Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method and system for protecting websites from public Internet threats

a technology for protecting websites and public internet, applied in the field of methods and systems for protecting websites from public internet threats, can solve the problems of delivering end users of protected sites unparalleled performance and reliability, and achieve the effect of fast and without fail

Inactive Publication Date: 2007-12-06
AKAMAI TECH INC
View PDF4 Cites 15 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Benefits of technology

The present invention provides a technique for delivering a Web site from a protected site while ensuring that content is delivered quickly and without fail, regardless of user location. The invention eliminates public entry points found on Web servers today while delivering end users of a protected site unparalleled performance and reliability. The invention involves a collection of strategically-positioned content delivery network (CDN) server regions designed to complement an existing infrastructure protecting an origin site. The CDN server regions handle communications with the origin server only when needed, preferably via a private connection. The invention also includes an origin server shield in the same data center as the origin Web server, which protects the origin by effectively removing it from accessible Internet Protocol (IP) space. The invention prevents any other machine on the Internet from spoofing the shield region server IP addresses in an attempt to masquerade as the shield server. The technical effects of the invention include improved security, performance, and reliability of the protected site.

Problems solved by technology

The inventive technique substantially eliminates the public entry points found on Web servers today while delivering end users of a protected site unparalleled performance and reliability.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for protecting websites from public Internet threats
  • Method and system for protecting websites from public Internet threats
  • Method and system for protecting websites from public Internet threats

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0022] By way of background, it is known in the prior art to deliver digital content (e.g., HTTP content, streaming media and applications) using an Internet content delivery network (CDN). A CDN is a network of geographically-distributed content delivery nodes that are arranged for efficient delivery of content on behalf of third party content providers. Typically, a CDN is implemented as a combination of a content delivery infrastructure, a request-routing mechanism, and a distribution infrastructure. The content delivery infrastructure usually comprises a set of “surrogate” origin servers that are located at strategic locations (e.g., Internet network access points, Internet Points of Presence, and the like) for delivering content to requesting end users. The request-routing mechanism allocates servers in the content delivery infrastructure to requesting clients in a way that, for web content delivery, minimizes a given client's response time and, for streaming media delivery, pr...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present invention addresses the known vulnerabilities of Web site infrastructure by making an origin server substantially inaccessible via Internet Protocol traffic. In particular, according to a preferred embodiment, the origin server is “shielded” from the publicly-routable IP address space. Preferably, only given machines (acting as clients) can access the origin server, and then only under restricted, secure circumstances. In a preferred embodiment, these clients are the servers located in a “parent” region of a content delivery network (CDN) tiered distribution hierarchy. The invention implements an origin server shield that protects a site against security breaches and the high cost of Web site downtime by ensuring that the only traffic sent to an enterprise's origin infrastructure preferably originates from CDN servers. The inventive “shielding” technique protects a site's Web servers (as well as backend infrastructure, such as application servers, databases, and mail servers) from unauthorized intrusion—improving site uptime and in the process, customer loyalty.

Description

[0001] This application is a continuation of U.S. Ser. No. 10 / 191,309, filed Jul. 9, 2002.BACKGROUND OF THE INVENTION [0002] 1. Technical Field [0003] The present invention relates generally to techniques for cloaking a Web site origin server from the public Internet while still ensuring that content otherwise available from the site is delivered quickly and without fail, regardless of a user location. [0004] 2. Description of the Related Art [0005] Today's Web sites are a double-edged sword. They present enterprises with the opportunity for both resounding success and costly, dramatic failure. The possibility for either scenario to occur is chiefly due to the Internet's open design. Indeed, the ability to reach a global community of customers and partners via the Web comes with serious security risks. The open design means that enterprises must expose themselves by opening a public entry-point to get the global reach they need. Couple that with the inherent weaknesses of centralize...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(United States)
IPC IPC(8): H04L9/32H04L29/06H04L29/08
CPCH04L29/06027H04L63/0209H04L63/0227H04L67/1002H04L63/101H04L63/1441H04L65/4084H04L63/0263H04L65/612H04L67/1001H04L65/1101
Inventor AFERGAN, MICHAEL M.ELLIS, ANDREW B.SUNDARAM, RAVIRAHUL, HARIHARAN S.
Owner AKAMAI TECH INC
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products