Analysis Method HTTPS Packet Inspection in Intrusion Prevention Systems Device
A. Friyanto
Information Systems, Faculty of Engineering and Computer Science
Universitas Komputer Indonesia
Jalan Dipatiukur No.112-114, Bandung, Indonesia
Abstract
Hypertext Transfer Protocol Secure or HTTPS is data communication between client and web server in essentially is end to end secure connection. In network security, Intrusion Prevention Systems (IPS) device function is inspection every packet enters and exits to internal network including packet secure connection. HTTPS packet and others secure connection packet are running packet in the network with didnt plain text, but all packet was encrypted from source. Packet encryption make IPS difficult to inspection packet and knowing what the content inside the packet. One of the methods IPS to inspection packet HTTPS is act as bridge end to end secure connection between client and web server. The method make two sections secure connection. The first is secure connection between IPS and client use self-sign digital certificate. And the second is secure connection between IPS and web server use digital certificate from certificate authority. This method make HTTPS not end to end secure connection directly between client and web server in essentially HTTPS. This paper explain the analysis and impact of the method above.
Keywords: HTTPS, IPS, network security, digital certificate
Topic: Informatic and Information System