Automatic token based secure content streaming method and apparatus

US 10,333,945 B2
Filed: 01/18/2017
Issued: 06/25/2019
Est. Priority Date: 01/18/2017
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving, at a computing device and over an electronic communications network, a content download request from a user device, the content download request being a request for a download in connection with a content item and having an associated secure token and an associated first network address of the user device, the associated secure token being generated in connection with a previous request made in connection with the content item and having an associated second network address;

making a determination, via the computing device and using the secure token received from the user device with the content download request, whether or not to permit the requested download, the determination comprising a first determination whether the first and second network addresses are a match and a second determination that is selectively performed based on an outcome of the first determination, the second determination determining whether or not to block the requested download based on whether or not a number of network address mismatches associated with the secure token exceeds a mismatch threshold; and

transmitting, via the computing device and over the electronic communications network to the user device, a response to the content download request, the response comprising content requested by the content download request in a case that the first and second network addresses match and in a case that the first and second network addresses mismatch but the number of mismatches does not exceed the mismatch threshold, the response comprising information indicating denial of the content download request in a case that the second determination determines to block the requested download.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Disclosed are systems and methods for improving interactions with and between computers in secure content access, distribution and download and/or providing systems supported by or configured with personal computing devices, servers and/or platforms. The systems interact to identify and retrieve data within or across platforms, which can be used to improve the quality of data used in processing interactions between or among processors in such systems. The disclosed systems and methods provide systems and methods for automatic token-based secure content streaming.

5 Citations

View as Search Results

22 Claims

1. A method comprising:
- receiving, at a computing device and over an electronic communications network, a content download request from a user device, the content download request being a request for a download in connection with a content item and having an associated secure token and an associated first network address of the user device, the associated secure token being generated in connection with a previous request made in connection with the content item and having an associated second network address;
  
  making a determination, via the computing device and using the secure token received from the user device with the content download request, whether or not to permit the requested download, the determination comprising a first determination whether the first and second network addresses are a match and a second determination that is selectively performed based on an outcome of the first determination, the second determination determining whether or not to block the requested download based on whether or not a number of network address mismatches associated with the secure token exceeds a mismatch threshold; and
  
  transmitting, via the computing device and over the electronic communications network to the user device, a response to the content download request, the response comprising content requested by the content download request in a case that the first and second network addresses match and in a case that the first and second network addresses mismatch but the number of mismatches does not exceed the mismatch threshold, the response comprising information indicating denial of the content download request in a case that the second determination determines to block the requested download.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The method of claim 1, the second determination determining whether the number of network address mismatches associated with the secure token exceeds a mismatch threshold is selectively performed if the first determination determines that the first and second network addresses mismatch.
  - 3. The method of claim 1, the secure token being generated in response to a content access request received prior to the content download request, generation of the secure token comprising encrypting the second network address and determining an expiration of the secure token.
  - 4. The method of claim 3, the user device is a first user device, the secure token is transmitted, over the electronic communications network, to a second user device using the second network address in response to the content access requested received from the second user device with the second network address, the secure token being transmitted to the second user device after a determination is made to grant access to the content item to an anonymous user of the second user device.
  - 5. The method of claim 4, the second user device is the first user device that has the second network address for the content access request and changes from the second network address to the first network address for the content download request after the content access request is made.
  - 6. The method of claim 4, the first and second user devices are different user devices and the first and second network addresses are different.
  - 7. The method of claim 4, the determination to grant access to the content item to the anonymous user of the second user device comprising determining, using the second network address, that the anonymous user is not geographically restricting from experiencing the content item.
  - 8. The method of claim 1, the mismatch threshold is set to a number of mismatches that accommodate a corresponding number of different network addresses used by the user device in connection with requests made in connection with the content item using the secure token.
  - 9. The method of claim 1, the mismatch threshold is set to a number of mismatches that limits requests made in connection with the content item using the secure token to a predetermined number of different user devices corresponding to the mismatch threshold.
  - 10. The method of claim 1, further comprising:
    - transmitting, over the electronic communications network and to the second network address prior to receiving the content download request from the user device, a Universal Resource Locator (URL) corresponding to the content item and comprising the secure token, the secure token comprising first and second parameters of the URL, the first parameter of the URL comprising a hash of the second network address and the second parameter of the URL comprising an expiration of the secure token, the URL further comprising a third parameter comprising a signature of the URL including the first and second parameters.
  - 11. The method of claim 1, further comprising:
    - transmitting, over the electronic communications network and to the second network address prior to receiving the content download request from the user device, a Hypertext Transport Protocol (HTTP) session cookie comprising the secure token, the secure token comprising first and second parameters of the HTTP session cookie, the first parameter of the HTTP session cookie comprising a hash of the second network address and the second parameter of the HTTP session cookie comprising an expiration of the secure token, the HTTP session cookie further comprising a third parameter comprising a signature of a URL corresponding to the content item, the URL from which the third parameter is generated comprising the first and second parameters.
  - 12. The method of claim 1, the determination further comprising a third determination that is performed before the first and second determinations and the first and second determinations are both selectively performed based on an outcome of the third determination, the third determination comprising determining whether or not the secure token is still live, the first and second determinations being performed in a case that the secure token is determined to be still live.
  - 13. The method of claim 1, the content download request comprising a request for at least one of a media playlist for the content item and a media segment of the content item, and the previous request made in connection with the content item comprising a request for a master playlist for the content item.

