Secure content delivery system

US 8,341,278 B2
Filed: 06/21/2010
Issued: 12/25/2012
Est. Priority Date: 11/22/1999
Status: Expired due to Fees

First Claim

Patent Images

1. A process for secure content delivery, comprising:

(a) providing a plurality of caching servers connected to a network that cache customer content, the plurality of caching servers responding to requests for customer content, wherein the customer is a customer of a service that manages the plurality of caching servers;

(b) at a given caching server in the plurality of caching servers, receiving from a client a request for content at a Universal Resource Locator (URL),wherein the URL is a URL that, in a separate process, was provided to the client by a customer-managed server and includes an authorization value that was inserted into the URL by the customer-managed server after authorizing the client for access to customer content;

(c) verifying the authorization value in the URL on the given caching server;

(d) sending the customer content to the client if the authorization value in the URL is valid;

(e) not sending the customer content to the client if the authorization value in the URL is invalid.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A secure streaming content delivery system provides a plurality of content servers connected to a network that host customer content that can be cached and/or stored, e.g., images, video, text, and/or software. The content servers respond to requests for customer content from users. The invention load balances user requests for cached customer content to the appropriate content server. A user makes a request to a customer'"'"'s server/authorization server for delivery of the customer'"'"'s content. The authorization server checks if the user is authorized to view the requested content. If the user is authorized, then the authorization server generates a hash value using the authorization server'"'"'s secret key, the current time, a time-to-live value, and any other information that the customer has configured, and embeds it into the URL which is passed to the user. A content server receives a URL request from the user for customer content cached on the content server. The request is verified by the content server creating its own hash value using the customer server'"'"'s secret key, the current time, a time-to-live value, and any other related information configured for the customer. If the hash value from the URL matches the content server'"'"'s generated hash value, then the user'"'"'s request is valid and within the expiration time period and the content server delivers the requested content to the user.

60 Citations

View as Search Results

20 Claims

1. A process for secure content delivery, comprising:
- (a) providing a plurality of caching servers connected to a network that cache customer content, the plurality of caching servers responding to requests for customer content, wherein the customer is a customer of a service that manages the plurality of caching servers;
  
  (b) at a given caching server in the plurality of caching servers, receiving from a client a request for content at a Universal Resource Locator (URL),wherein the URL is a URL that, in a separate process, was provided to the client by a customer-managed server and includes an authorization value that was inserted into the URL by the customer-managed server after authorizing the client for access to customer content;
  
  (c) verifying the authorization value in the URL on the given caching server;
  
  (d) sending the customer content to the client if the authorization value in the URL is valid;
  
  (e) not sending the customer content to the client if the authorization value in the URL is invalid.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The process of claim 1, wherein the authorization value is based at least in part on a timestamp in addition to a secret key.
  - 3. The process of claim 1, wherein the authorization value is based at least in part on a time-to-live value in addition to a secret key.
  - 4. The process of claim 1, wherein the authorization value is based at least in part on a secret key.
  - 5. The process of claim 1, wherein the URL is a time-limited URL.
  - 6. The process of claim 1, wherein the authorization value comprises a hash value.
  - 7. The process of claim 1, wherein verifying the authorization value includes determining whether the given caching server'"'"'s current time is within a specified time-to-live.

8. A system of computers connected via a network for securely delivering content to requesting clients, comprising:
- a plurality of caching servers caching customer content, the plurality of caching servers responding to requests for customer content, wherein the customer is a customer of a service that manages the plurality of caching servers, and each of the plurality of caching servers comprises one or more hardware processors and computer memory holding instructions to be executed by the one or more processors;
  
  a customer-managed server that receives a request from a client for access to customer content, authorizes the client for such access, and sends the client a Universal Resource Locator (URL) that includes an authorization value;
  
  a given cache server in the plurality of caching servers that receives from the client a request for content at the URL;
  
  the given cache server verifying the authorization value in the URL;
  
  the given cache server sending the customer content to the client if the authorization value in the URL is valid;
  
  the given cache server not sending the customer content to the client if the authorization value in the URL is invalid.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The system of claim 8, wherein the authorization value is based at least in part on a timestamp from the customer-managed server in addition to a secret key.
  - 10. The system of claim 8, wherein the authorization value is based at least in part on a time-to-live value in addition to a secret key.
  - 11. The system of claim 8, wherein the authorization value is based at least in part on a secret key.
  - 12. The system of claim 8, wherein the URL is a time-limited URL.
  - 13. The system of claim 8, wherein the authorization value comprises a hash value.
  - 14. The system of claim 8, wherein the given cache server verifies the authorization value at least in part by determining whether the given caching server'"'"'s current time is within a specified time-to-live.

15. Apparatus for secure content delivery, comprising:
- a content server that is a part of a network of content servers that deliver customer content, the customer being a customer of a service that manages the network of content servers, the content server having one or more hardware processors and computer memory holding instructions to be executed by the one or more processors that will cause the content server to;
  
  (a) receive from a client a request for content at a Universal Resource Locator (URL),wherein the URL is a URL that was provided to the client by a customer-managed server and includes an authorization value that was inserted into the URL by the customer-managed server after authorizing the client for access to customer content;
  
  (b) verify the authorization value in the URL;
  
  (c) send the customer content to the client if the authorization value in the URL is valid;
  
  (d) not send the customer content to the client if the authorization value in the URL is invalid.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The apparatus of claim 15, wherein the authorization value is based at least in part on a timestamp in addition to a secret key.
  - 17. The apparatus of claim 15, wherein the authorization value is based at least in part on a time-to-live value in addition to a secret key.
  - 18. The apparatus of claim 15, wherein the authorization value is based at least in part on a secret key.
  - 19. The apparatus of claim 15, wherein the URL is a time-limited URL.
  - 20. The apparatus of claim 15, wherein the content server comprises a cache that stores customer content.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Akamai Technologies, Inc.
Original Assignee
Akamai Technologies, Inc.
Inventors
Tewari, Anoop Kailasnath, Garg, Vikas, Swildens, Eric Sven-Johan
Primary Examiner(s)
SALAD, ABDULLAHI ELMI

Application Number

US12/820,025
Publication Number

US 20100299722A1
Time in Patent Office

918 Days
Field of Search

709217-219, 709/223, 709/225, 709/229, 726 3- 4
US Class Current

709/229
CPC Class Codes

H04L 12/14   Charging , metering or bill...

H04L 61/4511   using domain name system [DNS]

H04L 61/4541   Directories for service dis...

H04L 63/0428   wherein the data content is...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/08   for authentication of entit...

H04L 63/10   for controlling access to d...

H04L 63/104   Grouping of entities

H04L 63/126   the source of the received ...

H04L 67/02   based on web technology, e....

H04L 67/06   specially adapted for file ...

H04L 67/1001   for accessing one among a p...

H04L 67/1008   based on parameters of serv...

H04L 67/101   based on network conditions

H04L 67/1014   based on the content of a r...

H04L 67/1023   based on a hash applied to ...

H04L 67/1027   Persistence of sessions dur...

H04L 67/1095   Replication or mirroring of...

H04L 67/5682   Policies or rules for updat...

H04L 69/329   in the application layer [O...

Secure content delivery system

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

60 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Secure content delivery system

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

60 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links