Network security load balancing

US 9,264,409 B2
Filed: 05/14/2012
Issued: 02/16/2016
Est. Priority Date: 05/14/2012
Status: Active Grant

First Claim

Patent Images

1. A website hosting system, comprising:

a request routing node; and

a plurality of security termination nodes coupled to the request routing node,wherein each security termination node is configured to secure connections between servers hosting websites and customers of the websites in accordance with a predetermined quality of service level,wherein the request routing node balances incoming requests for secure websites among the security termination nodes based on an application-specific parameter,wherein the request routing node is configured to change the predetermined quality of service level based on the application-specific parameter,wherein the application-specific parameter comprises a previously specified service tier assigned to a user of the system,wherein the previously specified service tier comprises one of three different tiers,wherein the three different tiers comprise a first tier associated with a lowest quality of service level, a second tier associated with a medium quality of service level, and a third tier associated with a highest quality of service level, andwherein the request routing node is configured to change the predetermined quality of service level based on the application-specific parameter comprises the request routing node being configured to temporarily increase the predetermined quality of service level for a programmable period of time and then lower the predetermined quality of service level after the programmable period of time has passed.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A website hosting system includes a request routing node and a plurality of security termination nodes coupled to the request routing node. Each security termination node is configured to secure connections between servers hosting websites and customers of the websites in accordance with a predetermined quality of service level. The request routing node balances incoming requests for secure websites among the security termination nodes based on an application-specific parameter (e.g., quantity of items in a product catalog, location, etc.).

11 Citations

View as Search Results

25 Claims

1. A website hosting system, comprising:
- a request routing node; and
  
  a plurality of security termination nodes coupled to the request routing node,wherein each security termination node is configured to secure connections between servers hosting websites and customers of the websites in accordance with a predetermined quality of service level,wherein the request routing node balances incoming requests for secure websites among the security termination nodes based on an application-specific parameter,wherein the request routing node is configured to change the predetermined quality of service level based on the application-specific parameter,wherein the application-specific parameter comprises a previously specified service tier assigned to a user of the system,wherein the previously specified service tier comprises one of three different tiers,wherein the three different tiers comprise a first tier associated with a lowest quality of service level, a second tier associated with a medium quality of service level, and a third tier associated with a highest quality of service level, andwherein the request routing node is configured to change the predetermined quality of service level based on the application-specific parameter comprises the request routing node being configured to temporarily increase the predetermined quality of service level for a programmable period of time and then lower the predetermined quality of service level after the programmable period of time has passed.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The system of claim 1, wherein the request routing node is configured to change the predetermined quality of service level based on the application-specific parameter comprises the request routing node being configured to change the predetermined quality of service level when a status associated with the application-specific parameter exceeds a predetermined threshold value, and wherein the application-specific parameter comprises a rate or volume of traffic.
  - 3. The system of claim 1, wherein the application-specific parameter is an indicator of geographical location, and wherein the predetermined quality of service level for a first geographical location is increased and the predetermined quality of service level for a second geographical location is decreased.
  - 4. The system of claim 1, wherein the application-specific parameter is a quantity of items in a catalog offered for sale by the application, and wherein the predetermined quality of service level is increased as the quantity of items in the catalog is increased.
  - 5. The system of claim 1, wherein the application-specific parameter comprises a time zone, and wherein different time zones are associated with different quality of service levels.
  - 6. The system of claim 1, wherein each security termination node implements a Secure Socket Layer (SSL) protocol.
  - 7. The system of claim 1 further comprising a plurality of websites hosted by the system, wherein each website is assigned a unique Internet Protocol (IP) address, and wherein the plurality of websites comprises websites that sell goods, sell services, and provide information.
  - 8. The system of claim 1, wherein the quality of service comprises processing speed, throughput, and number of processing nodes.

9. A method comprising:
- receiving a request for a secure connection from a browser, wherein the secure connection is in accordance with a predetermined quality of service level;
  
  determining which of a plurality of security termination nodes to assign the request for the secure connection based on an application-specific parameter, wherein the predetermined quality of service level is changed based on the application-specific parameter; and
  
  transmitting the request to the determined security termination node,wherein determining which of the plurality of security termination nodes further comprises determining a previously specified service tier assigned to a user of a network security load balancing system,wherein the previously specified service tier comprises one of three different tiers,wherein the three different tiers comprise a first tier associated with a lowest quality of service level, a second tier associated with a medium quality of service level, and a third tier associated with a highest quality of service level, andwherein the predetermined quality of service level is changed based on the application-specific parameter comprises the predetermined quality of service level being temporarily increased for a programmable period of time and then being lowered after the programmable period of time has passed.
- View Dependent Claims (10, 11, 12, 13)
- - 10. The method of claim 9, wherein the application-specific parameter is indicative of rate of network traffic or volume of network traffic, wherein determining which of the plurality of security termination nodes further comprises determining whether the rate or volume of traffic exceeds a threshold, and wherein the quality of service level is increased when the rate or volume of traffic exceeds the threshold.
  - 11. The method of claim 9, wherein determining which of the plurality of security termination nodes further comprises determining the application-specific parameter is a quality of service level.
  - 12. The method of claim 9, wherein determining which of the plurality of security termination nodes further comprises determining the application-specific parameter is a quantity of items in a catalog offered for sale by an application, and wherein the quality of service level is increased as the quantity of items in the catalog is increased.
  - 13. The method of claim 9, wherein the determined security termination node implements Secure Socket Layer (SSL) verification.

