Proxy based network communications

US 9,444,903 B2
Filed: 06/04/2012
Issued: 09/13/2016
Est. Priority Date: 06/02/2011
Status: Active Grant

First Claim

Patent Images

1. A method performed by a network communication system, the network communication system including a client device and a server system having a plurality of servers, the method comprising:

receiving session information at a first server of the server system from a client device via a wide area network, the session information indicating one or more user selections with respect to a location identifying preference of a user of the client device;

storing the session information received from the client device in a user account at a storage device of the server system;

receiving, at the client device, an encrypted first message indicating one or more proxy addresses and one or more selection parameters from the server system over the wide area network, each proxy address corresponding to a respective proxy server of the server system;

decrypting, at the client device, the encrypted first message to obtain a decrypted first message;

storing the one or more proxy addresses and one or more selection parameters in a storage device of the client device;

selecting, at the client device, a proxy server from the one or more proxy addresses stored in the storage device of the client device using the one or more selection parameters stored in the storage device of the client device;

initiating authentication of a user of the client device with the selected proxy server, said authentication enabling the selected proxy server to retrieve the session information from the user account;

sending, from the client device, an encrypted second message to the selected proxy server indicating a destination third-party network server, the encrypted second message including a search query message;

receiving the encrypted second message including the search query message at the selected proxy server from the client device via the wide area network, the search query message indicating a destination search service of a third-party network server;

processing the search query message at the selected proxy server or the server system according to user selections stored in and retrieved from the user account to obtain a modified search query message in which;

responsive to a first user selection of the user selections, modifying the search query message at the selected proxy server or the server system according to a first policy in which at least a geographic location specificity of the client device is altered within the modified search query message, andresponsive to a second user selection of the user selections, modifying the search query message at the selected proxy server or the server system according to a second policy in which at least a geographic location of the client device is altered within the modified search query message to indicate a fictitious geographic location of the client device; and

sending the modified search query message from the selected proxy server to the destination search service of the third-party network server via the wide area network.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention is a proxy based network communication system and method that incorporates one or more proxy servers that may be non-static, dynamic proxy servers, operable to automatically identify aspects of a user'"'"'s network environment and details of the servers in said network and to set-up and configure software to be utilized by a user without user input of details of the user'"'"'s network environment. These operations of the present invention may be undertaken at a point of user setup and reinitiated upon recognition of a communication problem, The present invention may further be operable to allow a user to access only the part of the network to which the user requires access, and to prevent the user from accessing other parts of the network. The present invention therefore provides a secure environment by implementing changing proxy servers rather than static proxy servers and restricting user access within the network on a need-for-access basis.

124 Citations

20 Claims

1. A method performed by a network communication system, the network communication system including a client device and a server system having a plurality of servers, the method comprising:
- receiving session information at a first server of the server system from a client device via a wide area network, the session information indicating one or more user selections with respect to a location identifying preference of a user of the client device;
  
  storing the session information received from the client device in a user account at a storage device of the server system;
  
  receiving, at the client device, an encrypted first message indicating one or more proxy addresses and one or more selection parameters from the server system over the wide area network, each proxy address corresponding to a respective proxy server of the server system;
  
  decrypting, at the client device, the encrypted first message to obtain a decrypted first message;
  
  storing the one or more proxy addresses and one or more selection parameters in a storage device of the client device;
  
  selecting, at the client device, a proxy server from the one or more proxy addresses stored in the storage device of the client device using the one or more selection parameters stored in the storage device of the client device;
  
  initiating authentication of a user of the client device with the selected proxy server, said authentication enabling the selected proxy server to retrieve the session information from the user account;
  
  sending, from the client device, an encrypted second message to the selected proxy server indicating a destination third-party network server, the encrypted second message including a search query message;
  
  receiving the encrypted second message including the search query message at the selected proxy server from the client device via the wide area network, the search query message indicating a destination search service of a third-party network server;
  
  processing the search query message at the selected proxy server or the server system according to user selections stored in and retrieved from the user account to obtain a modified search query message in which;
  
  responsive to a first user selection of the user selections, modifying the search query message at the selected proxy server or the server system according to a first policy in which at least a geographic location specificity of the client device is altered within the modified search query message, andresponsive to a second user selection of the user selections, modifying the search query message at the selected proxy server or the server system according to a second policy in which at least a geographic location of the client device is altered within the modified search query message to indicate a fictitious geographic location of the client device; and
  
