Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for offline shared security key calculation. In one aspect, a method includes entering a first secure communication session with a remote device. A plurality of nonces are provided to the remote device during the first secure communication session. The first secure communication session is exited. A communication is received from the remote device after exiting the first communication session. The communication includes an indication of one of the plurality of nonces. A session key is generated using the indicated one of the plurality of nonces. A second secure communication session is entered with the remote device using the generated session key. Other embodiments of this aspect include corresponding systems, apparatus, and computer programs, configured to perform the actions of the methods, encoded on computer storage devices.

Abstract: A method, computer-readable medium, and system for re-using a connection between a client computing device and a server system. The method includes receiving at a server system a request from a client computing device to initiate a connection; receiving over the connection a request from the client computing device for first content from a first domain hosted by the server system; sending information to the client computing device over the connection that specifies one or more additional domains hosted by the server system and acceptable to the server system for connection sharing; receiving over the connection a request for second content from a second domain that is hosted by the server system and that was specified in the information sent from the server system to the client computing device; and sending the second content to the client computing device over the connection in response to receiving the request.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for resolving keystrokes. One of the methods includes receiving at a server system a request from a client computing device to initiate a connection between the client and the server system. After a connection is formed, a request from the client for first content from a first domain hosted by the server system is received over the connection. Information is sent to the client over the connection that specifies one or more additional domains hosted by the server system and acceptable to the server system for connection sharing. A request for second content from a second domain that is hosted by the server system and that was specified in the information sent to the client is received over the connection, from the client. In response, the second content is sent to the client over the connection.

Abstract: A method and apparatus are provided for protecting sensitive information within server or other computing environments. Numerous electronic requests addressed to a server system are received over network couplings and evaluated. The evaluation scans for sensitive information including credit card information and private user information. Upon detecting sensitive data, cryptographic operations are applied to the sensitive data. When the sensitive data is being transferred to the server system, the cryptographic operations encrypt the sensitive data prior to transfer among components of the server system. When sensitive data is being transferred from the server system, the cryptographic operations decrypt the sensitive data prior to transfer among the network couplings. The cryptographic operations also include hash, and keyed hash operations.

Abstract: An apparatus and method are provided for client-side content processing such as filtering and caching of secure content sent using Transport Layer Security (TLS) or Secure Socket Layer (SSL) protocols. An appliance functions as a controlled man-in-the-middle on the client side to terminate, cache, switch, and modify secure client side content.

Abstract: A method and apparatus are provided for protecting sensitive information within server or other computing environments. Numerous electronic requests addressed to a server system are received over network couplings and evaluated. The evaluation scans for sensitive information including credit card information and private user information. Upon detecting sensitive data, cryptographic operations are applied to the sensitive data. When the sensitive data is being transferred to the server system, the cryptographic operations encrypt the sensitive data prior to transfer among components of the server system. When sensitive data is being transferred from the server system, the cryptographic operations decrypt the sensitive data prior to transfer among the network couplings. The cryptographic operations also include hash, and keyed hash operations.