System for providing DNS-based policies for devices
First Claim
1. A system for providing DNS-based policies for devices, the system comprising:
- a DNS engine operable to receive a DNS query from an individual device via a gateway associated with the individual device, the DNS query including at least one of;
(i) a unique gateway identifier associated with the gateway and (ii) a unique device identifier associated with the individual device;
a memory device operable to store at least one policy, the at least one policy corresponding to at least one of the unique gateway identifier and the unique device identifier; and
a dynamic policy enforcement engine extracting from the DNS query the at least one of the unique gateway identifier and the unique device identifier, the dynamic policy enforcement engine operable to enforce the at least one policy when processing the DNS query by using the unique gateway identifier and the unique device identifier to select the at least one policy which applies to the individual device which originated the DNS query;
the at least one policy including DNS-based tracking of the individual device, the dynamic policy enforcement engine extracting location information for the individual device from the DNS query; and
,a tracking module operable to store the location information of the individual device.
2 Assignments
0 Petitions
Accused Products
Abstract
A device control system is associated with individual devices connected through a network control point to a gateway and thereby to the Internet. The gateway inserts an EDNS0 pseudo resource record into an additional data section in each DNS query initiated by an individual device, the EDNS0 pseudo resource record identifying the initiating device. A dynamic policy enforcement engine in front of the DNS engine intercepts the DNS query, identifies the initiating device, and selects a policy that applies to the device. The dynamic policy enforcement engine may provide parental control and security service to the individual device by blocking the DNS query or passing it to the DNS engine according to the policy. A component that intercepts DNS queries may provide several additional types of services to the individual devices, including advertising, messaging, mobile device tracking, individual device application control, and delivery of individualized content.
50 Citations
20 Claims
-
1. A system for providing DNS-based policies for devices, the system comprising:
-
a DNS engine operable to receive a DNS query from an individual device via a gateway associated with the individual device, the DNS query including at least one of;
(i) a unique gateway identifier associated with the gateway and (ii) a unique device identifier associated with the individual device;a memory device operable to store at least one policy, the at least one policy corresponding to at least one of the unique gateway identifier and the unique device identifier; and a dynamic policy enforcement engine extracting from the DNS query the at least one of the unique gateway identifier and the unique device identifier, the dynamic policy enforcement engine operable to enforce the at least one policy when processing the DNS query by using the unique gateway identifier and the unique device identifier to select the at least one policy which applies to the individual device which originated the DNS query; the at least one policy including DNS-based tracking of the individual device, the dynamic policy enforcement engine extracting location information for the individual device from the DNS query; and
,a tracking module operable to store the location information of the individual device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A method for providing DNS-based policies for devices, the method comprising:
-
with a DNS engine, receiving a DNS query from an individual device via a gateway associated with the individual device, the DNS query including at least one of;
(i) a unique gateway identifier associated with the gateway and (ii) the unique device identifier associated with the individual device;retrieving from a memory device operable to store at least one policy, the at least one policy corresponding to the at least one of the unique gateway identifier and the unique device identifier; and selecting, with a dynamic policy enforcement engine operable and based on the at least one of the unique gateway identifier and the unique device identifier, the at least one policy which applies to the DNS query, and enforcing the at least one policy; the at least one policy including DNS-based tracking of the individual device, the dynamic policy enforcement engine extracting location information for the individual device from the DNS query; and
,storing the location information of the individual device. - View Dependent Claims (15, 16, 17, 18)
-
-
19. A system for providing DNS-based advertisements for devices, the system comprising:
-
a DNS engine operable to receive a DNS query from an individual device via a gateway associated with the individual device, the DNS query including at least one of;
(i) a unique gateway identifier associated with the gateway and (ii) a unique device identifier associated with the individual device;a memory device operable to store at least one advertisement; a dynamic policy enforcement engine extracting from the DNS query the at least one of the unique gateway identifier and the unique device identifier, the dynamic policy enforcement engine operable to enforce the at least one policy when processing the DNS query by using the unique gateway identifier and the unique device identifier to select the at least one policy which applies to the individual device which originated the DNS query; an advertisement module operable to trigger, via a DNS response returned to the individual device, delivery of the at least one advertisement based on the at least one policy; and a communication module operable to provide the at least one advertisement to the individual device via the gateway the at least one policy including DNS-based tracking of the individual device, the dynamic policy enforcement engine extracting location information for the individual device from the DNS query; and
,a tracking module operable to store the location information of the individual device. - View Dependent Claims (20)
-
Specification