Session slicing of mirrored packets
US-12184680-B2 · Dec 31, 2024 · US
Security policy editor
US9794295B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9794295-B2 |
| Application number | US-201615242814-A |
| Country | US |
| Kind code | B2 |
| Filing date | Aug 22, 2016 |
| Priority date | Dec 21, 2011 |
| Publication date | Oct 17, 2017 |
| Grant date | Oct 17, 2017 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A shared computing infrastructure has associated therewith a portal application through which users access the infrastructure and provision one or more services, such as content storage and delivery. The portal comprises a security policy editor, a web-based configuration tool that is intended for use by customers to generate and apply security policies to their media content. The security policy editor provides the user the ability to create and manage security policies, to assign policies so created to desired media content and/or player components, and to view information regarding all of the customer's current policy assignments. The editor provides a unified interface to configure all media security services that are available to the CDN customer from a single interface, and to enable the configured security features to be promptly propagated and enforced throughout the overlay network infrastructure. The editor advantageously enables security features to be configured independently of a delivery configuration.
First claim
Opening claim text (preview).
What is claimed is as follows: 1. A method of enforcing security in a shared computing infrastructure having associated therewith a portal application through which portal users provision one or more services, comprising: for a particular service, distributing a template to a set of servers, the template defining logic to perform an operation associated with the particular service, the logic being common to at least a set of content providers that use the shared computing infrastructure to deliver their content; receiving, via the portal application executing on a hardware element, information defining a policy associated with and specific to a particular content provider; and upon receipt at a server of a request for content and a determination that the request includes digital property and path data that is matched for the particular content provider and the information defining the policy, fetching the information, the information being fetched as one or more response headers over a response header interface, stitching the information into the template by setting at least one variable defined in the policy into the template, and thereafter executing the logic to enforce the policy with respect to the request, wherein the information and the template remain bifurcated until receipt at the server of the request for the content. 2. The method as described in claim 1 wherein the information defining the policy comprises customer-specific parameters received via the portal application. 3. The method as described in claim 1 wherein the information is stored as an ESI fragment. 4. The method as described in claim 3 wherein the information is stored in a pre-compiled decision tree. 5. The method as described in claim 1 wherein, as between the template and the information, the template is relatively static and the information updated as necessary to enforce a change to the policy. 6. The method as described in claim 1 wherein the service is one of: token authentication, content targeting, media encryption, media player verification, digital watermarking, digital rights management, fraud detection, and security analytics. 7. A system comprising a set of machines, the system comprising: a first machine for providing a web-based application having a display interface into which is received information specifying one or more policies associated with a service, each policy uniquely associated with and specific to a particular content provider; and a second machine that stores a template, the template defining logic to perform a security operation associated with the service, the logic being common to at least a set of content providers that use the system to deliver their content, wherein, upon receipt of a request to access content that is protected by a given one of the policies and a determination that the request includes digital property and path data that is matched for the particular content provider and the information defining the policy, the information is retrieved over a response header interface and applied by setting at least one variable defined in the policy into the template to enforce the policy with respect to the request, wherein the information and the template remain bifurcated until receipt of the request for the content. 8. The system as described in claim 7 wherein the service is one of: token authentication, content targeting, media encryption, and media player verification. 9. The system as described in claim 7 wherein the information comprises customer-specific parameters received via the display interface. 10. The system as described in claim 7 wherein the information is stored as an ESI fragment. 11. The system as described in claim 7 wherein the information is stored in a pre-compiled decision tree. 12. The system as described in claim 7 wherein, as between the template and the information, template is relatively static and the information is adapted to be updated as necessary to enforce a change to the policy. 13. The system as described in claim 7 wherein the display interface is adapted to be used to create and manage the one more policies. 14. The system as described in claim 7 wherein the display interface is adapted to be used to assign policies to media content or player components. 15. The system as described in claim 7 wherein the display interface displays information regarding policy assignments.
Assignees
Inventors
Classifications
- H04L63/20Primary
for managing network security; network security policies in general (filtering policies H04L63/0227) · CPC title
for controlling access to devices or network resources · CPC title
involving negotiation or determination of the one or more network security mechanisms to be used, e.g. by negotiation between the client and the server or between peers or by selection according to the capabilities of the entities involved (negotiation of communication capabilities H04L69/24) · CPC title
Electricity · mapped topic
using third party service providers · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9794295B2 cover?
- A shared computing infrastructure has associated therewith a portal application through which users access the infrastructure and provision one or more services, such as content storage and delivery. The portal comprises a security policy editor, a web-based configuration tool that is intended for use by customers to generate and apply security policies to their media content. The security poli…
- Who is the assignee on this patent?
- Akamai Tech Inc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/20. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Oct 17 2017 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).