn |
Effective date: 20150415 |