Encrypted content detection method and device

A technology for content detection and network equipment, applied in the field of communication, can solve the problems of high cost and high detection complexity, and achieve the effect of reducing detection cost and detection complexity

Active Publication Date: 2017-12-26
HUAWEI TECH CO LTD
View PDF4 Cites 18 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In this scheme of using two independent TLS secure channels, it is necessary to rely on the TLS proxy server, which will cause problems of high detection complexity and high cost

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Encrypted content detection method and device
  • Encrypted content detection method and device
  • Encrypted content detection method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0060] The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are some of the embodiments of the present invention, but not all of them. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of the present invention.

[0061] TLS is used to provide confidentiality and data integrity between two communicating applications. The basic process of the TLS protocol is: (1) the client asks and verifies the public key from the server; (2) the two parties negotiate to generate a "session key" ("session key" is also called "master key"); (3) Both parties use "session key" for encrypted communication. The first two steps of the above process are also called "handshake phase". ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention provides an encrypted content detection method and device. The method comprises the steps that a middle box network device receives key information of a TLS (Transport Layer Security) channel through a first security channel, wherein the key information is sent by a key manager; the middle box network device obtain encrypted application data according to quintuple information of the TLS channel, wherein the encrypted application data is transmitted through the TLS channel; and the middle box network device decrypts the encrypted application through adoption of a session key and detects decrypted content. According to the encrypted content detection method provided by the invention, the encrypted application data is decrypted through the middle box network device and the decrypted application data is detected through the middle box network device, so the detection of the encrypted content no longer depends on a TLS proxy server, the detection complexity can be reduced, and the detection cost can be reduced.

Description

technical field [0001] The present invention relates to the communication field, and more specifically, to a method for detecting encrypted content, a key manager, a middle box network device and a server. Background technique [0002] The wide application of cloud technology enables more and more enterprises to deploy cloud services in a data center network (Data Center Network, DCN). In order to protect the security of user information privacy, DCN provides a Transport Layer Security (TLS) encrypted access cloud service. At the same time, in order to protect the security of the business itself, a security resource pool is deployed at the egress of the DCN, including a firewall (FireWall, FW), an intrusion prevention system (Intrusion Prevention System, IPS), and a distributed denial of service (Distributed Denial of Service, DDoS) defense , virus detection, network behavior monitoring, etc. [0003] While TLS is used to provide confidentiality and data integrity between ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/08
CPCH04L63/0428H04L63/067H04L63/083H04L63/166H04L63/18H04L67/14H04L67/562H04L9/083H04L9/0869H04L63/0485H04L63/0464H04L9/40H04L65/40
Inventor 谢于明张波黄志钢尤建洁汪洋
Owner HUAWEI TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap