-
1.发明授权公开(公告)号:US11853776B2
公开(公告)日:2023-12-26
申请号:US18148642
申请日:2022-12-30
Applicant: CLOUDFLARE, INC.
Inventor: Kenton Taylor Varda , Zachary Aaron Bloom , Marek Przemyslaw Majkowski , Ingvar Stepanyan , Kyle Kloepper , Dane Orion Knecht , John Graham-Cumming , Dani Grant
IPC: G06F9/448 , H04L67/00 , H04L67/02 , H04L67/10 , G06F9/455 , H04L9/40 , H04L67/53 , H04L67/63 , G06F21/53 , H04L41/50
CPC classification number: G06F9/4484 , G06F9/45558 , G06F21/53 , H04L9/40 , H04L41/50 , H04L63/10 , H04L67/02 , H04L67/10 , H04L67/34 , H04L67/53 , H04L67/63 , G06F2009/45587
Abstract: A compute server receives a first request from a client device that triggers execution of a first third-party code piece. The first request is directed to a first zone. A single process at the compute server executes the first third-party code piece. As a result of executing the first third-party code piece, a second request is generated that triggers execution of a second third-party code piece. The second request is directed to a second zone. The single process executes the second third-party code piece. A response is generated to the first request based at least in part on the executed first third-party code piece and the executed second third-party code piece. The generated response is transmitted to the client device.
-
2.发明公开公开(公告)号:US20230224290A1
公开(公告)日:2023-07-13
申请号:US18092750
申请日:2023-01-03
Applicant: Cloudflare, Inc.
Inventor: Sébastien Andreas Henry Pahl , Matthieu Philippe François Tourne , Piotr Sikora , Ray Raymond Bejjani , Dane Orion Knecht , Matthew Browning Prince , John Graham-Cumming , Lee Hahn Holloway , Albertus Strasheim
IPC: H04L9/40
CPC classification number: H04L63/0823 , H04L63/061
Abstract: A server establishes a secure session with a client device where a private key used in the handshake is stored in a different server. An encrypted connection is established between the first server and the second server. A message is received from the client device that initiates a procedure to establish the secure session between the client device and the first server. As part of this procedure, the first server transmits over the encrypted connection a request to the second server to use the private key. The first server receives, over the encrypted connection, a response to the request that includes a result of the use of the private key. The first server uses the result during the procedure to establish the secure session.
-
3.发明申请公开(公告)号:US20230138161A1
公开(公告)日:2023-05-04
申请号:US18148642
申请日:2022-12-30
Applicant: CLOUDFLARE, INC.
Inventor: Kenton Taylor Varda , Zachary Aaron Bloom , Marek Przemyslaw Majkowski , Ingvar Stepanyan , Kyle Kloepper , Dane Orion Knecht , John Graham-Cumming , Dani Grant
IPC: G06F9/448 , H04L67/00 , H04L67/02 , H04L67/10 , G06F9/455 , H04L9/40 , H04L67/53 , H04L67/63 , G06F21/53
Abstract: A compute server receives a first request from a client device that triggers execution of a first third-party code piece. The first request is directed to a first zone. A single process at the compute server executes the first third-party code piece. As a result of executing the first third-party code piece, a second request is generated that triggers execution of a second third-party code piece. The second request is directed to a second zone. The single process executes the second third-party code piece. A response is generated to the first request based at least in part on the executed first third-party code piece and the executed second third-party code piece. The generated response is transmitted to the client device.
-
4.发明授权公开(公告)号:US11546309B2
公开(公告)日:2023-01-03
申请号:US17036988
申请日:2020-09-29
Applicant: Cloudflare, Inc.
Inventor: Sébastien Andreas Henry Pahl , Matthieu Philippe François Tourne , Piotr Sikora , Ray Raymond Bejjani , Dane Orion Knecht , Matthew Browning Prince , John Graham-Cumming , Lee Hahn Holloway , Albertus Strasheim
Abstract: A first server receives a set of cryptographic parameters from a second server. The set of cryptographic parameters is received from the second server as part of a secure session establishment between a client device and the second server. The first server accesses a private key that is not stored on the second server. The first server signs the set of cryptographic parameters using the private key. The first server transmits the signed set of cryptographic parameters to the second server. The first server receives, from the second server, a request to generate a premaster secret using a value generated by the second server that is included in the request and generates the premaster secret. The first server transmits the premaster secret to the second server for use in the secure session establishment between the client device and the second server.
-
5.发明申请公开(公告)号:US20200142711A1
公开(公告)日:2020-05-07
申请号:US16450585
申请日:2019-06-24
Applicant: CLOUDFLARE, INC.
Inventor: Kenton Taylor Varda , Zachary Aaron Bloom , Marek Przemyslaw Majkowski , Ingvar Stepanyan , Kyle Kloepper , Dane Orion Knecht , John Graham-Cumming , Dani Grant
Abstract: A compute server receives a request from a client device that triggers execution of a code piece. The compute server is one of multiple compute servers that are part of a distributed cloud computing network. The request is directed to a zone. A single process at the compute server executes the code piece in an isolated execution environment. The single process is also executing other code pieces in other isolated execution environments respectively. A response is generated to the request based at least in part on the executed code piece, and the generated response is transmitted to the client device.
-
Patent Agency Ranking
6.发明申请公开(公告)号:US20190044924A1
公开(公告)日:2019-02-07
申请号:US16159437
申请日:2018-10-12
Applicant: CloudFlare, Inc.