  sending the modified search query message from the selected proxy server to the destination search service of the third-party network server via the wide area network.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The method of claim 1, wherein the first server that receives the session information is a proxy server of the server system, and wherein storing the session information at the storage device of the server system includes storing the session information at a local storage device of the proxy server and/or storing the session information in a remote storage device of another server of the server system.
  - 3. The method of claim 1, wherein the first server that receives the session information is a different server than the selected proxy server, and wherein storing the session information at the storage device of the server system includes storing the session information at a remote storage device relative to the selected proxy server, and wherein retrieving the session information includes transmitting the session information from another server of the server system to the selected proxy server for use in processing the search query message.
  - 4. The method of claim 1, further comprising:
    - receiving a response message at the selected proxy server from the destination search service of the third-party network server via the wide area network; and
      
      forwarding the response messages from the selected proxy server to the client device via the wide area network.
  - 5. The method of claim 4, further comprising:
    - processing the search query message at the proxy server or the server system by decrypting the encrypted second message prior to sending the modified search query to the destination search service; and
      
      encrypting, at the proxy server or the server system, the response message received from the destination search service prior to forwarding the response message from the proxy server to the client device.
  - 6. The method of claim 1, wherein the first user selection indicates a location specificity value to be applied by the proxy server or the server system to the geographic location of the client device and/or indicates a user selection of the first policy.
  - 7. The method of claim 6, wherein the location specificity value includes at least three levels of location specificity having different breadth relative to each other that are selectable by the user to be applied at the proxy server or the server system to the geographic location of the client device.
  - 8. The method of claim 1, wherein the second user selection indicates the fictitious geographic location to be applied by the proxy server or the server system and/or wherein the second user selection indicates a user selection of the second policy.
  - 9. The method of claim 1, further comprising:
    - sending the encrypted first message from the server system to the client device via the wide area network.
  - 10. The method of claim 9, wherein the one or more selection parameters of the encrypted first message are utilized by a selection algorithm of a browser program operating at the client device to select the proxy server.
  - 11. The method of claim 10, wherein the one or more user selections and the search query message are initiated at the client device by the user via a graphical user interface containing one or more respective selectors presented by the browser program.
  - 12. The method of claim 1, further comprising:
    - receiving an indication of an update to the one or more proxy addresses and/or one or more selection parameters at the selected proxy server from another server of the server system; and
      
      responsive to the indication of the update, sending an updated set of one or more proxy addresses and/or one or more updated selection parameters from the selected proxy server to the client device to augment the one or more proxy addresses and/or one or more selection parameters previously received by the client device; and
      
      wherein the updated set of one or more proxy addresses and/or one or more updated selection parameters are utilized by a selection algorithm of a browser program operating at the client device to select another proxy server of the server system.
  - 13. The method of claim 1, further comprising:
    - authenticating the client device at the server system prior to storing the session information received from the client device in the user account and prior to processing the search query message.

14. A network communication system, comprising:
- a client device having a processor and a storage device that includes a program executable by the processor of the client device to;
  
  receive a first set of one or more encrypted messages indicating one or more proxy addresses and one or more selection parameters over a wide area network, each proxy address corresponding to a respective proxy server of a server system,decrypt the first set of one or more encrypted messages to obtain a first set of one or more decrypted messages,store the one or more proxy addresses and one or more selection parameters in the storage device of the client device,select a proxy server from the one or more proxy addresses stored in the storage device of the client device using the one or more selection parameters stored in the storage device of the client device,initiate authentication of a user of the client device with the selected proxy server, the authentication enabling the selected proxy server to retrieve session information from a user account, the session information indicating one or more user selections with respect to a location identifying preference of the user of the client device, andsend an encrypted second message to the selected proxy server indicating a destination third-party network server; and
  
  the server system including a coordinating server and a plurality of proxy servers including the selected proxy server in communication with the coordinating server via a communications network in which the selected proxy server includes instructions stored thereon executable by the selected-proxy server to;
  
  authenticate the client device communicating with selected proxy server via the wide area network,receive session information from the client device via the wide area network after said authenticationsend the session information received from the client device to the coordinating server for storage in a user account at a remote storage device of the coordinating server,receive the encrypted second message from the client device via the wide area network after said authentication or a subsequent authentication of the client device,decrypt the encrypted second message to obtain a decrypted second message,process the decrypted second message according to the one or more user selections stored in and retrieved from the user account at the remote storage device of the coordinating server or from a local storage device of selected proxy server to modify the decrypted second message in which;
  
