Authenticated name resolution
First Claim
1. A method for authenticating a DNS request, comprising:
- receiving at an authenticating server comprising an electronic processor a DNS resolution request including a domain name and authentication information, wherein the information is not in the domain name, and wherein the authentication information comprises at least one of a username/password combination, or a security certificate;
validating, on the authenticating server comprising an electronic processor, the authentication information;
determining, by the authenticating server comprising an electronic processor, a DNS action based on the validation of the authentication information, wherein the DNS action comprises at least one of;
sending a response message with an IP address, network layer identifier, or service location identifier;
delaying sending a response message;
sending a response message with an IP address corresponding to a website address containing authentication instructions;
or responding with an alternative IP address corresponding to a special version of a resource configured to look just like the resource; and
executing, on the authenticating server comprising an electronic processor, the DNS action.
1 Assignment
0 Petitions
Accused Products
Abstract
A method, system, and computer-readable memory containing instructions include receiving a DNS request containing authentication information, validating the authentication information, determining an appropriate action to take based on the validating status, and taking the appropriate action. Actions may include responding with an individualized network layer address or service location address, delaying sending a response message, sending a network layer address or service location address corresponding to a site containing authentication information, and sending a response with a network layer address or service location address with a web address configured to mimic the website related to the requested resource.
80 Citations
32 Claims
-
1. A method for authenticating a DNS request, comprising:
-
receiving at an authenticating server comprising an electronic processor a DNS resolution request including a domain name and authentication information, wherein the information is not in the domain name, and wherein the authentication information comprises at least one of a username/password combination, or a security certificate; validating, on the authenticating server comprising an electronic processor, the authentication information; determining, by the authenticating server comprising an electronic processor, a DNS action based on the validation of the authentication information, wherein the DNS action comprises at least one of;
sending a response message with an IP address, network layer identifier, or service location identifier;
delaying sending a response message;
sending a response message with an IP address corresponding to a website address containing authentication instructions;
or responding with an alternative IP address corresponding to a special version of a resource configured to look just like the resource; andexecuting, on the authenticating server comprising an electronic processor, the DNS action. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system for authenticating a DNS request, comprising:
an authenticating server comprising; a processor; and memory, wherein the memory contains instructions, which, when executed by the processor, perform a method comprising; receiving at an authenticating server a DNS resolution request including a domain name and authentication information, wherein the information is not in the domain name, and wherein the authentication information comprises at least one of a username/password combination, or a security certificate; validating, on the authenticating server, the authentication information; determining, by the authenticating server, a DNS action based on the validation of the authentication information, wherein the DNS action comprises at least one of;
sending a response message with an IP address, a network layer address or service location address, delaying sending a response message, sending a response message with an IP address corresponding to a website address containing authentication instructions, or responding with an alternative IP address corresponding to a special version of a resource configured to look just like the resource; andexecuting, on the authenticating server, the DNS action. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
19. Non-transitory computer-readable media containing instructions, which, when executed by a processor, perform a method comprising:
-
determining a prioritized list of classes of users, wherein higher priority classes receive access to services first or a higher quality of services; classifying a user based on the authentication information into a class in the prioritized list of classes; receiving at an authenticating server a DNS resolution request including authentication information, wherein the authentication information comprises at least one of a username/password combination, or a security certificate; validating, on the authenticating server, the authentication information; determining, by the authenticating server, a DNS action based on the validation of the authentication information, wherein the DNS action comprises at least one of;
sending a response message with an IP address, a network layer address or service location address, delaying sending a response message, sending a response message with an IP address corresponding to a website address containing authentication instructions, and responding with an alternative IP address corresponding to a special version of a resource configured to look just like the resource; andexecuting, on the authenticating server, the DNS action. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27)
-
-
28. A method for authenticating a DNS request, comprising:
-
receiving, at an authenticating server comprising an electronic processor, a DNS resolution request from a user, wherein the request includes a domain name to be resolved and an authentication certificate, wherein the authentication certificate was issued by a community authority trust in response to a request for identification authentication by the user, and wherein authentication certificate was added to the DNS resolution request by a device other than a device that originates the DNS resolution request; validating, on the authenticating server comprising an electronic processor, the authentication certificate; determining, by the authenticating server comprising an electronic processor, a network layer address or service location address based on the validation of the authentication certificate; and sending the network layer address to the user. - View Dependent Claims (29, 30, 31, 32)
-
Specification