SYSTEM AND METHOD OF REDIRECTING INTERNET PROTOCOL TRAFFIC FOR NETWORK BASED PARENTAL CONTROLS

US 20170033947A1
Filed: 10/13/2016
Published: 02/02/2017
Est. Priority Date: 05/27/2010
Status: Active Grant

First Claim

Patent Images

1. A device comprising:

a processing system including a processor; and

a memory that stores executable instructions that, when executed by the processing system, facilitate performance of operations, comprising;

receiving, from a routing device of a network via a first network path, a first transaction destined for a destination device on the network, the routing device having a range of IP addresses associated therewith, the first transaction including a first source IP address and a first destination IP address,wherein the first transaction is redirected on the first network path responsive to the routing device performing a first detecting that the first source IP address in the first transaction has a first address portion associated with a first block of IP addresses reserved for a service provided via the processing system, or performing a second detecting that the first destination IP address has a second address portion associated with the first block of IP addresses, wherein IP addresses in the first block of IP addresses are not in the range associated with the routing device;

applying a content filter to the first transaction;

determining, based on the applying and in accordance with a predetermined policy, whether the first transaction is allowed;

routing the first transaction to the first destination IP address responsive to determining the first transaction is allowed; and

preventing a routing of the first transaction responsive to determining the first transaction is not allowed.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of redirecting traffic on a network includes receiving a subscriber request to use a parental control service, assigning to the subscriber'"'"'s access device an Internet protocol (IP) address from a block of addresses reserved for the service, receiving a transaction, determining that the transaction is from an address in the block, and redirecting the transaction to a parental control device on the network. A network-based parental control system includes an access device for an account that uses a parental control service, a dynamic host configuration protocol server that assigns to the access device an IP address from a block of addresses reserved for the parental control service, a parental control policy device, and a router that receives a transaction from the access device, determines that the transaction is from an address in the block, and redirects the transaction to the parental control policy device.

Citations

20 Claims

1. A device comprising:
- a processing system including a processor; and
  
  a memory that stores executable instructions that, when executed by the processing system, facilitate performance of operations, comprising;
  
  receiving, from a routing device of a network via a first network path, a first transaction destined for a destination device on the network, the routing device having a range of IP addresses associated therewith, the first transaction including a first source IP address and a first destination IP address,wherein the first transaction is redirected on the first network path responsive to the routing device performing a first detecting that the first source IP address in the first transaction has a first address portion associated with a first block of IP addresses reserved for a service provided via the processing system, or performing a second detecting that the first destination IP address has a second address portion associated with the first block of IP addresses, wherein IP addresses in the first block of IP addresses are not in the range associated with the routing device;
  
  applying a content filter to the first transaction;
  
  determining, based on the applying and in accordance with a predetermined policy, whether the first transaction is allowed;
  
  routing the first transaction to the first destination IP address responsive to determining the first transaction is allowed; and
  
  preventing a routing of the first transaction responsive to determining the first transaction is not allowed.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The device of claim 1, wherein the first detecting and the second detecting are based only on the first source IP address or the first destination IP address respectively.
  - 3. The device of claim 1, wherein the first transaction is routed on a second network path distinct from the first network path if not redirected.
  - 4. The device of claim 1, wherein the IP addresses in the first block of IP addresses are assigned to residential gateways distinct from equipment of subscribers to the network.
  - 5. The device of claim 1, wherein the first transaction is initiated at equipment of a first subscriber to the network, the equipment being coupled to a residential gateway,wherein the first address portion of the first source IP address corresponds to a range of IP addresses, is not specific to the residential gateway, and indicates whether the first source IP address is included in the first block of IP addresses, andwherein the second address portion of the first destination IP address corresponds to a range of IP addresses, is not specific to the destination device, and indicates whether the first destination IP address is included in the first block of IP addresses.
  - 6. The device of claim 5, further comprising:
    - receiving a second transaction destined for the residential gateway,wherein the second transaction is redirected in response to the routing device performing a third detecting that the second destination IP address is included in the first block of IP addresses.
  - 7. The device of claim 6, the operations further comprise:
    - responsive to the routing of the first transaction being prevented, issuing a third transaction directed to the first source IP address indicating that routing of the first transaction was prevented.
  - 8. The device of claim 1, wherein the service comprises a content filtering service, and wherein the policy comprises a parental control policy.
  - 9. The device of claim 8, wherein the parental control policy comprises usage control and management applied to the first transaction.
  - 10. The device of claim 1, wherein the processor is co-located with the routing device.

11. A machine-readable storage medium, comprising executable instructions that, when executed by a processing system including a processor, facilitate performance of operations, comprising:
- receiving, from a routing device of a network via a first network path, a first transaction destined for a destination device on the network, the routing device having a range of IP addresses associated therewith, the first transaction including a first source IP address and a first destination IP address,wherein the first transaction is redirected on the first network path responsive to the routing device performing a first detecting that the first source IP address in the first transaction has a first address portion associated with a first block of IP addresses reserved for a service provided via the processing system, or performing a second detecting that the first destination IP address has a second address portion associated with the first block of IP addresses, wherein IP addresses in the first block of IP addresses are not in the range associated with the routing device,wherein the first transaction is routed on a second network path distinct from the first network path if not redirected;
  
  applying a content filter to the first transaction;
  
  determining, based on the applying and in accordance with a predetermined policy, whether the first transaction is allowed;
  
  routing the first transaction to the first destination IP address responsive to determining the first transaction is allowed; and
  
  preventing a routing of the first transaction responsive to determining the first transaction is not allowed.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The machine-readable storage medium of claim 11, wherein the first detecting and the second detecting are based only on the first source IP address or the first destination IP address respectively.
  - 13. The machine-readable storage medium of claim 11, wherein the IP addresses in the first block of IP addresses are assigned to residential gateways distinct from equipment of subscribers to the network.
  - 14. The machine-readable storage medium of claim 11, wherein the first transaction is initiated at equipment of a first subscriber to the network, the equipment being coupled to a residential gateway,wherein the first address portion of the first source IP address corresponds to a range of IP addresses, is not specific to the residential gateway, and indicates whether the first source IP address is included in the first block of IP addresses, andwherein the second address portion of the first destination IP address corresponds to a range of IP addresses, is not specific to the destination device, and indicates whether the first destination IP address is included in the first block of IP addresses.
  - 15. The machine-readable storage medium of claim 11, wherein the service comprises a content filtering service, and wherein the policy comprises a parental control policy.

16. A method comprising:
- receiving, by a processing system including a processor, from a routing device of a network via a first network path, a first transaction destined for a destination device on the network, the routing device having a range of IP addresses associated therewith, the first transaction including a first source IP address and a first destination IP address,wherein the first transaction is redirected on the first network path responsive to the routing device performing a first detecting that the first source IP address in the first transaction has a first address portion associated with a first block of IP addresses reserved for a service provided via the processing system, or performing a second detecting that the first destination IP address has a second address portion associated with the first block of IP addresses, wherein the IP addresses in the first block of IP addresses are assigned to residential gateways distinct from equipment of subscribers to the network, and wherein IP addresses in the first block of IP addresses are not in the range associated with the routing device;
  
  applying, by the processing system, a content filter to the first transaction;
  
  determining, by the processing system, based on the applying and in accordance with a predetermined policy, whether the first transaction is allowed;
  
  routing, by the processing system, the first transaction to the first destination IP address responsive to determining the first transaction is allowed; and
  
  preventing, by the processing system, a routing of the first transaction responsive to determining the first transaction is not allowed.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The method of claim 16, wherein the first detecting and the second detecting are based only on the first source IP address or the first destination IP address respectively.
  - 18. The method of claim 16, wherein the first transaction is routed on a second network path distinct from the first network path if not redirected.
  - 19. The method of claim 16, wherein the first transaction is initiated at equipment of a first subscriber to the network, the equipment being coupled to a residential gateway,wherein the first address portion of the first source IP address corresponds to a range of IP addresses, is not specific to the residential gateway, and indicates whether the first source IP address is included in the first block of IP addresses, andwherein the second address portion of the first destination IP address corresponds to a range of IP addresses, is not specific to the destination device, and indicates whether the first destination IP address is included in the first block of IP addresses.
  - 20. The method of claim 16, wherein the service comprises a content filtering service, and wherein the policy comprises a parental control policy.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
AT&T Intellectual Property I LP (AT&T, Inc.)
Original Assignee
AT&T Intellectual Property I LP (AT&T, Inc.)
Inventors
HARP, DAVID, BEARDEN, TOBY, GODFREY, JASON M.

Granted Patent

US 10,728,056 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 16/9535   Search customisation based ...

H04L 12/56   Packet switching systems

H04L 45/306   Route determination based o...

H04L 61/5014   using dynamic host configur...

H04L 61/5061   Pools of addresses

H04L 63/0245   Filtering by information in...

H04L 63/168   above the transport layer

SYSTEM AND METHOD OF REDIRECTING INTERNET PROTOCOL TRAFFIC FOR NETWORK BASED PARENTAL CONTROLS

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEM AND METHOD OF REDIRECTING INTERNET PROTOCOL TRAFFIC FOR NETWORK BASED PARENTAL CONTROLS

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links