AUTHENTICATION POLICY ENFORCEMENT

摘要

A method of operating a network message interceptor for enforcing an authentication policy for communication over a network between first and second network endpoints, the interceptor being in communication with the network and external to the first and second endpoints, the network including transport layer security, the method comprising the steps of: intercepting a handshake message transmitted over the network between the first and second endpoints; extracting a certificate for an authenticating one of the endpoints from the handshake message; determining a validity status of the certificate for confirming an identity of the authenticating endpoint; and preventing communication between the first and second endpoints based on a negatively determined validity status of the certificate.

主权项

1. A method of operating a network message interceptor for enforcing an authentication policy for communication over a network between first and second network endpoints, the network message interceptor being in communication with the network and external to the first and second network endpoints, the network including transport layer security, the method comprising the steps of:
intercepting, by one or more processors, a handshake message transmitted over the network between the first and second network endpoints; extracting, by one or more processors, a certificate for authenticating one of the first and second network endpoints, from the handshake message, as an authenticating endpoint; determining, by one or more processors, a validity status of the certificate for confirming an identity of the authenticating endpoint; and preventing, by one or more processors, communication between the first and second network endpoints based on a negatively determined validity status of the certificate.