Electrical computers and digital processing systems: multicomput – Computer-to-computer session/connection establishing – Network resources access controlling
Reexamination Certificate
2007-08-21
2007-08-21
Dalencourt, Yves (Department: 2157)
Electrical computers and digital processing systems: multicomput
Computer-to-computer session/connection establishing
Network resources access controlling
C709S214000, C709S218000, C709S219000, C709S224000, C709S228000, C726S012000, C726S022000
Reexamination Certificate
active
10191309
ABSTRACT:
The present invention addresses the known vulnerabilities of Web site infrastructure by making an origin server substantially inaccessible via Internet Protocol traffic. In particular, according to a preferred embodiment, the origin server is “shielded” from the publicly-routable IP address space. Preferably, only given machines (acting as clients) can access the origin server, and then only under restricted, secure circumstances. In a preferred embodiment, these clients are the servers located in a “parent” region of a content delivery network (CDN) tiered distribution hierarchy. The invention implements an origin server shield that protects a site against security breaches and the high cost of Web site downtime by ensuring that the only traffic sent to an enterprise's origin infrastructure preferably originates from CDN servers. The inventive “shielding” technique protects a site's Web servers (as well as backend infrastructure, such as application servers, databases, and mail servers) from unauthorized intrusion—improving site uptime and in the process, customer loyalty.
REFERENCES:
patent: 5918018 (1999-06-01), Gooderum et al.
patent: 6173311 (2001-01-01), Hassett et al.
patent: 6925495 (2005-08-01), Hegde et al.
patent: 6952737 (2005-10-01), Coates et al.
patent: 6993476 (2006-01-01), Dutta et al.
patent: 2002/0035698 (2002-03-01), Malan et al.
patent: 2002/0138437 (2002-09-01), Lewin et al.
Mark Nottingham, “On Defining a Role for Demand-Driven Surrogate Origin Servers,” Feb. 2001, Computer Communication, vol. 24, pp. 215-221.
IT Audit, vol. 4, Feb. 15, 2001at http://www.theiia.org/itaudit/index.cfm?fuseraction=forum%fid=227.
“CERT Advisory CA-1995-01 IP Spoofing Attacks and Hijacked Terminal Connections,” Sep. 23, 1997, at http://www.cert.org/advisories/CA-1995-01.html.
Afergan Michael M.
Ellis Andrew B.
Rahul Hariharan S.
Sundaram Ravi
Akamai Technologies, Inc.
Dalencourt Yves
Judson David H.
LandOfFree
Method and system for protecting web sites from public... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and system for protecting web sites from public..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and system for protecting web sites from public... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3870949