Services within reverse proxy servers
US-2016088023-A1 · Mar 24, 2016 · US
Providing policy information on an existing communication channel
US2016294703A1 · US · A1
| Field | Value |
|---|---|
| Publication number | US-2016294703-A1 |
| Application number | US-201514674787-A |
| Country | US |
| Kind code | A1 |
| Filing date | Mar 31, 2015 |
| Priority date | Mar 31, 2015 |
| Publication date | Oct 6, 2016 |
| Grant date | — |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A device may receive or generate a message for routing to a destination on a communication channel. The communication channel may have been established between a source and the destination. The device may perform a first determination of policy information related to at least one of the message, the destination, or the source of the message. The policy information may describe an action for a network device to perform. The device may associate a policy token with the message. The policy token may describe or identify the policy information. The device may provide the message with the associated policy token to the network device on the communication channel to cause the network device to perform a second determination of the policy information based on the policy token, to perform the action described by the policy information, and to provide the message on the communication channel.
First claim
Opening claim text (preview).
What is claimed is: 1 . A device, comprising: one or more processors to: receive or generate a message for routing to a destination on a communication channel, the communication channel having been established between a source and the destination; perform a first determination of policy information related to at least one of the message, the destination, or the source of the message, the policy information describing an action for a network device to perform; associate a policy token with the message, the policy token describing or identifying the policy information; and provide the message with the associated policy token to the network device on the communication channel to cause the network device to perform a second determination of the policy information based on the policy token, to perform the action described by the policy information, and to provide the message on the communication channel. 2 . The device of claim 1 , where the message with the associated policy token further causes the network device to remove the policy token from the message before providing the message on the communication channel. 3 . The device of claim 1 , where the one or more processors, when receiving the message, are further to: receive the policy token with the message; and where the one or more processors, when performing the first determination, are further to: perform the first determination based on the policy token. 4 . The device of claim 1 , where the device is associated with a first network; and where the network device is associated with a second network, the second network being a network other than the first network. 5 . The device of claim 1 , where the one or more processors, when associating the policy token with the message, are further to: encrypt the policy token to prevent a malicious party from determining the policy information; and where the message with the associated policy token further cause the network device to decrypt the policy token. 6 . The device of claim 5 , where the encrypting and the decrypting are performed using at least one of: a symmetric-key algorithm, or a public key algorithm. 7 . The device of claim 1 , where the one or more processors, when associating the policy token with the message, are further to: attach the policy token to the message, or insert the policy token into a portion of the message. 8 . A computer-readable medium storing instructions, the instructions comprising: one or more instructions that, when executed by one or more processors of a device, cause the one or more processors to: receive or generate a message for routing to a destination on a communication channel, the communication channel having been established between a source and the destination; determine policy information related to the message, the policy information describing an action for a network device to perform, and the policy information describing information related to at least one of the destination or the source; associate, with the message, a policy token that describes or identifies the policy information; and provide the message and the policy token to the network device on the communication channel to permit the network device to determine the policy information based on the policy token, and to provide the message to the destination on the communication channel. 9 . The computer-readable medium of claim 8 , where the message with the associated policy token further causes the network device to remove the policy token from the message before providing the message on the communication channel. 10 . The computer-readable medium of claim 8 , where the device is associated with a first network; and where the network device is associated with a second network, the second network being a network other than the first network. 11 . The computer-readable medium of claim 8 , where the one or more instructions, that cause the one or more processors to receive the message, further cause the one or more processors to: receive the policy token with the message; and where the one or more instructions, that cause the one or more processors to determine the policy information, further cause the one or more processors to: determine the policy information based on the policy token. 12 . The computer-readable medium of claim 8 , where the one or more instructions, when executed by the one or more processors, further cause the one or more processors to: encrypt the policy token to prevent a malicious party from determining the policy information; and where the message and the policy token further cause the network device to decrypt the policy token. 13 . The computer-readable medium of claim 8 , where the encrypting and the decrypting are performed using at least one of: a symmetric-key algorithm, or a public key algorithm. 14 . The computer-readable medium of claim 8 , where the one or more instructions, that cause the one or more processors to associate the policy token with the message, further cause the one or more processors to: attach the policy token to the message, or insert the policy token into a portion of the message. 15 . A method, comprising: receiving, by a device and from a source, a message for routing to a destination on a communication channel, the communication channel having been established between a source and the destination; determining, by the device, policy information associated with at least one of the message, the source, or the destination, the policy information describing an action for a network device to perform; associating, by the device, the message with a policy token, the policy token describing or identifying, to the network device, the policy information; providing, by the device, the message and the policy token to the network device on the communication channel to permit or cause the network device to determine the policy information based on the policy token, and to perform the action described by the policy information. 16 . The method of claim 15 , where the message and the policy token further permit or cause the network device to remove the policy token from the message and to provide the message to the destination on the communication channel. 17 . The method of claim 15 , where receiving the message further comprises: receiving the policy token with the message; and where determining the policy information further comprises: determining the policy information based on the policy token. 18 . The method of claim 17 , where receiving the message and the policy token further comprises: receiving the message and the policy token from the source, or the source providing the message and the policy token based on the source being compromised by a malicious party. 19 . The method of claim 15 , where associating the policy token with the message further comprises: including the policy token in the message, or attaching the policy token to the message. 20 . The method of claim 15 , further comprising: encrypting the policy token to impede a malicious party from determining the policy information; and where providing the policy token to the network device further comprises: providing the policy token to the network device to permit the network device to decrypt the policy token.
Assignees
Inventors
Classifications
Policy-based network configuration management · CPC title
Routing of multiclass traffic · CPC title
- H04L47/20Primary
Traffic policing · CPC title
Countermeasures against malicious traffic (countermeasures against attacks on cryptographic mechanisms H04L9/002) · CPC title
wherein the data content is protected, e.g. by encrypting or encapsulating the payload · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US2016294703A1 cover?
- A device may receive or generate a message for routing to a destination on a communication channel. The communication channel may have been established between a source and the destination. The device may perform a first determination of policy information related to at least one of the message, the destination, or the source of the message. The policy information may describe an action for a n…
- Who is the assignee on this patent?
- Juniper Networks Inc
- What technology area does this patent fall under?
- Primary CPC classification H04L47/20. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Thu Oct 06 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 5 related publications on this page (citations in our corpus or others sharing the same primary CPC).