US Patent No. 10,659,441

DYNAMICALLY MANAGING, FROM A CENTRALIZED SERVICE, VALID CIPHER SUITES ALLOWED FOR SECURED SESSIONS


Patent No. 10,659,441
Issue Date May 19, 2020
Title Dynamically Managing, From A Centralized Service, Valid Cipher Suites Allowed For Secured Sessions
Inventorship Rinkesh I. Bansal, Pune (IN)
Shiv S. Jha, Pune (IN)
Sanjay B. Panchal, Mumbai (IN)
Mahesh S. Paradkar, Pune (IN)
Chintan Thaker, Pune (IN)
Assignee INTERNATIONAL BUSINESS MACHINES CORPORATION, Armonk, NY (US)

Claim of US Patent No. 10,659,441

1. A method, comprising:selecting, by a service interface of a secure socket layer (SSL) application hosted on at least one computer system in a hosted network, at least one authorized cipher suite;
negotiating, by an SSL socket of the SSL application with another SSL socket of another SSL application in the hosted network for a mutual cipher from among the at least one authorized cipher suite and a shared key to encrypt information exchanged during a secure session;
responsive to establishing a security connection between the SSL socket and the another SSL socket using the selected mutual cipher, sending, by the service interface to a centralized service an identifier of the selected mutual cipher; and
responsive to receiving, by the service interface, a revoked cipher alert from the centralized service, revoking one or more sessions of the SSL application using a revoked cipher in the revoked cipher alert matching the selected mutual cipher.