14. A non-transitory computer-readable storage medium tangibly encoded with computer-executable instructions, that when executed by a processor associated with a computing device, performs a method comprising:
- receiving, over an electronic communications network, a content download request from a user device, the content download request being a request for a download in connection with a content item and having an associated secure token and an associated first network address of the user device, the associated secure token being generated in connection with a previous request made in connection with the content item and having an associated second network address;
  
  making a determination, using the secure token received from the user device with the content download request, whether or not to permit the requested download, the determination comprising a first determination whether the first and second network addresses are a match and a second determination that is selectively performed based on an outcome of the first determination, the second determination determining whether or not to block the requested download based on whether or not a number of network address mismatches associated with the secure token exceeds a mismatch threshold; and
  
  transmitting, over the electronic communications network to the user device, a response to the content download request, the response comprising content requested by the content download request in a case that the first and second network addresses match and in a case that the first and second network addresses mismatch but the number of mismatches does not exceed the mismatch threshold, the response comprising information indicating denial of the content download request in a case that the second determination determines to block the requested download.
- View Dependent Claims (15, 16, 17, 18, 19, 20, 21)
- - 15. The non-transitory computer-readable storage medium of claim 14, the secure token being generated in response to a content access request received prior to the content download request, generation of the secure token comprising encrypting the second network address and determining an expiration of the secure token.
  - 16. The non-transitory computer-readable storage medium of claim 15, the user device is a first user device, the secure token is transmitted, over the electronic communications network, to a second user device using the second network address in response to the content access requested received from the second user device with the second network address, the secure token being transmitted to the second user device after a determination is made to grant access to the content item to an anonymous user of the second user device.
  - 17. The non-transitory computer-readable storage medium of claim 15, the second user device is the first user device that has the second network address for the content access request and changes from the second network address to the first network address for the content download request after the content access request is made.
  - 18. The non-transitory computer-readable storage medium of claim 15, the first and second user devices are different user devices and the first and second network addresses are different.
  - 19. The non-transitory computer-readable storage medium of claim 15, the determination to grant access to the content item to the anonymous user of the second user device comprising determining, using the second network address, that the anonymous user is not geographically restricting from experiencing the content item.
  - 20. The non-transitory computer-readable storage medium of claim 14, the mismatch threshold is set to a number of mismatches that accommodate a corresponding number of different network addresses used by the user device in connection with requests made in connection with the content item using the secure token.
  - 21. The non-transitory computer-readable storage medium of claim 14, the mismatch threshold is set to a number of mismatches that limits requests made in connection with the content item using the secure token to a predetermined number of different user devices corresponding to the mismatch threshold.

22. A computing device comprising:
- a processor;
  
  a non-transitory storage medium for tangibly storing thereon program logic for execution by the processor, the program logic comprising;
  
  receiving logic executed by the processor for receiving, over an electronic communications network, a content download request from a user device, the content download request being a request for a download in connection with a content item and having an associated secure token and an associated first network address of the user device, the associated secure token being generated in connection with a previous request made in connection with the content item and having an associated second network address;
  
  determining logic executed by the processor for making a determination, using the secure token received from the user device with the content download request, whether or not to permit the requested download, the determination comprising a first determination whether the first and second network addresses are a match and a second determination that is selectively performed based on an outcome of the first determination, the second determination determining whether or not to block the requested download based on whether or not a number of network address mismatches associated with the secure token exceeds a mismatch threshold; and
  
  transmitting logic executed by the processor for transmitting, over the electronic communications network to the user device, a response to the content download request, the response comprising content requested by the content download request in a case that the first and second network addresses match and in a case that the first and second network addresses mismatch but the number of mismatches does not exceed the mismatch threshold, the response comprising information indicating denial of the content download request in a case that the second determination determines to block the requested download.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Verizon Patent and Licensing Incorporated (Verizon Communications Inc.)
Original Assignee
Oath Inc. (Verizon Communications Inc.)
Inventors
Vinukonda, Sudheer, Luzzatti, Omer
Primary Examiner(s)
Abyaneh, Ali S

Application Number

US15/408,713
Publication Number

US 20180205742A1
Time in Patent Office

888 Days
Field of Search
US Class Current
CPC Class Codes

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 63/107   wherein the security polici...

H04L 63/108   when the policy decisions a...

H04L 65/612   for unicast

H04L 67/02   based on web technology, e....

H04L 67/06   specially adapted for file ...

H04L 67/63   Routing a service request d...

H04W 12/06   Authentication

H04W 12/08   Access security

H04W 12/63   Location-dependent; Proximi...

Automatic token based secure content streaming method and apparatus

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

5 Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Automatic token based secure content streaming method and apparatus

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

5 Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links