REMOTE BROWSING SESSION MANAGEMENT

US 20160006697A1
Filed: 09/14/2015
Published: 01/07/2016
Est. Priority Date: 02/21/2012
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method comprising:

as implemented by a network computing provider comprising one or more computing devices configured to execute specific instructions,receiving a first encrypted communication from a client computing device, the first encrypted communication comprising an encrypted request for a network resource;

decrypting the first encrypted communication to recover the request for the network resource;

encrypting the request for the network resource to create a second encrypted communication, the second encrypted communication encrypted with a different key than the first encrypted communication; and

transmitting the second encrypted communication to a content source.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A browsing process is directed to the generation and management of a browse session at a network computing provider. A client computing device transmits secure requests for network resources to a network computing provider. The network computing provider comprises one or more virtual network computing providers for processing secure communications between a client computing device and a content source. A virtual network computing provider handles the secure communications, decrypting and processing the communications while preventing third parties from accessing the unencrypted communication data. The virtual network computing provider may determine a browse configuration identifying processing actions to perform on the request content. The virtual network computing provider may retrieve the requested content, perform a first set of processing actions to generate a processing result, and provide the processing result to the client computing device, which may perform a second set of processing actions, including display.

28 Citations

View as Search Results

20 Claims

1. A computer-implemented method comprising:
- as implemented by a network computing provider comprising one or more computing devices configured to execute specific instructions,receiving a first encrypted communication from a client computing device, the first encrypted communication comprising an encrypted request for a network resource;
  
  decrypting the first encrypted communication to recover the request for the network resource;
  
  encrypting the request for the network resource to create a second encrypted communication, the second encrypted communication encrypted with a different key than the first encrypted communication; and
  
  transmitting the second encrypted communication to a content source.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The computer-implemented method of claim 1 further comprising:
    - receiving a third encrypted communication from the content source, the third encrypted communication comprising the requested network resource; and
      
      decrypting the third encrypted communication to recover the requested network resource.
  - 3. The computer-implemented method of claim 2, wherein at least one of the first encrypted transmission, second encrypted transmission, or third encrypted transmission is an HTTPS transmission.
  - 4. The computer-implemented method of claim 2 further comprising:
    - executing a server-side browser application in communication with a client-side browser application executing on the client computing device;
      
      determining a first set of processing actions to be performed on the requested network resource by the server-side browser application and a second set of processing actions to be performed on the requested network resource by the client-side browser application; and
      
      performing the first set of processing actions to create an initial processing result.
  - 5. The computer-implemented method of claim 4 further comprising:
    - encrypting a fourth encrypted communication, the fourth encrypted communication comprising the initial processing result; and
      
      transmitting the fourth encrypted communication to the client computing device.
  - 6. The computer-implemented method of claim 1, wherein the requested network resource comprises one of a web page, image, video, applet, or document.
  - 7. The computer-implemented method of claim 1, wherein the network computing provider is a private virtual network computing provider, and wherein a first private virtual network hosted by the private virtual network computing provider is under control of one of:
    - an owner of the content source, or an owner of the client computing device.
  - 8. The computer-implemented method of claim 6, wherein the owner of the client computing device configures the first private virtual network to prevent third parties from accessing data within the virtual private network.

9. A system comprising:
- a computer-readable memory storing executable instructions; and
  
  one or more computer processors in communication with the computer-readable memory, the one or more computer processors programmed by the executable instructions to at least;
  
  receive a first encrypted network resource request from a client computing device, the first encrypted network resource request comprising a request for a network resource hosted by a remote content source;
  
  decrypt the first encrypted network resource request using a first decryption key to obtain the request for the network resource, wherein the first decryption key corresponds to a first encryption key used to encrypt the first encrypted network resource request;
  
  generate a second encrypted network resource request using a second encryption key different than the first encryption key; and
  
  obtain the network resource from the remote content source using the second encrypted network resource request.
- View Dependent Claims (10, 11, 12, 13, 14)
- - 10. The system of claim 9, wherein the network resource comprises one of a web page, image, video, applet, or document.
  - 11. The system of claim 9, wherein the one or more computer processors are further programmed by the executable instructions to at least decrypt the network resource received from the remote content source to recover a decrypted network resource
  - 12. The system of claim 11, wherein the one or more computer processors are further programmed by the executable instructions to at least:
    - determine a first set of processing actions to be performed on the decrypted network resource by a server-side browser application and a second set of processing actions to be performed by a client-side browser application executing on the client computing device; and
      
      perform, by the server-side browser application, the first set of processing actions to create an initial processing result.
  - 13. The system of claim 12, wherein the one or more computer processors are further programmed by the executable instructions to at least:
    - encrypt a response to the client computing device, the response comprising the initial processing result; and
      
      transmit the response to the client computing device.
  - 14. The system of claim 12, wherein the one or more computer processors are further programmed by the executable instructions to at least execute a private virtual network computing provider comprising the server-side browser application, wherein the private virtual network computing provider is under control of one of:
    - an owner of the remote content source, or an owner of the client computing device.

15. Non-transitory computer storage having stored thereon executable code configured to execute a process on a server system, the process comprising:
- receiving an encrypted request from a client-side browser application executing remotely from the server system, wherein the encrypted request comprises a request for a network resource hosted by a content provider separate from the server system;
  
  decrypting the first encrypted communication to recover the request for the network resource;
  
  encrypting the request for the network resource to create a second encrypted communication, the second encrypted communication encrypted with a different key than the first encrypted communication; and
  
  transmitting the second encrypted communication, comprising the request for the network resource, to the content source to obtain the network resource on behalf of the client computing device.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The non-transitory computer storage of claim 15, wherein the network resource is received in a third encrypted communication from the content provider.
  - 17. The non-transitory computer storage of claim 16, wherein the process further comprises decrypting the third encrypted communication to recover the network resource.
  - 18. The non-transitory computer storage of claim 17, wherein the process further comprises:
    - executing a server-side browser application in communication with a client-side browser application executing on the client computing device;
      
      determining a first set of processing actions to be performed on the network resource by the server-side browser application and a second set of processing actions to be performed on the network resource by the client-side browser application; and
      
      performing the first set of processing actions to create an initial processing result.
  - 19. The non-transitory computer storage of claim 18, the process further comprising:
    - encrypting a fourth encrypted communication, the fourth encrypted communication comprising the initial processing result; and
      
      transmitting the fourth encrypted communication to the client computing device.
  - 20. The non-transitory computer storage of claim 15, wherein the requested network resource comprises one of a web page, image, video, applet, or document.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Original Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Inventors
Joglekar, Sachin P., Vosshall, Peter S., Jenkins, Jonathan A.

Granted Patent

US 10,567,346 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

H04L 47/70   Admission control; Resource...

H04L 47/83   based on usage prediction

H04L 63/0236   Filtering by address, proto...

H04L 63/0272   Virtual private networks

H04L 63/0442   wherein the sending and rec...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/10   for controlling access to d...

H04L 63/20   for managing network securi...

REMOTE BROWSING SESSION MANAGEMENT

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

28 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

REMOTE BROWSING SESSION MANAGEMENT

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

28 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links