Abstract: A network-based appliance includes a mechanism to intercept, decrypt and inspect secure network traffic flowing over SSL/TLS between a client and a server. The mechanism responds to detection of a session initiation request message from the client, the message being received following establishment of a TCP connection between the client and server. The mechanism responds by holding the session initiation request message, preferably by creating a fake socket to a local process, and then diverting the request message over that socket. The TCP connection is then terminated, and the mechanism initiates a new session in initiation request message, all while the original session initiation request message continues to be held. The server responds with its server certificate, which is then used by the mechanism to generate a new server certificate. The new server certificate is then returned to the requesting client as the response to the session initiation request message.

Abstract: A network-based appliance includes a mechanism to enable the appliance to extract itself from man-in-the-middle (MITM) processing during a client-server handshake and without interrupting that connection. The mechanism enables the appliance to decide (e.g., based on a rule match against a received server certificate) to stop performing MITM during the handshake and thus to de-insert itself transparently, i.e., without interfering or signaling to either end of the session that this operation is occurring. Once the connection is abandoned in the manner, the appliance ignores additional traffic flow and thus can free up processing resources (CPU, memory, and the like) that would otherwise be required to decrypt the connection (even if no further inspection or rewrite processing would be expected to occur).

Abstract: A network-based appliance includes a mechanism to enable the appliance to extract itself from man-in-the-middle (MITM) processing during a client-server handshake and without interrupting that connection. The mechanism enables the appliance to decide (e.g., based on a rule match against a received server certificate) to stop performing MITM during the handshake and thus to de-insert itself transparently, i.e., without interfering or signaling to either end of the session that this operation is occurring. Once the connection is abandoned in the manner, the appliance ignores additional traffic flow and thus can free up processing resources (CPU, memory, and the like) that would otherwise be required to decrypt the connection (even if no further inspection or rewrite processing would be expected to occur).

Abstract: A network-based appliance includes a mechanism to intercept, decrypt and inspect secure network traffic flowing over SSL/TLS between a client and a server. The mechanism responds to detection of a session initiation request message from the client, the message being received following establishment of a TCP connection between the client and server. The mechanism responds by holding the session initiation request message, preferably by creating a fake socket to a local process, and then diverting the request message over that socket. The TCP connection is then terminated, and the mechanism initiates a new session in initiation request message, all while the original session initiation request message continues to be held. The server responds with its server certificate, which is then used by the mechanism to generate a new server certificate. The new server certificate is then returned to the requesting client as the response to the session initiation request message.

Abstract: Disclosed is a cervico-vaginal tissue equivalent comprised of vaginal epithelial cells and immune cells, cultured at the air-liquid interface. The tissue equivalent is capable of being infected with a sexually transmitted pathogen such as a virus (e.g., HIV), a bacteria, a helminthic parasite, or a fungus. The tissue equivalent is also capable of undergoing an allergic-type reaction or an irritant-type reaction. The tissue equivalent is characterized as having nucleated basal layer cells and nucleated suprabasal layer cells, and further as having cell layers external to the suprabasal layer progressively increasing in glycogen content and progressively decreasing in nuclei content. Immune cells of the tissue equivalent are primarily located in the basal and suprabasal layers. Also disclosed are methods for producing the tissue equivalent.

Abstract: Disclosed is a cervico-vaginal tissue equivalent comprised of vaginal epithelial cells and immune cells, cultured at the air-liquid interface. The tissue equivalent is capable of being infected with a sexually transmitted pathogen such as a virus (e.g., HIV), a bacteria, a helminthic parasite, or a fungus. The tissue equivalent is also capable of undergoing an allergic-type reaction or an irritant-type reaction. The tissue equivalent is characterized as having nucleated basal layer cells and nucleated suprabasal layer cells, and further as having cell layers external to the suprabasal layer progressively increasing in glycogen content and progressively decreasing in nuclei content. Immune cells of the tissue equivalent are primarily located in the basal and suprabasal layers. Also disclosed are methods for producing the tissue equivalent.

Abstract: Disclosed is a cervico-vaginal tissue equivalent comprised of vaginal epithelial cells and immune cells, cultured at the air-liquid interface. The tissue equivalent is capable of being infected with a sexually transmitted pathogen such as a virus (e.g., HIV), a bacteria, a helminthic parasite, or a fungus. The tissue equivalent is also capable of undergoing an allergic-type reaction or an irritant-type reaction. The tissue equivalent is characterized as having nucleated basal layer cells and nucleated suprabasal layer cells, and further as having cell layers external to the suprabasal layer progressively increasing in glycogen content and progressively decreasing in nuclei content. Immune cells of the tissue equivalent are primarily located in the basal and suprabasal layers. Also disclosed are methods for producing the tissue equivalent.