发明名称 |
Transparent Proxy Authentication Via DNS Processing |
摘要 |
A DNS nameserver processes requests for domain name information based on subscriber identifiers, and optionally subscriber information. Based on a subscriber identifier, requests for a target domain name may generate a DNS response with domain name information for a proxy service. Techniques are provided to seamlessly and transparently authenticate a subscriber at the proxy service. The proxy service generates a redirect with a unique domain name including a tracking identifier in response to requests for a target domain name. The nameserver receives a request associated with the unique domain name. The nameserver responds with domain name information of the proxy service and generates a message to the proxy service mapping the tracking identifier to the subscriber identifier. The client then generates a request to the proxy service that includes the tracking identifier. The proxy service uses the mapping from the nameserver to authenticate the corresponding subscriber identifier. |
申请公布号 |
US2015256508(A1) |
申请公布日期 |
2015.09.10 |
申请号 |
US201414196973 |
申请日期 |
2014.03.04 |
申请人 |
OpenDNS, Inc. |
发明人 |
Townsend Geoff;Ellery Michael;Siba Lucas;Somers Brian |
分类号 |
H04L29/12 |
主分类号 |
H04L29/12 |
代理机构 |
|
代理人 |
|
主权项 |
1. A method of computer network processing, comprising:
receiving at a proxy service a first request associated with a target domain name; in response to the first request, generating a first identifier and a first domain name including the first identifier; providing a redirect response from the proxy service including the first domain name in response to the first request; receiving at the proxy service from a DNS nameserver a message including a subscriber identifier for the first identifier; receiving at the proxy service a second request associated with the target domain name, the second request including the first identifier; determining in response to the second request the subscriber identifier corresponding to the first identifier based on the message from the DNS nameserver; and generating a response to the second request based on the subscriber identifier. |
地址 |
San Francisco CA US |