公开(公告)号：US08452956B1

公开(公告)日：2013-05-28

申请号：US12390113

申请日：2009-02-20

申请人： Edward C. Kersey ,  James W. O'Toole, Jr. ,  Bradley Dale Dike ,  Patrick Darrell Tate ,  Eric A. Fritzges ,  Andre Justin Pecqueur ,  Bruce F. Wong ,  Hema M. Prasad ,  Shaheed Bacchus ,  Larry David Bisel

发明人： Edward C. Kersey ,  James W. O'Toole, Jr. ,  Bradley Dale Dike ,  Patrick Darrell Tate ,  Eric A. Fritzges ,  Andre Justin Pecqueur ,  Bruce F. Wong ,  Hema M. Prasad ,  Shaheed Bacchus ,  Larry David Bisel

IPC分类号： H04L29/06

CPC分类号： H04L63/0471 ,  H04L9/14 ,  H04L9/321 ,  H04L9/3263 ,  H04L63/0281 ,  H04L63/0428 ,  H04L63/0464 ,  H04L63/10 ,  H04L2209/56 ,  H04L2209/76

摘要： A data security device for providing a network transport connection via a transparent network proxy that employs different encryption security mediums along a communications session between two endpoints by emulating one of the endpoints at an intermediate node such that the communication session appears as an atomic, secure connection to the endpoints yet provides appropriate security over the end-to-end connection. A sender node sends a connection request to establish a secure communication session with an intended receiver node. A transparent proxy on an intermediate node receives the request and establishes the link employing an encryption mechanism. The transparent proxy establishes a second link with the intended receiver, and applies a second, less expensive encryption mechanism. The transparent proxy combines the two links to form the trusted, secure connection but incurring only the mitigated expense over the second link.

公开(公告)号：US07506368B1

公开(公告)日：2009-03-17

申请号：US10365940

申请日：2003-02-13

申请人： Edward C. Kersey ,  James W. O'Toole, Jr. ,  Bradley Dale Dike ,  Patrick Darrell Tate ,  Eric A. Fritzges ,  Andre Justin Pecqueur ,  Bruce F. Wong ,  Hema M. Prasad ,  Shaheed Bacchus ,  Larry David Bisel

发明人： Edward C. Kersey ,  James W. O'Toole, Jr. ,  Bradley Dale Dike ,  Patrick Darrell Tate ,  Eric A. Fritzges ,  Andre Justin Pecqueur ,  Bruce F. Wong ,  Hema M. Prasad ,  Shaheed Bacchus ,  Larry David Bisel

IPC分类号： G06F9/00 ,  G06F15/16 ,  G06F17/00

CPC分类号： H04L63/0471 ,  H04L9/14 ,  H04L9/321 ,  H04L9/3263 ,  H04L63/0281 ,  H04L63/0428 ,  H04L63/0464 ,  H04L63/10 ,  H04L2209/56 ,  H04L2209/76

摘要： A data security device for providing a network transport connection via a transparent network proxy that employs different encryption security mediums along a communications session between two endpoints by emulating one of the endpoints at an intermediate node such that the communication session appears as an atomic, secure connection to the endpoints yet provides appropriate security over the end-to-end connection. A sender node sends a connection request to establish a secure communication session with an intended receiver node. A transparent proxy on an intermediate node receives the request and establishes the link employing an encryption mechanism. The transparent proxy establishes a second link with the intended receiver, and applies a second, less expensive encryption mechanism. The transparent proxy combines the two links to form the trusted, secure connection but incurring only the mitigated expense over the second link.

摘要翻译： 一种数据安全装置，用于经由透明网络代理提供网络传输连接，所述透明网络代理通过在中间节点处仿真所述端点之一来沿着两个端点之间的通信会话采用不同的加密安全介质，使得所述通信会话显示为原子安全连接 端到端提供了端到端连接的适当安全性。 发送方节点发送连接请求以建立与预期接收方节点的安全通信会话。 中间节点上的透明代理接收请求，并使用加密机制建立链路。 透明代理与预期的接收器建立第二个链接，并应用第二个较便宜的加密机制。 透明代理将两个链接组合在一起形成可信赖的安全连接，但仅在第二个链接上承担减轻的费用。

公开(公告)号：US08332625B2

公开(公告)日：2012-12-11

申请号：US13215183

申请日：2011-08-22

申请人： Eric A. Fritzges ,  Larry D. Bisel ,  Edward C. Kersey ,  Patrick D. Tate ,  Bruce F. Wong ,  Bradley D. Dike ,  Andre Justin Pecqueur ,  Shaheed Bacchus

发明人： Eric A. Fritzges ,  Larry D. Bisel ,  Edward C. Kersey ,  Patrick D. Tate ,  Bruce F. Wong ,  Bradley D. Dike ,  Andre Justin Pecqueur ,  Shaheed Bacchus

IPC分类号： H04L29/06

CPC分类号： H04L63/0428 ,  H04L63/166

摘要： A method, apparatus and computer program product for providing failover capability of cached secure sessions is presented. A cached secure session involving a first device and a second device is identified. The cached secure session is encrypted and replicated to a failover device. The encrypted session is then decrypted on the failover to device. An occurrence of a hot failover involving the second device is detected, and processing resumes between the first device and the failover device.

摘要翻译： 提出了一种用于提供缓存安全会话的故障转移功能的方法，设备和计算机程序产品。 识别涉及第一设备和第二设备的缓存安全会话。 缓存的安全会话被加密并复制到故障切换设备。 加密会话然后在故障转移到设备上解密。 检测到涉及第二设备的热故障切换的发生，并且处理在第一设备和故障切换设备之间恢复。

公开(公告)号：US20110307692A1

公开(公告)日：2011-12-15

申请号：US13215183

申请日：2011-08-22

申请人： Eric A. Fritzges ,  Larry D. Bisel ,  Edward C. Kersey ,  Patrick D. Tate ,  Bruce F. Wong ,  Bradley D. Dike ,  Andre Justin Pecqueur ,  Shaheed Bacchus

发明人： Eric A. Fritzges ,  Larry D. Bisel ,  Edward C. Kersey ,  Patrick D. Tate ,  Bruce F. Wong ,  Bradley D. Dike ,  Andre Justin Pecqueur ,  Shaheed Bacchus

IPC分类号： H04L9/00

CPC分类号： H04L63/0428 ,  H04L63/166

摘要： A method, apparatus and computer program product for providing failover capability of cached secure sessions is presented. A cached secure session involving a first device and a second device is identified. The cached secure session is encrypted and replicated to a failover device. The encrypted session is then decrypted on the failover to device. An occurrence of a hot failover involving the second device is detected, and processing resumes between the first device and the failover device

摘要翻译： 提出了一种用于提供缓存安全会话的故障转移功能的方法，设备和计算机程序产品。 识别涉及第一设备和第二设备的缓存安全会话。 缓存的安全会话被加密并复制到故障切换设备。 加密会话然后在故障转移到设备上解密。 检测到涉及第二设备的热故障切换的发生，并且处理在第一设备和故障切换设备之间恢复

公开(公告)号：US08006091B2

公开(公告)日：2011-08-23

申请号：US11032353

申请日：2005-01-10

申请人： Eric A. Fritzges ,  Larry D. Bisel ,  Edward C. Kersey ,  Patrick D. Tate ,  Bruce F. Wong ,  Bradley D. Dike ,  Andre Justin Pecqueur ,  Shaheed Bacchus

发明人： Eric A. Fritzges ,  Larry D. Bisel ,  Edward C. Kersey ,  Patrick D. Tate ,  Bruce F. Wong ,  Bradley D. Dike ,  Andre Justin Pecqueur ,  Shaheed Bacchus

IPC分类号： H04L9/00

CPC分类号： H04L63/0428 ,  H04L63/166

摘要： A method, apparatus and computer program product for providing failover capability of cached secure sessions is presented. A cached secure session involving a first device and a second device is identified. The cached secure session is encrypted and replicated to a failover device. The encrypted session is then decrypted on the failover device. An occurrence of a hot failover involving the second device is detected, and processing resumes between the first device and the failover device.

摘要翻译： 提出了一种用于提供缓存安全会话的故障转移功能的方法，设备和计算机程序产品。 识别涉及第一设备和第二设备的缓存安全会话。 缓存的安全会话被加密并复制到故障切换设备。 加密会话然后在故障切换设备上解密。 检测到涉及第二设备的热故障切换的发生，并且处理在第一设备和故障切换设备之间恢复。