SECURE RESOURCE NAME RESOLUTION USING A CACHE
First Claim
1. A computing device for resolving a first identifier associated with a network resource into a second identifier associated with the network resource, comprising:
- a memory and a processor that are respectively configured to store and execute instructions, including instructions that;
receive a request to resolve the first identifier into the second identifier;
select a set of resolution parameters from a collection of sets of resolution parameters, wherein the selected set of resolution parameters defines criteria for resolving the first identifier into the second identifier;
perform a client side portion of a name resolution process that resolves the first identifier into the second identifier, wherein at least some communications for the resolution are encrypted with encryption specified via at least one resolution parameter of the selected set of resolution parameters; and
storing associations between the first identifier and the second identifier and between the resolved second identifier and the at least one resolution parameter of the selected set of resolution parameters.
1 Assignment
0 Petitions
Accused Products
Abstract
Techniques for securing name resolution technologies and for ensuring that name resolution technologies can function in modern networks that have a plurality of overlay networks accessible via a single network interface. In accordance with some of the principles described herein, a set of resolution parameters may be implemented by a user to be used during a name resolution process. In some implementations, when an identifier is obtained for a network resource, the identifier may be stored in a cache with resolution parameters that were used in obtaining the identifier. When a new name resolution request is received, the cache may be examined to determine whether a corresponding second identifier is in the cache, and whether resolution parameters used to retrieve the second identifier in the cache match the resolution parameters for the new resolution request. If so, the second identifier may be returned from the cache.
40 Citations
20 Claims
-
1. A computing device for resolving a first identifier associated with a network resource into a second identifier associated with the network resource, comprising:
a memory and a processor that are respectively configured to store and execute instructions, including instructions that; receive a request to resolve the first identifier into the second identifier; select a set of resolution parameters from a collection of sets of resolution parameters, wherein the selected set of resolution parameters defines criteria for resolving the first identifier into the second identifier; perform a client side portion of a name resolution process that resolves the first identifier into the second identifier, wherein at least some communications for the resolution are encrypted with encryption specified via at least one resolution parameter of the selected set of resolution parameters; and storing associations between the first identifier and the second identifier and between the resolved second identifier and the at least one resolution parameter of the selected set of resolution parameters. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
10. A method, executed on a processor, of performing name resolution, comprising:
-
receiving a request to resolve a first identifier associated with a network resource into a second identifier that is also associated with the network resource; selecting a resolution parameter for resolving the first identifier from a collection of resolution parameters, wherein each resolution parameter of the collection defines at least one criterion, relating to name resolution security, to be employed for resolving the first identifier into the second identifier; performing, according to the at least one criterion defined by the selected resolution parameter, a client side portion of a name resolution process for resolving the first identifier into the second identifier; and storing the resolved second identifier and an indication of the selected resolution parameter. - View Dependent Claims (11, 12, 13, 14)
-
-
15. A computer-readable storage medium having instructions stored thereon for performing operations for resolving a name of associated with a network resource into an address associated with the network resource, the operations comprising:
-
selecting a resolution parameter, from a plurality of resolution parameters, that defines at least one security related criterion; performing at least part of a client side name resolution for resolving the name into the address, wherein the resolution of the name into the address is at least partially controlled according to the at least one criterion defined by the selected resolution parameter; and storing the resolved address and an indication of the criterion used to resolve the address. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification