MANAGING SECURE CONTENT IN A CONTENT DELIVERY NETWORK

US 20150319194A1
Filed: 07/15/2015
Published: 11/05/2015
Est. Priority Date: 09/04/2009
Status: Active Grant

First Claim

Patent Images

1. A system for managing content requests comprising:

one or more first storage devices including a hardware processor and a memory, the one or more first storage devices configured to;

receive a client request for an embedded resource from a client computing device, the client request being associated with an embedded resource identifier and the client request including first signature information originally provided to the client computing device from an original content provider; and

provide the embedded resource to the client computing device based on verification of the first signature information; and

one or more second storage devices including a hardware processor and a memory, the one or more second storage devices configured to;

receive a first storage device request for an embedded resource from one of the one or more first storage devices, the first storage device request including second signature information, the second signature information being different from the first signature information; and

responsive to the first storage device request, provide the embedded resource to the first storage device based on verification of the second signature information.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system, method, and computer readable medium for managing secure content by CDN service providers are provided. A network storage provider stores one or more resources on behalf of a content provider. A CDN service provider obtains client computing device requests for secure content. Based on processing first signature information, the CDN service provider determines whether the secure content is available to the client computing device. If the CDN service provider does not maintain the requested content, the CDN service provider transmits a request to the network storage provider. Based on second signature information and an identifier associated with the CDN service provider, the network storage provider processes the request based policy information associated with the identifier.

Citations

20 Claims

1. A system for managing content requests comprising:
- one or more first storage devices including a hardware processor and a memory, the one or more first storage devices configured to;
  
  receive a client request for an embedded resource from a client computing device, the client request being associated with an embedded resource identifier and the client request including first signature information originally provided to the client computing device from an original content provider; and
  
  provide the embedded resource to the client computing device based on verification of the first signature information; and
  
  one or more second storage devices including a hardware processor and a memory, the one or more second storage devices configured to;
  
  receive a first storage device request for an embedded resource from one of the one or more first storage devices, the first storage device request including second signature information, the second signature information being different from the first signature information; and
  
  responsive to the first storage device request, provide the embedded resource to the first storage device based on verification of the second signature information.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The system as recited in claim 1, wherein the client request includes a DNS query associated with the embedded resource.
  - 3. The system as recited in claim 1, wherein the second signature information is originally provided by the one or more second storage devices.
  - 4. The system as recited in claim 1, wherein the one or more second storage devices provide the embedded resource further in accordance with policies associated with the embedded resource identifier.
  - 5. The system as recited in claim 4, wherein the policies associated with the embedded resource identifier correspond to an access control list associated with the embedded resource identifier.
  - 6. The system as recited in claim 5, wherein the access control list identifies one or more entities that may access the requested embedded resource.
  - 7. The system as recited in claim 6, wherein the access control list defines one or more parameters associated with access to the embedded resource by the one or more identified entities.
  - 8. The system as recited in claim 5, wherein the access control list defines one or more parameters associated with the requested embedded resource.
  - 9. The system as recited in claim 8, wherein the one or more parameters include expiration data associated with the requested embedded resource.
  - 10. The system as recited in claim 1, wherein a secure information verification service verifies the first signature information.
  - 11. The system as recited in claim 1, wherein a secure information verification service verifies the second signature information.

12. A computer-implemented method for managing content requests comprising:
- receiving a client request for an embedded resource from a client computing device, the client request being associated with an embedded resource identifier and the client request including first signature information originally provided to the client computing device from an original content provider;
  
  providing the embedded resource to the client computing device based at least in part on verification of the first signature information;
  
  receiving a first storage device request for an embedded resource from one or more first storage devices, the first storage device request including second signature information, the second signature information being different from the first signature information; and
  
  providing, the embedded resource to the first storage device based at least in part on verification of the second signature information.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20)
- - 13. The computer-implemented method as recited in claim 12, wherein the second signature information is originally provided by the network storage computing device.
  - 14. The computer-implemented method as recited in claim 12, wherein the network storage computing device provides the embedded resource further in accordance with policies associated with the embedded resource identifier.
  - 15. The computer-implemented method as recited in claim 14, wherein the policies associated with the embedded resource identifier correspond to an access control list associated with the embedded resource identifier.
  - 16. The computer-implemented method as recited in claim 15, wherein the access control list identifies one or more entities that may access the requested embedded resource.
  - 17. The computer-implemented method as recited in claim 15, wherein the access control list defines one or more parameters associated with the requested embedded resource.
  - 18. The computer-implemented method as recited in claim 17, wherein the one or more parameters include expiration data associated with the requested embedded resource.
  - 19. The computer-implemented method as recited in claim 12 further comprising verifying, by the CDN computing device, the first signature information.
  - 20. The computer-implemented method as recited in claim 12 further comprising verifying, by the network storage computing device, the second signature information.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Original Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Inventors
Richardson, David R., Abrar, Mustafa I., Johnson, Don, Cormie, John, Marshall, Bradley Eugene, Cavage, Mark Joseph

Granted Patent

US 9,712,325 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

H04L 63/101   Access control lists [ACL]

H04L 63/126   the source of the received ...

H04L 63/20   for managing network securi...

H04L 67/1097   for distributed storage of ...

H04L 9/3247   involving digital signatures

MANAGING SECURE CONTENT IN A CONTENT DELIVERY NETWORK

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

MANAGING SECURE CONTENT IN A CONTENT DELIVERY NETWORK

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links