  responsive to a first user selection, the decrypted second message is modified according to a first policy in which at least a geographic location specificity of the client device is altered within the first modified message, andresponsive to a second user selection, the decrypted second message is modified according to a second policy in which at least a geographic location of the client device is altered within the modified message to indicate a fictitious geographic location of the client device; and
  
  send the modified message to the third-party network server via the wide area network.
- View Dependent Claims (15, 16, 17)
- - 15. The network communication system of claim 14, wherein the first user selection indicates a location specificity value to be applied by the selected proxy server to the geographic location of the client device and/or indicates a user selection of the first policy, the location specificity value including at least three levels of location specificity having different breadth relative to each other that are selectable by the user to be applied at the selected proxy server to the geographic location of the client device.
  - 16. The network communication system of claim 15, wherein the second user selection indicates the fictitious geographic location to be applied by the selected proxy server and/or indicates a user selection of the second policy.
  - 17. The network communication system of claim 16, wherein the selected proxy server further includes instructions executable by the selected proxy server to:
    - receive one or more proxy addresses and one or more selection parameters from the coordinating server; and
      
      send the one or more proxy addresses and/or one or more selection parameters to an authenticated client device to be utilized by a selection algorithm of a browser program operating at that authenticated client device to select a different proxy server of the plurality of proxy servers through which that authenticated client device communicates with third-party network servers.

18. A network communication system, comprising:
- a client device having a processor and a storage device that includes a program executable by the processor to;
  
  receive an encrypted first message indicating one or more proxy addresses and one or more selection parameters from a server device over a wide area network, each proxy address corresponding to a respective proxy server of a server system of which the server device is a member;
  
  decrypt the encrypted first message to obtain a decrypted first message;
  
  store the one or more proxy addresses and one or more selection parameters in the storage device of the client device;
  
  select a proxy server from the one or more proxy addresses stored in the storage device using the one or more selection parameters stored in the storage device;
  
  initiate authentication of a user of the client device with the selected proxy server, the authentication enabling the proxy server to retrieve session information from a user account, the session information indicating one or more user selections with respect to a location identifying preference of the user of the client device;
  
  send an encrypted second message to the selected proxy server indicating a destination third-party network server in which the selected proxy server processes the second message according to the one or more user selections retrieved from the user account to modify the second message in which;
  
  responsive to a first user selection of the one or more user selections, the second message is modified according to a first policy in which at least a geographic location specificity of the client device is altered within the modified second message forwarded by the selected proxy server to the destination third-party network server, andresponsive to a second user selection of the one or more user selections, the second message is modified according to a second policy in which at least a geographic location of the client device is altered within the modified second message to indicate a fictitious geographic location of the client device within the modified second message forwarded by the selected proxy server to the destination third-party network server.
- View Dependent Claims (19, 20)
- - 19. The network communication system of claim 18, wherein the program is further executable by the processor to:
    - initiate authentication of the user of the client device with the server system via the wide area network;
      
      present a graphical user interface at the client device after the authentication with the server system, the graphical user interface including one or more selectors corresponding to the one or more user selections;
      
      receive a user input directed at the one or more selectors;
      
      send the user input to the server system via the wide area network as a third message indicating the one or more user selections for storage in the user account.
  - 20. The network communication system of claim 18, wherein the program includes a browser program and additional software components including one or more of a system driver or plug-in for the browser program.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Gen Digital Inc.
Original Assignee
SurfEasy, Inc. (Gen Digital Inc.)
Inventors
Nuaimi, Athir, Houston, Chris, Rose, Kenneth, Ziegler, Austin
Primary Examiner(s)
Mejia, Anthony

Application Number

US14/123,221
Publication Number

US 20140122580A1
Time in Patent Office

1,562 Days
Field of Search

709/203
US Class Current

1/1
CPC Class Codes

H04L 2463/082   applying multi-factor authe...

H04L 41/0806   for initial configuration o...

H04L 41/0886   Fully automatic configuration

H04L 63/0281   Proxies

H04L 63/083   using passwords cryptograph...

H04L 63/102   Entity profiles

H04L 63/166   at the transport layer

H04L 67/34   involving the movement of s...

H04L 67/56   Provisioning of proxy servi...

H04L 67/564   Enhancement of application ...

Proxy based network communications

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

124 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Proxy based network communications

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

124 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links