Browse Prior Art Database

Method to prevent or monitor data loss from endpoint HTTPS channel using local proxy server

IP.com Disclosure Number: IPCOM000244539D
Publication Date: 2015-Dec-18
Document File: 4 page(s) / 391K

Publishing Venue

The IP.com Prior Art Database

Related People

Somesh Kelkar: INVENTOR [+2]

Abstract

This invention detects confidential data that is encrypted using SSL over HTTP protocol at endpoint machine level. The data sent by an application will be routed transparently to the local proxy server hosted by DLP engine. The data will be routed using HTTP tunneling mechanism. The proxy server will decrypt the data to be inspected by DLP engine.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 52% of the total text.

Page 01 of 4

Method to prevent or monitor data loss from endpoint HTTPS channel using local proxy server

Umesh Mankapure Somesh Kelkar

Symantec Corporation

Abstract

This invention detects confidential data that is encrypted using SSL over HTTP protocol at endpoint machine level. The data sent by an application will be routed transparently to the local proxy server hosted by DLP engine. The data will be routed using HTTP tunneling mechanism. The proxy server will decrypt the data to be inspected by DLP engine.

Copyright © 2015 Symantec Corporation. All rights reserved.

1


Page 02 of 4

Copyright © 2015 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. For a full list of Symantec trademarks, please visit http://www.symantec.com/about/profile/policies/trademarks/currentlist.jsp

Any Symantec products described in this document are distributed under licenses restricting their use, copying, distribution, and decompilation/reverse engineering. No part of this document may be reproduced in any form by any means without prior written authorization of Symantec Corporation and its licensors, if any.

THE DOCUMENTATION IS PROVIDED "AS IS" AND ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE HELD TO BE LEGALLY INVALID. SYMANTEC CORPORATION SHALL NOT BE LIABLE FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES IN CONNECTION WITH THE FURNISHING, PERFORMANCE, OR USE OF THIS DOCUMENTATION. THE INFORMATION CONTAINED IN THIS DOCUMENTATION IS SUBJECT TO CHANGE WITHOUT NOTICE.

Symantec Corporation 350 Ellis Street

Mountain View, CA 94043 United States http://www.symantec.com

2

Copyright © 2015 Symantec Corporation. All rights reserved.


Page 03 of 4

   Method to prevent or monitor data loss from endpoint HTTPS channel using local proxy server Problem Statement

Current mechanism to inspect HTTPS traffic at endpoint machine makes use of application supported plug-ins or by hooking applications APIs. The plug-in exhibits traffic capturing limitations imposed by application. The plug-in is specific to application and needs to be updated as newer version is released...