Method and system for partitioning recursive name servers

US 9,160,623 B2
Filed: 06/23/2014
Issued: 10/13/2015
Est. Priority Date: 12/30/2010
Status: Active Grant

First Claim

Patent Images

1. A method of providing user-based domain name system (DNS) filtering, the method comprising:

provisioning a first name server with a first policy, associated with a first user, for resolving DNS requests;

provisioning a second name server with a second policy, associated with a second user, for resolving DNS requests;

receiving, at the first name server, a first DNS request associated with the first user, wherein the first DNS request comprises a source internet protocol (IP) address and is related to a first website;

determining, at the first name sever, that the first user is allowed access to the first website based on the source IP address and the first policy;

providing a first DNS response that includes an address of the first website;

receiving, at the second name server, a second DNS request associated with the second user, wherein the second DNS request comprises the source IP address and is related to the first website;

determining, at the second name sever, that the second user is not allowed access to the first website based on the source IP address and the second policy; and

providing a second DNS response that includes a different address not associated with the first website.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of applying device preferences to network traffic includes establishing first DNS settings of a first device and establishing second DNS settings of a second device. The first DNS settings are associated with one or more first name servers. The second DNS settings are associated with one or more second name servers. The method also includes transmitting, from the first device, at least a portion of a first DNS query and a public IP address to the first name server. The method further includes transmitting, from the second device, at least a portion of a second DNS query and the public IP address to the second name server.

25 Citations

View as Search Results

14 Claims

1. A method of providing user-based domain name system (DNS) filtering, the method comprising:
- provisioning a first name server with a first policy, associated with a first user, for resolving DNS requests;
  
  provisioning a second name server with a second policy, associated with a second user, for resolving DNS requests;
  
  receiving, at the first name server, a first DNS request associated with the first user, wherein the first DNS request comprises a source internet protocol (IP) address and is related to a first website;
  
  determining, at the first name sever, that the first user is allowed access to the first website based on the source IP address and the first policy;
  
  providing a first DNS response that includes an address of the first website;
  
  receiving, at the second name server, a second DNS request associated with the second user, wherein the second DNS request comprises the source IP address and is related to the first website;
  
  determining, at the second name sever, that the second user is not allowed access to the first website based on the source IP address and the second policy; and
  
  providing a second DNS response that includes a different address not associated with the first website.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the different address comprises an IP address associated with information related to blocking of the first website.
  - 3. The method of claim 2, wherein the information related to blocking of the first website provides an indication of blacklisting of the first website.
  - 4. The method of claim 1, wherein the different address comprise an IP address associated with an nonexistent domain (NXD).
  - 5. The method of claim 1, wherein the first user and second user are associated with a single device, which is in communication with the first name server and the second name server through a router.
  - 6. The method of claim 1, wherein the first name server includes a database including an entry related to the source IP address and the first policy associated with the first user.
  - 7. The method of claim 1, wherein the second name server includes a database including an entry related to the source IP address and the second policy associated with the second user.

8. A system for providing user-based domain name system (DNS) filtering, the system comprising:
- a first name server comprising one or more electronic processors and provisioned with a first policy, associated with a first user, for resolving DNS requests, wherein the first name server operates to perform a method comprising;
  
  receiving a first DNS request associated with the first user, wherein the first DNS request comprises a source internet protocol (IP) address and is related to a first website,determining that the first user is allowed access to the first website based on the source IP address and the first policy, andproviding a first DNS response that includes an address of the first website; and
  
  a second name server comprising one or more electronic processors and provisioned with a second policy, associated with a second user, for resolving DNS requests, wherein the second name server operates to perform a method comprising;
  
  receiving a second DNS request associated with the second user, wherein the second DNS request comprises the source IP address and is related to the first website,determining that the second user is not allowed access to the first website based on the source IP address and the second policy, andproviding a second DNS response that includes a different address not associated with the first website.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The system of claim 8, wherein the different address comprises an IP address associated with information related to blocking of the first website.
  - 10. The system of claim 9, wherein the information related to blocking of the first website provides an indication of blacklisting of the first website.
  - 11. The system of claim 8, wherein the different address comprise an IP address associated with an nonexistent domain (NXD).
  - 12. The system of claim 8, wherein the first user and second user are associated with a single device, which is in communication with the first name server and the second name server through a router.
  - 13. The system of claim 8, wherein the first name server comprises a database including an entry related to the source IP address and the first policy associated with the first user.
  - 14. The system of claim 8, wherein the second name server comprises a database including an entry related to the source IP address and the second policy associated with the second user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
VeriSign, Inc.
Original Assignee
VeriSign, Inc.
Inventors
Courtney, Scott Brian, Gould, James Fred
Primary Examiner(s)
Joo, Joshua

Application Number

US14/312,660
Publication Number

US 20140304378A1
Time in Patent Office

477 Days
Field of Search

None
US Class Current

1/1
CPC Class Codes

H04L 41/0803   Configuration setting

H04L 61/4511   using domain name system [DNS]

H04L 63/0227   Filtering policies mail mes...

H04L 63/102   Entity profiles

H04L 63/145   the attack involving the pr...

H04L 67/303   Terminal profiles

H04L 67/63   Routing a service request d...

Method and system for partitioning recursive name servers

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

25 Citations

14 Claims

Specification

Use Cases

Quick Links

Others

Method and system for partitioning recursive name servers

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

25 Citations

14 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others