| 发明名称 | Policy based trust of proxies | ||
| 摘要 | A proxy connect component establishes a connection with a proxy, and provides the proxy with a name of a host with which to establish a connection. A negotiation component negotiates a tunnel directly with the host, and a security component classifies the tunnel as at least one of a private-tunnel or a public-tunnel based at least in part on a set of privacy policies. If the tunnel is classified as a public-tunnel, then the proxy is provided a set of security credentials to inspect and/or modify data passing through the tunnel, or a NULL cipher is employed. If the tunnel is classified as a private-tunnel, then the proxy is not provided the security credentials to inspect and/or modify data passing through the tunnel. | ||
| 申请公布号 | US8978093(B1) | 申请公布日期 | 2015.03.10 |
| 申请号 | US201213463668 | 申请日期 | 2012.05.03 |
| 申请人 | Google Inc. | 发明人 | Peon Roberto |
| 分类号 | G06F17/00;H04L12/28 | 主分类号 | G06F17/00 |
| 代理机构 | Foley & Lardner LLP | 代理人 | Gordon Edward A.;Foley & Lardner LLP |
| 主权项 | 1. A system, comprising: a client comprising: a memory storing computer executable components; anda processor configured to execute the following computer executable components stored in the memory, the components comprising: a proxy connect component that establishes a first connection between the client and a proxy, and provides the proxy with a name of a host with which to establish a second connection;a negotiation component that negotiates directly with the host a tunnel between the client and the host through the proxy;a security component that classifies the tunnel as at least one of a private-tunnel or a public-tunnel based at least in part on a set of privacy policies;a credentials component configured to in response to the to the tunnel being classified as a public-tunnel, provide a set of security credentials for the public-tunnel to the proxy or employ a NULL cipher for encryption of communications between the client and the host; andin response to the tunnel being classified as a private-tunnel, encrypt communications between the client and the host through the proxy and does not provide a set of security credentials for the private-tunnel to the proxy; anda bypass component that in response to the tunnel being classified as a private-tunnel and a determination that the proxy has closed the private-tunnel, bypasses the proxy, and establishes a connection between the client and the host. | ||
| 地址 | Mountain View CA US | ||