Network system
First Claim
Patent Images
1. A network system comprising:
- a client which sends an access request to a server;
the server which receives the access request from the client and distributes content;
application servers, each of which performs, upon reception of content, additional processing of the content and returns processed content and data to a unit that sent the content to it;
a proxy server which relays data to be communicated between the client and the server, said proxy server comprising;
a unit that relays communication data which receives the access request from the client and forwards it to the server and receives the content from the server,a unit that calls out application server which receives content from the unit that relays communication data, encapsulates the content into a predetermined format message, forwards the message to one of the application servers, and receives the content and result of additional processing performed by the application server,wherein the unit that relays communication data sends data based on the result to the client,wherein the unit that relays communication data caches the content sent back from the server, and, when having received a request for access to the cached content from the client, sends back the cached content to the client if it is within its expiry date which has been indicated by the metadata of the content or set on the proxy server beforehand, andwherein the unit that relays communication data caches the processed content received from one of the application servers or content retrieved via the network, according to information indicating a processed content location on the network;
a content registration server which accepts content from a content manager;
a content registrant terminal on which a program runs to provide an interface for registering content with the content registration server;
a content verification server which receives content from the content registration server and checks the content data by a predetermined method;
wherein the content registration server creates signed content by attaching a signature to content received from the content registrant terminal if the content verification server has verified that the content satisfies predetermined conditions;
wherein one of the application servers is a signature verification server which verifies the signature of the signed content, said signature verification server comprising;
a unit that acquires signatures which takes out a signature from signed content that is unverified received from the proxy server,a unit that verifies certificates which verifies the validity of a public key certificate to be used for verifying the signature;
a certificate revocation list database for management of a certificate revocation list to be used for verifying the validity of a public key certificate,a unit that verifies signatures for verifying signatures;
a registration database for storing registration information per content ID included in a signature, anda unit that manages registration information for managing the registration information per content ID;
the server stores the signed content created by the content registration server;
the proxy server forwards the signed content received from the server to the signature verification server and determines whether the signed content should be sent to the client, according to the result of verification returned; and
wherein the signature verification server communicates with the content registration server so that the registration database is synchronized with the same database on the content registration server.
1 Assignment
0 Petitions
Accused Products
Abstract
A network system having a client, a content server, application servers and a proxy server is described. The proxy server relays content and data between the client, the content server and the application servers upon a request for content from the client. The application servers process the requested content in accordance with pre-established signature and content verification requirements before the content is relayed to the client. The applications servers also provide signature and content verification management for the network.
105 Citations
2 Claims
-
1. A network system comprising:
-
a client which sends an access request to a server; the server which receives the access request from the client and distributes content; application servers, each of which performs, upon reception of content, additional processing of the content and returns processed content and data to a unit that sent the content to it; a proxy server which relays data to be communicated between the client and the server, said proxy server comprising; a unit that relays communication data which receives the access request from the client and forwards it to the server and receives the content from the server, a unit that calls out application server which receives content from the unit that relays communication data, encapsulates the content into a predetermined format message, forwards the message to one of the application servers, and receives the content and result of additional processing performed by the application server, wherein the unit that relays communication data sends data based on the result to the client, wherein the unit that relays communication data caches the content sent back from the server, and, when having received a request for access to the cached content from the client, sends back the cached content to the client if it is within its expiry date which has been indicated by the metadata of the content or set on the proxy server beforehand, and wherein the unit that relays communication data caches the processed content received from one of the application servers or content retrieved via the network, according to information indicating a processed content location on the network; a content registration server which accepts content from a content manager; a content registrant terminal on which a program runs to provide an interface for registering content with the content registration server; a content verification server which receives content from the content registration server and checks the content data by a predetermined method; wherein the content registration server creates signed content by attaching a signature to content received from the content registrant terminal if the content verification server has verified that the content satisfies predetermined conditions; wherein one of the application servers is a signature verification server which verifies the signature of the signed content, said signature verification server comprising; a unit that acquires signatures which takes out a signature from signed content that is unverified received from the proxy server, a unit that verifies certificates which verifies the validity of a public key certificate to be used for verifying the signature; a certificate revocation list database for management of a certificate revocation list to be used for verifying the validity of a public key certificate, a unit that verifies signatures for verifying signatures; a registration database for storing registration information per content ID included in a signature, and a unit that manages registration information for managing the registration information per content ID; the server stores the signed content created by the content registration server; the proxy server forwards the signed content received from the server to the signature verification server and determines whether the signed content should be sent to the client, according to the result of verification returned; and wherein the signature verification server communicates with the content registration server so that the registration database is synchronized with the same database on the content registration server.
-
-
2. A network system comprising:
-
a client which sends an access request to a server; the server which receives the access request from the client and distributes content; application servers, each of which performs, upon reception of content, additional processing of the content and returns processed content and data to a unit that sent the content to it; a proxy server which relays data to be communicated between the client and the server, said proxy server comprising; a unit that relays communication data which receives the access request from the client and forwards it to the server and receives the content from the server, a unit that calls out application server which receives content from the unit that relays communication data, encapsulates the content into a predetermined format message, forwards the message to one of the application servers, and receives the content and result of additional processing performed by the application server, wherein the unit that relays communication data sends data based on the result to the client, wherein the unit that relays communication data caches the content sent back from the server, and, when having received a request for access to the cached content from the client, sends back the cached content to the client if it is within its expiry date which has been indicated by the metadata of the content or set on the proxy server beforehand, and wherein the unit that relays communication data caches the processed content received from one of the application servers or content retrieved via the network, according to information indicating a processed content location on the network; a content registration server which accepts content from a content manager; a content registrant terminal on which a program runs to provide an interface for registering content with the content registration server; a content verification server which receives content from the content registration server and checks the content data by a predetermined method; wherein the content registration server creates signed content by attaching a signature to content received from the content registrant terminal if the content verification server has verified that the content satisfies predetermined conditions; wherein one of the application servers is a signature verification server which verifies the signature of the signed content; the server stores the signed content created by the content registration server; the proxy server forwards the signed content received from the server to the signature verification server and determines whether the signed content should be sent to the client, according to the result of verification returned; wherein a signature to a second content item is included in a first content item; when verifying the first content item, the signature verification server stores the signature of the second content item included in the first content item; and when verifying the second content item, the signature verification server performs verification, using the stored signature of the second content item.
-
Specification