Walled Garden System for Providing Access to One or More Websites that Incorporate Content from Other websites and Method Thereof

US 20120084852A1
Filed: 10/05/2010
Published: 04/05/2012
Est. Priority Date: 10/05/2010
Status: Active Grant

First Claim

Patent Images

1. A walled garden system for providing access to one or more websites specified on a cleared sites list, the cleared sites list having one or more hostname descriptors, the walled garden system comprising:

a firewall having rules associated with a cleared internet protocol (IP) list including one or more cleared IP addresses, the firewall for permitting transfer of a cleared hypertext transfer protocol (HTTP) request from a user device to a cleared destination IP address that matches one of the cleared IP addresses; and

a controller for examining a non-cleared HTTP request from the user device to a non-cleared destination IP address that does not match one of the cleared IP addresses, for acting as a transparent proxy between the user device and the non-cleared destination IP address when a destination host header of the non-cleared HTTP request matches a hostname descriptor of the cleared sites list, and further for acting as the transparent proxy between the user device and the non-cleared destination IP address when a referrer header of the non-cleared HTTP request matches a hostname descriptor of the cleared sites list.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A cleared sites list includes one or more hostname descriptors. A firewall includes rules associated with a cleared IP list including cleared IP addresses, and permits transfer of a cleared HTTP request from a user device to a cleared destination IP address that matches one of the cleared IP addresses. A controller examines a non-cleared HTTP request from the user device to a non-cleared destination IP address that does not match one of the cleared IP addresses, and acts as a transparent proxy between the user device and the non-cleared destination IP address when a destination host header of the non-cleared HTTP request matches a hostname descriptor of the cleared sites list. The controller further acts as a transparent proxy between the user device and the non-cleared destination IP address when a referrer header of the non-cleared HTTP request matches a hostname descriptor of the cleared sites list.

30 Citations

View as Search Results

20 Claims

1. A walled garden system for providing access to one or more websites specified on a cleared sites list, the cleared sites list having one or more hostname descriptors, the walled garden system comprising:
- a firewall having rules associated with a cleared internet protocol (IP) list including one or more cleared IP addresses, the firewall for permitting transfer of a cleared hypertext transfer protocol (HTTP) request from a user device to a cleared destination IP address that matches one of the cleared IP addresses; and
  
  a controller for examining a non-cleared HTTP request from the user device to a non-cleared destination IP address that does not match one of the cleared IP addresses, for acting as a transparent proxy between the user device and the non-cleared destination IP address when a destination host header of the non-cleared HTTP request matches a hostname descriptor of the cleared sites list, and further for acting as the transparent proxy between the user device and the non-cleared destination IP address when a referrer header of the non-cleared HTTP request matches a hostname descriptor of the cleared sites list.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The walled garden system of claim 1, wherein:
    - the cleared sites list further includes at least one referrer-enabled hostname descriptor having a configuration option enabling referrer based access; and
      
      when the destination host header of the non-cleared HTTP request does not match a hostname descriptor of the cleared sites list, the controller is for acting as the transparent proxy between the user device and the non-cleared destination IP address only when the referrer header of the non-cleared HTTP request matches a referrer-enabled hostname descriptor of the cleared sites list.
  - 3. The walled garden system of claim 1, wherein:
    - at least one hostname descriptor on the cleared sites list includes one or more wildcards; and
      
      the controller is further for searching for matches of the referrer header of the non-cleared HTTP request to a hostname descriptor of the cleared sites list taking into account the wildcards.
  - 4. The walled garden system of claim 1, wherein the controller is further for adding the destination IP address of the non-cleared HTTP request to the cleared IP addresses of the firewall when the destination host header of the non-cleared HTTP request matches a hostname descriptor of the cleared sites list;
    - and for not adding the destination IP address of the non-cleared HTTP request to the cleared IP addresses of the firewall when only the referrer header of the non-cleared HTTP request matches a hostname descriptor of the cleared sites list.
  - 5. The walled garden system of claim 1, wherein the controller is further for:
    - adding, with a first expiry setting, the destination IP address of the non-cleared HTTP request to the cleared IP addresses of the firewall when the destination host header of the non-cleared HTTP request matches a hostname descriptor of the cleared sites list; and
      
      adding, with a second expiry setting, the destination IP address of the non-cleared HTTP request to the cleared IP addresses of the firewall when only the referrer header of the non-cleared HTTP request matches a hostname descriptor of the cleared sites list.
  - 6. The walled garden system of claim 5, wherein the controller is further for removing destination IP addresses from the cleared IP addresses after an expiry duration associated with each destination IP address.
  - 7. The walled garden system of claim 6, wherein the first expiry setting specifies a first expiry duration being longer than a second expiry duration specified by the second expiry setting.
  - 8. The walled garden system of claim 1, wherein when acting as the transparent proxy between the user device and the non-cleared destination IP address when the referrer header of the non-cleared HTTP request matches a hostname descriptor of the cleared sites list, the controller is for acting as the transparent proxy for only one HTTP request-response transaction between the user device and the destination IP.
  - 9. The walled garden system of claim 1, wherein the controller is further for performing a DNS lookup on exact hostname descriptors on the cleared sites list and adding one or more resulting DNS-resolved IP addresses to the cleared IP list.
  - 10. The walled garden system of claim 4, wherein the exact hostname descriptors on the cleared sites list do not include wildcards.

11. A method of providing access to one or more websites specified on a cleared sites list, the cleared sites list having one or more hostname descriptors, the method comprising:
- providing a firewall having rules associated with a cleared internet protocol (IP) list including one or more cleared IP addresses;
  
  providing a controller having access to the cleared sites list;
  
  permitting, by the firewall, transfer of a cleared hypertext transfer protocol (HTTP) request from a user device to a cleared destination IP address that matches one of the cleared IP addresses;
  
  examining, by the controller, a non-cleared HTTP request from the user device to a non-cleared destination IP address that does not match one of the cleared IP addresses;
  
  transparent proxying between the user device and the non-cleared destination IP address when a destination host header of the non-cleared HTTP request matches a hostname descriptor of the cleared sites list; and
  
  transparent proxying between the user device and the non-cleared destination IP address when a referrer header of the non-cleared HTTP request matches a hostname descriptor of the cleared sites list.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
- - 12. The method of claim 11, further comprising:
    - when the destination host header of the non-cleared HTTP request does not match a hostname descriptor of the cleared sites list, transparent proxying between the user device and the non-cleared destination IP address only when the referrer header of the non-cleared HTTP request matches a referrer-enabled hostname descriptor of the cleared sites list;
      
      wherein the cleared sites list further includes at least one referrer-enabled hostname descriptor having a configuration option enabling referrer based access.
  - 13. The method of claim 11, further comprising:
    - searching by the controller for matches of the referrer header of the non-cleared HTTP request to a hostname descriptor of the cleared sites list taking into account wildcards;
      
      wherein at least one hostname descriptor on the cleared sites list includes one or more wildcards.
  - 14. The method of claim 11, further comprising adding the destination IP address of the non-cleared HTTP request to the cleared IP addresses of the firewall by the controller when the destination host header of the non-cleared HTTP request matches a hostname descriptor of the cleared sites list;
    - and not adding the destination IP address of the non-cleared HTTP request to the cleared IP addresses of the firewall when only the referrer header of the non-cleared HTTP request matches a hostname descriptor of the cleared sites list.
  - 15. The method of claim 11, further comprising:
    - adding, with a first expiry setting, the destination IP address of the non-cleared HTTP request to the cleared IP addresses of the firewall when the destination host header of the non-cleared HTTP request matches a hostname descriptor of the cleared sites list; and
      
      adding, with a second expiry setting, the destination IP address of the non-cleared HTTP request to the cleared IP addresses of the firewall when only the referrer header of the non-cleared HTTP request matches a hostname descriptor of the cleared sites list.
  - 16. The method of claim 15, further comprising removing destination IP addresses from the cleared IP addresses after an expiry duration associated with each destination IP address.
  - 17. The method of claim 16, wherein the first expiry setting specifies a first expiry duration being longer than a second expiry duration specified by the second expiry setting.
  - 18. The method of claim 11, further comprising, when transparent proxying between the user device and the non-cleared destination IP address when the referrer header of the non-cleared HTTP request matches a hostname descriptor of the cleared sites list, transparent proxying for only one HTTP request-response transaction between the user device and the destination IP.
  - 19. The method of claim 11, further comprising performing a DNS lookup on exact hostname descriptors on the cleared sites list and adding one or more resulting DNS-resolved IP addresses to the cleared IP list;
    - the exact hostname descriptors on the cleared sites list not including wildcards.

20. A system for providing access to one or more websites specified on a cleared sites list, the cleared sites list having one or more hostname descriptors, the system comprising:
- means for permitting transfer of a cleared hypertext transfer protocol (HTTP) request from a user device to a cleared destination IP address that matches a cleared IP addresses;
  
  means for examining a non-cleared HTTP request from the user device to a non-cleared destination IP address that does not match a cleared IP addresses;
  
  means for transparent proxying between the user device and the non-cleared destination IP address when a destination host header of the non-cleared HTTP request matches a hostname descriptor of the cleared sites list; and
  
  means for transparent proxying between the user device and the non-cleared destination IP address when a referrer header of the non-cleared HTTP request matches a hostname descriptor of the cleared sites list.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Guest-tek Interactive Entertainment Ltd.
Original Assignee
Guest-tek Interactive Entertainment Ltd.
Inventors
Ong, David

Granted Patent

US 8,448,231 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/12
CPC Class Codes

G06F 16/9566   URL specific, e.g. using al...

G06F 21/51   at application loading time...

G06F 2221/2119   Authenticating web pages, e...

H04L 63/0236   Filtering by address, proto...

H04L 63/0281   Proxies

H04L 67/02   based on web technology, e....

H04L 67/564   Enhancement of application ...

Walled Garden System for Providing Access to One or More Websites that Incorporate Content from Other websites and Method Thereof

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

30 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Walled Garden System for Providing Access to One or More Websites that Incorporate Content from Other websites and Method Thereof

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

30 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links