14. A non-transitory computer-readable medium storing instructions that, when executed by a processor, causes the processor to:
- receive a request for a secure connection, wherein the secure connection is in accordance with a predetermined quality of service level;
  
  determine which of a plurality of security termination nodes to assign the request based on an application-specific parameter, wherein the predetermined quality of service level is changed based on the application-specific parameter; and
  
  transmit the request to the determined security termination node,wherein the instructions further cause the processor to determine that the application-specific parameter is a previously specified service tier assigned to a user of a system,wherein the previously specified service tier comprises one of three different tiers,wherein the three different tiers comprise a first tier associated with a lowest quality of service level, a second tier associated with a medium quality of service level, and a third tier associated with a highest quality of service level, andwherein the predetermined quality of service level is changed based on the application-specific parameter comprises the predetermined quality of service level being temporarily increased for a programmable period of time and then being lowered after the programmable period of time has passed.
- View Dependent Claims (15, 16, 17, 18, 19)
- - 15. The non-transitory computer-readable medium of claim 14, wherein the application-specific parameter is indicative of rate of network traffic or volume of network traffic, wherein the instructions cause the processor to determine which of the plurality of security termination nodes to assign the request by determining whether the rate or volume of traffic exceeds a threshold, and wherein the predetermined quality of service level is increased when the rate or volume of traffic exceeds the threshold.
  - 16. The non-transitory computer-readable medium of claim 14, wherein the instructions further cause the processor to determine the application-specific parameter is a quality of service level.
  - 17. The non-transitory computer-readable medium of claim 14, wherein the instructions further cause the processor to determine the application-specific parameter is a geographical location, and wherein different geographical locations are associated with different predetermined quality of service levels.
  - 18. The non-transitory computer-readable medium of claim 14, wherein the instructions further cause the processor to determine the application-specific parameter is a quantity of items in a catalog offered for sale by an application, and wherein the predetermined quality of service level is increased as the quantity of items in the catalog is increased.
  - 19. The non-transitory computer-readable medium of claim 14, wherein the instructions further cause the processor to trigger the determined security termination node to implement Secure Socket Layer (SSL) verification.

20. A web-site hosting system, comprising:
- a request router;
  
  a plurality of secure termination nodes coupled to the request router, wherein each secure termination node creates secure connections between browsers and web servers based on certificates based on a predetermined level of service, wherein the request router balances incoming requests for security certificate verification among the security termination nodes based on an application-specific parameter;
  
  a load balancer coupled to the plurality of secure termination nodes; and
  
  a plurality of application servers coupled to the load balancer, wherein the load balancer balances web page access requests among the application servers,wherein the web-hosting system is configured to host a plurality of websites,wherein each website has its own unique Internet Protocol (IP) address,wherein the request router is configured to change the predetermined level of service based on the application-specific parameter,wherein the application-specific parameter comprises a previously specified service tier assigned to a user of the system,wherein the previously specified service tier comprises one of three different tiers,wherein the three different tiers comprise a first tier associated with a lowest quality of service level, a second tier associated with a medium quality of service level, and a third tier associated with a highest quality of service level, andwherein the request router is configured to change the predetermined quality of service level based on the application-specific parameter comprises the request router being configured to temporarily increase the predetermined quality of service level for a programmable period of time and then lower the predetermined quality of service level after the programmable period of time has passed.
- View Dependent Claims (21, 22, 23, 24, 25)
- - 21. The system of claim 20, wherein the application-specific parameter comprises a rate or volume of traffic, and wherein the predetermined level of service is increased as the rate or volume of traffic is increased.
  - 22. The system of claim 20, wherein the application-specific parameter is an indicator of geographical location, and wherein different geographical locations are associated with different predetermined levels of service.
  - 23. The system of claim 20, wherein the application-specific parameter is a quantity of items in a catalog offered for sale by the application, and wherein the predetermined level of service is increased as the quantity of items in the catalog is increased.
  - 24. The system of claim 20, wherein at least one secure termination node implements Secure Socket Layer (SSL) verification.
  - 25. The system of claim 20, wherein the secure termination node is a Secure Socket Layer (SSL) termination node.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Volusion, LLC
Original Assignee
Volusion Incorporated (Volusion, LLC)
Inventors
Sproles, Kevin, Turner, William
Primary Examiner(s)
TRAN, ELLEN C

Application Number

US13/470,702
Publication Number

US 20130305038A1
Time in Patent Office

1,373 Days
Field of Search

713/152, 713/156, 713/175
US Class Current

1/1
CPC Class Codes

H04L 63/0485   Networking architectures fo...

H04L 63/168   above the transport layer

H04L 67/1001   for accessing one among a p...

Network security load balancing

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

11 Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

Network security load balancing

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

11 Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links