Security policy for HTTPS using DNS
First Claim
1. A method comprising:
- receiving, at a browser operating on a host device, a request to access a web server, wherein the request comprises a Uniform Resource Locator (URL) associated with the web server;
sending, to a Domain Name System (DNS) server, a request for an Internet Protocol (IP) address correlated with a domain hosting the URL;
receiving, from the DNS server, a response to the request for the IP address correlated with the domain hosting the URL, wherein the response comprises a block policy IP address and an error code; and
based on the block policy IP address and the error code indicated in the response, rendering, by the browser, an access denied page indicating that access to the web server associated with the URL is not permitted, wherein at least a portion of the access denied page is stored in memory accessible to the browser prior to the sending of the request for the IP address correlated with the domain hosting the URL,wherein the block policy IP address comprises a subnet mask indicating a category of content hosted by the web server associated with the URL, wherein the category of content is prohibited by a rule or policy associated with an administrative domain to which the host device is connected.
1 Assignment
0 Petitions
Accused Products
Abstract
In one embodiment, a browser operating on a host device receives, from a user, a request to access a web server that includes a Uniform Resource Locator (URL) associated with the web server. In response, the browser sends, to a Domain Name System (DNS) server, a request for an Internet Protocol (IP) address correlated with the domain hosting the URL, and receives, from the DNS server, a response that comprises a block policy IP address and an appropriate error code. Based on this IP address and the error code indicated in the response, the browser renders an access denied page indicating that access to the web server associated with the URL is not permitted, wherein at least a portion of the access denied page is stored in memory accessible to the browser prior to sending the request for the IP address correlated with the domain that is hosting the URL.
-
Citations
17 Claims
-
1. A method comprising:
-
receiving, at a browser operating on a host device, a request to access a web server, wherein the request comprises a Uniform Resource Locator (URL) associated with the web server; sending, to a Domain Name System (DNS) server, a request for an Internet Protocol (IP) address correlated with a domain hosting the URL; receiving, from the DNS server, a response to the request for the IP address correlated with the domain hosting the URL, wherein the response comprises a block policy IP address and an error code; and based on the block policy IP address and the error code indicated in the response, rendering, by the browser, an access denied page indicating that access to the web server associated with the URL is not permitted, wherein at least a portion of the access denied page is stored in memory accessible to the browser prior to the sending of the request for the IP address correlated with the domain hosting the URL, wherein the block policy IP address comprises a subnet mask indicating a category of content hosted by the web server associated with the URL, wherein the category of content is prohibited by a rule or policy associated with an administrative domain to which the host device is connected. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. An apparatus comprising:
-
a network interface unit configured to enable network communications; a memory; and a processor, coupled to the network interface unit and the memory, and configured to; receive a request to access a web server, wherein the request comprises a Uniform Resource Locator (URL) associated with the web server; send, to a Domain Name System (DNS) server, a request for an Internet Protocol (IP) address correlated with a domain hosting the URL; receive, from the DNS server, a response to the request for the IP address correlated with the domain hosting the URL, wherein the response comprises a block policy IP address and an error code; and based on the block policy IP address and the error code indicated in the response, render an access denied page indicating that access to the web server associated with the URL is not permitted, wherein at least a portion of the access denied page is stored in the memory prior to the sending of the request for the IP address correlated with the domain hosting the URL, wherein the block policy IP address comprises a subnet mask indicating a category of content hosted by the web server associated with the URL, wherein the category of content is prohibited by a rule or policy associated with an administrative domain to which the host device is connected. - View Dependent Claims (13, 14)
-
-
15. A non-transitory computer readable storage media storing executable instructions that are operable in a computing device, to perform operations to:
-
receive a request to access a web server, wherein the request comprises a Uniform Resource Locator (URL) associated with the web server; send, to a Domain Name System (DNS) server, a request for an Internet Protocol (IP) address correlated with a domain hosting the URL; receive, from the DNS server, a response to the request for the IP address correlated with the domain hosting the URL, wherein the response comprises a block policy IP address and an error code; and based on the block policy IP address and the error code indicated in the response, render an access denied page indicating that access to the web server associated with the URL is not permitted, wherein at least a portion of the access denied page is stored in memory accessible to the browser prior to the sending of the request for the IP address correlated with the domain hosting the URL, wherein the block policy IP address comprises a subnet mask and an octet indicating a category of content hosted by the web server associated with the URL. - View Dependent Claims (16, 17)
-
Specification