Inventor: Sébastien Andreas Henry Pahl , Matthieu Philippe François Tourne , Piotr Sikora , Ray Raymond Bejjani , Dane Orion Knecht , Matthew Browning Prince , John Graham-Cumming , Lee Hahn Holloway , Albertus Strasheim
Abstract: A first server receives a set of cryptographic parameters from a second server. The set of cryptographic parameters is received from the second server as part of a secure session establishment between a client device and the second server. The first server accesses a private key that is not stored on the second server. The first server signs the set of cryptographic parameters using the private key. The first server transmits the signed set of cryptographic parameters to the second server. The first server receives, from the second server, a request to generate a premaster secret using a value generated by the second server that is included in the request and generates the premaster secret. The first server transmits the premaster secret to the second server for use in the secure session establishment between the client device and the second server.
-
7.发明授权公开(公告)号:US10009183B2
公开(公告)日:2018-06-26
申请号:US15271190
申请日:2016-09-20
Applicant: CLOUDFLARE, INC.
Inventor: Sébastien Andreas Henry Pahl , Matthieu Philippe François Tourne , Piotr Sikora , Ray Raymond Bejjani , Dane Orion Knecht , Matthew Browning Prince , John Graham-Cumming , Lee Hahn Holloway , Nicholas Thomas Sullivan , Albertus Strasheim
CPC classification number: H04L9/3263 , G06F21/33 , H04L9/083 , H04L9/0841 , H04L9/0844 , H04L9/14 , H04L9/3013 , H04L9/3247 , H04L63/0428 , H04L63/0485 , H04L63/061 , H04L63/0823 , H04L63/0869 , H04L63/164 , H04L63/166 , H04L63/205 , H04L67/141 , H04L67/42
Abstract: A server establishes a secure session with a client device where a private key used in the handshake when establishing the secure session is stored in a different server. During the handshake procedure, the server receives a premaster secret that has been encrypted using a public key bound with a domain for which the client device is attempting to establish a secure session with. The server transmits the encrypted premaster secret to the different server for decryption along with other information necessary to compute a master secret. The different server decrypts the encrypted premaster secret, generates the master secret, and transmits the master secret to the server. The server receives the master secret and continues with the handshake procedure including generating one or more session keys that are used in the secure session for encrypting and decrypting communication between the client device and the server.
-
公开(公告)号:US20170359349A1
公开(公告)日:2017-12-14
申请号:US15477938
申请日:2017-04-03
Applicant: CLOUDFLARE, INC.
Inventor: Dane Orion Knecht , John Graham-Cumming
CPC classification number: H04L63/101 , H04L9/3228 , H04L9/3297 , H04L61/10 , H04L61/1511 , H04L63/0227 , H04L63/0428 , H04L63/0838 , H04L63/108 , H04L63/1416 , H04L63/1458 , H04L67/02 , H04L67/10 , H04L67/28 , H04L67/2833 , H04L67/2842 , H04L67/42 , H04L2463/142
Abstract: A method and apparatus for causing a delay in processing requests for Internet resources received from client devices is described. A server receives from a client device a request for a resource. The server transmits a response to the first client device indicating that access to the resource is temporarily denied. The response includes a cryptographic token associated with the first request and a predetermined period of time during which the first client device is to wait prior to transmitting another request to access the resource. The server receives a second request for the resource, upon determining that the second request includes a valid cryptographic token, the server causes the second request to be processed. The server receives a third request for the resource, and upon determining that the third request does not include a valid cryptographic token, the server blocks the third request.
-
9.发明申请公开(公告)号:US20170324827A1
公开(公告)日:2017-11-09
申请号:US15656928
申请日:2017-07-21
Applicant: CLOUDFLARE, INC.
Inventor: John Graham-Cumming
CPC classification number: H04L67/2828 , H04L29/08783 , H04L67/1023 , H04L67/2842 , H04L67/2876 , H04L69/02 , H04L69/04
Abstract: A near end network optimizer receives, from a client device, a request for a network resource. Responsive to determining that a version of the network resource is stored in the near end network optimizer, a request for the network resource is transmitted to a far end network optimizer along with a version identifier that identifies that version. The near end network optimizer receives, from the far end network optimizer, a response that includes a differences file that specifies the difference(s) between the version of the network resource stored in the near end network optimizer with a most current version of the network resource. The response does not include the entire network resource. The near end network optimizer applies the specified difference(s) to the version that it has stored to generate an updated version of the network resource, and transmits the updated version of the network resource to the client device.
-
10.发明授权公开(公告)号:US09729657B2
公开(公告)日:2017-08-08
申请号:US14659909
申请日:2015-03-17
Applicant: CloudFlare, Inc.
Inventor: John Graham-Cumming
CPC classification number: H04L67/2828 , H04L29/08783 , H04L67/1023 , H04L67/2842 , H04L67/2876 , H04L69/02 , H04L69/04
Abstract: A near end network optimizer receives, from a client device, a request for a network resource. Responsive to determining that a version of the network resource is stored in the near end network optimizer, a request for the network resource is transmitted to a far end network optimizer along with a version identifier that identifies that version. The near end network optimizer receives, from the far end network optimizer, a response that includes a differences file that specifies the difference(s) between the version of the network resource stored in the near end network optimizer with a most current version of the network resource. The response does not include the entire network resource. The near end network optimizer applies the specified difference(s) to the version that it has stored to generate an updated version of the network resource, and transmits the updated version of the network resource to the client device.
-
-
-
-
-
-
-
-
-
Search Results
92
records
(took 0.025 seconds)
