US 11,811,918 B2
Key broker for a network monitoring device, and applications thereof
John Watson, Falls Church, VA (US); Christopher Roosenraad, Vienna, VA (US); Peter P. Kofira, Powhatan, VA (US); Travis Scheponik, Midlothian, VA (US); and Aaron Eppert, Lawrenceburg, IN (US)
Assigned to Capital One Services, LLC, McLean, VA (US)
Filed by Capital One Services, LLC, McLean, VA (US)
Filed on May 17, 2022, as Appl. No. 17/745,954.
Application 17/745,954 is a continuation of application No. 16/891,879, filed on Jun. 3, 2020, granted, now 11,349,647.
Prior Publication US 2022/0278827 A1, Sep. 1, 2022
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 29/06 (2006.01); H04L 9/08 (2006.01); H04L 43/04 (2022.01); H04L 9/40 (2022.01); H04L 9/32 (2006.01)
CPC H04L 9/083 (2013.01) [H04L 9/0891 (2013.01); H04L 9/0894 (2013.01); H04L 9/3263 (2013.01); H04L 43/04 (2013.01); H04L 63/166 (2013.01); H04L 63/18 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A system for managing ephemeral keys, the system comprising:
an agent, comprising computer-executable instructions on an endpoint device or a server that, when executed by a processor, performs operations of:
passively collecting an ephemeral key in response to a transport layer security handshake;
a memory comprising a secure keystore configured to store the ephemeral key;
a network terminal access point (TAP) configured to capture a packet on a computer network; and
a key broker, comprising computer-executable instructions on a server that when executed by a processor performs the operations of:
receiving metadata corresponding to the captured packet;
retrieving the ephemeral key corresponding to the captured packet, from the secure keystore, based on the metadata;
providing the ephemeral key to a network monitoring device; and
removing the ephemeral key from the network monitoring device based on a decryption key storage limit of the network monitoring device and a priority of the ephemeral key.