System for providing DNS-based control of individual devices
First Claim
1. A system for providing DNS-based control of individual devices, the system comprising:
- a DNS engine operable to receive a DNS query from an individual device via a gateway associated with the individual device, the gateway connected through a wide area network to a dynamic policy enforcement engine, the DNS query including a gateway identifier and a device identifier;
a memory device operable to store at least one policy corresponding to the gateway identifier and the device identifier;
the dynamic policy enforcement engine operable to enforce the at least one policy to content delivered to the individual device, the at least one policy including DNS-based tracking of the individual device, the dynamic policy enforcement engine extracting coordinates of the individual device from the DNS query; and
a tracking module operable to store the coordinates of the individual device.
2 Assignments
0 Petitions
Accused Products
Abstract
A device control system is associated with individual devices connected through a network control point to a gateway and thereby to the Internet. The gateway inserts an EDNS0 pseudo resource record into an additional data section in each DNS query initiated by an individual device, the EDNS0 pseudo resource record identifying the initiating device. A dynamic policy enforcement engine in front of the DNS engine intercepts the DNS query, identifies the initiating device, and selects a policy that applies to the device. The dynamic policy enforcement engine may provide parental control and security service to the individual device by blocking the DNS query or passing it to the DNS engine according to the policy. A component that intercepts DNS queries may provide several additional types of services to the individual devices, including advertising, messaging, mobile device tracking, individual device application control, and delivery of individualized content.
49 Citations
29 Claims
-
1. A system for providing DNS-based control of individual devices, the system comprising:
-
a DNS engine operable to receive a DNS query from an individual device via a gateway associated with the individual device, the gateway connected through a wide area network to a dynamic policy enforcement engine, the DNS query including a gateway identifier and a device identifier; a memory device operable to store at least one policy corresponding to the gateway identifier and the device identifier; the dynamic policy enforcement engine operable to enforce the at least one policy to content delivered to the individual device, the at least one policy including DNS-based tracking of the individual device, the dynamic policy enforcement engine extracting coordinates of the individual device from the DNS query; and a tracking module operable to store the coordinates of the individual device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
-
-
23. A system for DNS-based blocking content for individual devices, the system comprising:
-
a DNS engine operable to receive a DNS query from an individual device via a gateway associated with the individual device, the gateway connected through a wide area network to a dynamic policy enforcement engine, the DNS query including a gateway identifier and a device identifier; a memory device operable to store at least one policy corresponding to the gateway identifier and the device identifier; the dynamic policy enforcement engine extracting; a pseudo resource record from an additional data section when the dynamic policy enforcement engine receives the DNS query, the pseudo resource record previously inserted into the additional data section, the dynamic policy enforcement engine operable to block content from delivery to the individual device based on the at least one policy by using the gateway identifier and the device identifier to select the at least one policy which applies to the individual device which originated the DNS query, the at least one policy including DNS-based tracking of the individual device, and coordinates of the individual device from the DNS query; and a tracking module operable to store the coordinates of the individual device. - View Dependent Claims (24, 25)
-
-
26. A system for providing DNS-based messaging to individual devices, the system comprising:
-
a DNS engine operable to receive a DNS query from an individual device via a gateway associated with the individual device, the gateway connected through a wide area network to a dynamic policy enforcement engine, the DNS query including a gateway identifier and a device identifier; a memory device operable to store at least one message; a messaging module operable to trigger delivery of the at least one message based on the gateway identifier and the device identifier, the messaging module returning a DNS response to the individual device, causing the individual device to load the at least one message from a communication module instead of loading a page requested by the DNS query; the communication module operable to deliver the at least one message to the individual device via the gateway, by retrieving the at least one message from the memory device and returning the at least one message to the individual device; the dynamic policy enforcement engine operable to enforce at least one policy to the message delivered to the individual device, the at least one policy including DNS-based tracking of the individual device, the dynamic policy enforcement engine extracting coordinates of the individual device from the DNS query; and a tracking module operable to store the coordinates of the individual device. - View Dependent Claims (27)
-
-
28. A system for providing DNS-based advertisement to individual devices, the system comprising:
-
a DNS engine operable to receive a DNS query from an individual device via a gateway associated with the individual device, the gateway connected through a wide area network to a dynamic policy enforcement engine, the DNS query including a gateway identifier and a device identifier; a memory device operable to store at least one advertisement; an advertisement module operable to trigger delivery of the at least one advertisement based on the gateway identifier and the device identifier, the advertisement module returning a DNS response to the individual device, causing the individual device to load the at least one advertisement from a communication module instead of loading a page requested by the DNS query; the communication module operable to provide the at least one advertisement to the individual device via the gateway, by retrieving the at least one advertisement from the memory device and returning the at least one advertisement to the individual device; the dynamic policy enforcement engine operable to enforce at least one policy to the advertisement delivered to the individual device, the at least one policy including DNS-based tracking of the individual device, the dynamic policy enforcement engine extracting coordinates of the individual device from the DNS query; and a tracking module operable to store the coordinates of the individual device. - View Dependent Claims (29)
-
Specification