Authorization and access control system for access rights using relationship graphs
US-2024414161-A1 · Dec 12, 2024 · US
Secure personal server system and method
US2016197933A1 · US · A1
| Field | Value |
|---|---|
| Publication number | US-2016197933-A1 |
| Application number | US-201514676648-A |
| Country | US |
| Kind code | A1 |
| Filing date | Apr 1, 2015 |
| Priority date | Jan 7, 2015 |
| Publication date | Jul 7, 2016 |
| Grant date | — |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A provider computer announces content to the provider computer and establishes a secure connection to a VPN server. Requests for the content are received in one protocol (HTTPS) from the consumer computer and forwarded to the VPN server in a less secure protocol (HTTP) by a protocol conversion proxy, which then forwards the request to the provider computer. A public URL and secure URL may be associated with the same content. The public URL is announced to a consumer computer. A public server receives the public URL and returns the secure URL, which consumer computer uses to establish a secure connection to the provider computer. Upon the secure URL being compromised, a new secure URL is associated with the public URL. The source IP addresses of requests for the public and secure URLs may be compared to determine whether the secure URL is compromised.
First claim
Opening claim text (preview).
What is claimed is: 1 . A method for providing access to content comprising: receiving, by a server system from a first network address, a first request containing a reference to a first content on a first computer; returning, by the server system to the first network address, a response containing a reference to a second content on a second computer; receiving, by the server system from a second network address, a second request containing reference to the second content on the second computer; determining, by the server system, that the second network address is different from the first network address; and in response to determining that the second network address is different from the first network address, refraining from returning the second content from the second computer to the second network address. 2 . The method of claim 1 , further comprising: receiving, by the server system from a third network address, a third request containing reference to a second content on a second computer; determining, by the server system, that the third network address is same as the first source network address; and in response to determining that the third network address is same as the first network address, returning, by the server system to the first network address, the second content from the second computer. 3 . The method of claim 2 , further comprising: in response to determining that the third network address is same as the first network address, forwarding, by the server system, the third request to the second computer, receiving a response from the second computer and sending the response, by the server system, to the first network address; and in response to determining that the second network address is different from the first network address, refraining from forwarding the second request to the second computer. 4 . The method of claim 3 , wherein forwarding the third request to the second computer comprises sending the third request through a reverse connection between the server system and the second computer. 5 . The method as in claim 4 , wherein the reverse connection between the server system and the second computer comprises one from a group of virtual private network (VPN) tunnel, proxy connection and secure shell (SSH) connection. 6 . The method as in claim 2 , wherein returning the second content from the second computer to the first network address comprises establishing an encrypted communication channel between the second computer and a computer associated with the first network address, the channel being established by using an encryption key accessible by the second computer. 7 . The method of claim 6 , wherein the encrypted communication channel uses hyper text transfer secure protocol (HTTPS) and the encryption key accessible by the second computer is a private key for a secure socket layer (SSL) certificate. 8 . The method as in claim 6 , further comprising: in response to determining that the second network address is different from the first network address, sending notification, by the server system, that security of the encryption key accessible by the second computer is compromised. 9 . The method as in claim 1 , further comprising: in response to determining that the second network address is different from the first network address, refraining from returning the second content from the second computer for one or more requests for the second content following the second request. 10 . The method as in claim 1 , further comprising: in response to determining that the second network address is different from the first network address, returning, by the server system, at least one response to a request for the first content containing a reference to the second content different from the one returned in response to the first request for the first content. 11 . A method for providing access to content comprising: receiving, by a server system from a first network address, a first request containing reference to a first content on a first computer; returning, by the server system to the first network address, a response containing reference to a second content on a second computer; determining, by the server system, that request from the first network address for the second content did not arrive within the threshold time; and in response to determining that request from the first network address did not arrive within the threshold time, refraining from returning the second content from the second computer for one or more requests received after the threshold time. 12 . A system for providing access to content comprising one or more processors and one or more memory devices operably coupled to the one or more processors and storing executable and operational code effective to cause the one or more processors to: receive from a first network address, a first request containing a reference to a first content on a first computer, return, to the first network address, a response containing a reference to a second content on a second computer, receive, from a second network address, a second request containing reference to the second content on the second computer, if the second network address is different from the first network address, refraining from returning the second content from the second computer to the second network address. 13 . The system of claim 12 , wherein the executable and operational code are further effective to cause the one or more processors to: only if the second network address is same as the first source network address, return to the first network address, the second content from the second computer. 14 . The system of claim 13 , wherein the executable and operational code are further effective to cause the one or more processors to: only if the second network address is the same as the first network address, (a) forward the second request to the second computer, (b) receive a response to the second request from the second computer, and (c) send the response to the second request to the first network address; and if the second network address is different from the first network address, refrain from forwarding the second request to the second computer. 15 . The system of claim 14 , wherein the executable and operational code are further effective to cause the one or more processors to forward the third request to the second computer by sending the third request through a reverse connection between the system and the second computer. 16 . The system of claim 15 , wherein the reverse connection between the system and the second computer is selected from the group consisting of a virtual private network (VPN) tunnel, a proxy connection, and a secure shell (SSH) connection. 17 . The system of claim 13 , wherein the executable and operational code are further effective to cause the one or more processors to: return the second content from the second computer to the first network address by establishing an encrypted communication channel between the second computer and a computer associated with the first network address, the channel being established by using an encryption key accessible by the second computer. 18 . The system of claim 17 , wherein the encrypted communication channel implements a hyper text transfer secure protocol (HTTPS) and the encryption key accessible by the second computer is a private key for a secure socket layer (SSL) certificate. 19 . The system as in claim 17 , wherein the executable and operationa
Assignees
Inventors
Classifications
Protocols for interworking; Protocol conversion · CPC title
using certificates (cryptographic mechanisms or cryptographic arrangements for entity authentication involving certificates H04L9/3263) · CPC title
Proxies · CPC title
for providing a confidential data exchange among entities communicating through data packet networks · CPC title
Threshold monitoring · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US2016197933A1 cover?
- A provider computer announces content to the provider computer and establishes a secure connection to a VPN server. Requests for the content are received in one protocol (HTTPS) from the consumer computer and forwarded to the VPN server in a less secure protocol (HTTP) by a protocol conversion proxy, which then forwards the request to the provider computer. A public URL and secure URL may be as…
- Who is the assignee on this patent?
- Anchorfree Inc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/102. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Thu Jul 07 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).