Processing

Please wait...

Settings

Settings

Goto Application

1. WO2020112414 - APPLYING APPLICATION LAYER POLICY TO TRANSPORT LAYER SECURITY REQUESTS SYSTEMS AND METHODS

Publication Number WO/2020/112414
Publication Date 04.06.2020
International Application No. PCT/US2019/062027
International Filing Date 18.11.2019
IPC
H04L 29/06 2006.01
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
29Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/-H04L27/136
02Communication control; Communication processing
06characterised by a protocol
CPC
G06F 9/45533
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
9Arrangements for program control, e.g. control units
06using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
44Arrangements for executing specific programs
455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
45533Hypervisors; Virtual machine monitors
H04L 63/0245
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
02for separating internal from external traffic, e.g. firewalls
0227Filtering policies
0245Filtering by information in the payload
H04L 63/105
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
10for controlling access to network resources
105Multiple levels of security
H04L 63/1466
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
14for detecting or protecting against malicious traffic
1441Countermeasures against malicious traffic
1466Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
H04L 63/166
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
16Implementing security features at a particular protocol layer
166at the transport layer
H04L 63/168
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
16Implementing security features at a particular protocol layer
168above the transport layer
Applicants
  • CITRIX SYSTEMS, INC. [US]/[US]
Inventors
  • PENNER, Andrew
  • KANEKAR, Tushar
Agents
  • MCKENNA, Christopher J.
  • PUA, Meng H.
Priority Data
16/203,12028.11.2018US
Publication Language English (EN)
Filing Language English (EN)
Designated States
Title
(EN) APPLYING APPLICATION LAYER POLICY TO TRANSPORT LAYER SECURITY REQUESTS SYSTEMS AND METHODS
(FR) SYSTÈMES ET PROCÉDÉS D’APPLICATION D’UNE POLITIQUE DE COUCHE D’APPLICATION À DES DEMANDES DE SÉCURITÉ DE COUCHE DE TRANSPORT
Abstract
(EN)
Systems and methods for applying an application layer policy to a transport layer security request are provided. A device, intermediary to one or more clients and one or more servers, can receive a transport layer security (TLS) request to establish a TLS connection between a client of the one or more clients and a server of the one or more servers. The TLS request can include an application layer request to a resource of the server. The device can apply an application layer policy to the application layer request of the TLS request. The device can determine, responsive to applying the application layer policy, whether to one of accept or reject at least the application layer request of the TLS request.
(FR)
La présente invention concerne des systèmes et des procédés pour appliquer une politique de couche d’application à une demande de sécurité de couche de transport. Un dispositif, intermédiaire à un ou plusieurs clients et à un ou plusieurs serveurs, peut recevoir une demande de sécurité de couche de transport (TLS) pour établir une connexion TLS entre un client parmi le ou les clients et un serveur parmi le ou les serveurs. La demande TLS peut comprendre une demande de couche d’application à une ressource du serveur. Le dispositif peut appliquer une politique de couche d’application à la demande de couche d’application de la demande TLS. Le dispositif peut déterminer, en réponse à l’application de la politique de couche d’application, d’accepter ou de rejeter au moins la demande de couche d’application de la demande TLS.
Also published as
Latest bibliographic data on file with the International Bureau