利索-全球专利检索

  1. 登录
  2. 注册

搜索结果

42 条记录 (耗时 0.017 秒)

    Resilient domain name service (DNS) resolution when an authoritative name server is unavailable
    1.
    发明授权
    Resilient domain name service (DNS) resolution when an authoritative name server is unavailable 有权

    公开(公告)号:US11032127B2

    公开(公告)日:2021-06-08

    申请号:US15633655

    申请日:2017-06-26

    申请人: VERISIGN, INC.

    发明人: Shumon Huque Burton S. Kaliski, Jr. Eric Osterweil Frank Scalzo Glen Wiley

    IPC分类号: H04L12/24 H04L29/12 H04W24/04 H04L29/14

    摘要: In one embodiment, a resolution resiliency application performs robust domain name system (DNS) resolution. In operation, the resolution resiliency application determines that an authoritative name server that is responsible for a domain name specified in a DNS query is unavailable. In response to determining that the authoritative name server is unavailable, the resolution resiliency application performs operation(s) that modify one or more DNS records stored in a cache based on one or more resiliency policies associated with the authoritative name server. The resolution resiliency application then generates a DNS response to the DNS query based on a DNS record stored in the modified cache. Notably, unlike conventional techniques that may generate inaccurate DNS responses based on stale DNS records, the disclosed techniques increase the likelihood of providing clients with DNS responses that accurately provide requested information.

    Adaptive name resolution
    3.
    发明授权
    Adaptive name resolution 有权
    自适应名称解析

    公开(公告)号:US08990356B2

    公开(公告)日:2015-03-24

    申请号:US13828070

    申请日:2013-03-14

    申请人: VeriSign, Inc.

    发明人: Danny McPherson Joseph Waldron Eric Osterweil

    IPC分类号: G06F15/16 H04L29/06 H04L29/12 H04L12/14

    CPC分类号: H04L63/08 H04L12/1432 H04L12/1435 H04L61/1511 H04L61/2007 H04L63/102

    摘要: A method, system, and computer-readable memory containing instructions include receiving a DNS request containing information related to user-specific information, device-specific information, and/or authentication information, analyzing the information, determining an appropriate action to take based on analyzing the status, and taking the appropriate action. Actions may include responding with an individualized network layer address or service location address, delaying sending a response message, sending a network layer address or service location address corresponding to a site containing authentication information, and sending a response with a network layer address or service location address with a web address configured to mimic the website related to the requested resource.

    摘要翻译: 包含指令的方法,系统和计算机可读存储器包括接收包含与用户特定信息有关的信息的DNS请求,设备特定信息和/或认证信息,分析信息,基于分析来确定要采取的适当动作 状况,并采取适当的行动。 动作可以包括响应于个性化网络层地址或服务位置地址,延迟发送响应消息,发送与包含认证信息的站点相对应的网络层地址或服务位置地址,以及发送具有网络层地址或服务位置的响应 地址,配置为模拟与所请求资源相关的网站的网址。

    White listing DNS top-talkers
    4.
    发明授权
    White listing DNS top-talkers 有权
    白名单DNS热门话题

    公开(公告)号:US08935744B2

    公开(公告)日:2015-01-13

    申请号:US14037933

    申请日:2013-09-26

    申请人: Verisign, Inc.

    发明人: Eric Osterweil Danny McPherson

    IPC分类号: G06F17/00 H04L29/06 H04L29/12

    CPC分类号: H04L63/20 H04L61/1511 H04L63/0236 H04L63/126 H04L63/1416 H04L63/1458 H04L2463/142

    摘要: Systems and methods for creating a list of trustworthy resolvers in a domain name system. A computer receives a resolver profile for a resolver sending queries to a domain name server. The resolver profile is based on any, or a combination, of a top-talker status of the resolver, a normalcy of distribution of domain names queried, a continuity of distribution of query type, and a RD bit status, and information related to query traffic based on the topology of the domain name server. Resolver profiles can be compared to a trust policy to determine whether the resolver is trustworthy. Resolvers deemed trustworthy can be added to a list of trustworthy resolvers. Embodiments can detect the occurrence of a network-based attack. Embodiments can mitigate the effect of a network-based attack by responding only to queries from resolvers on the list of trustworthy resolvers.

    摘要翻译: 在域名系统中创建可靠解析器列表的系统和方法。 计算机接收解析器的解析器配置文件,该解析器配置文件向域名服务器发送查询。 解析器配置文件基于解析器的最高讲话者状态,查询的域名分发的正常性,查询类型的分布的连续性以及RD比特状态的任何或组合,以及与查询相关的信息 基于域名服务器拓扑的流量。 可以将解析器配置文件与信任策略进行比较,以确定解析器是否可信赖。 被认为值得信赖的解决方案可以添加到可靠的解析器列表中。 实施例可以检测基于网络的攻击的发生。 实施例可以通过仅响应可靠解析器列表上的解析器的查询来减轻基于网络的攻击的影响。

    Detection of aberrant domain registration and resolution patterns
    5.
    发明授权
    Detection of aberrant domain registration and resolution patterns 有权

    公开(公告)号:US11190479B2

    公开(公告)日:2021-11-30

    申请号:US15602563

    申请日:2017-05-23

    申请人: VERISIGN, INC.

    发明人: Yannis Labrou Tomofumi Okubo Eric Osterweil Matthew Thomas

    IPC分类号: G06F15/16 H04L29/12 H04L29/06

    摘要: A method for detecting a predetermined behavior during a domain name registration or a domain resolution activity includes identifying one or more dimensions to be tracked. One or more metrics for each dimension is/are identified. A first time series for each of the metrics is generated. One or more first outliers in at least one of the first time series is detected. One or more sets of metrics is generated, each set including a combination of two or more of the metrics. A second time series for each of the metrics in the one or more sets of metrics is generated. One or more second outliers in at least one of the second time series is/are detected.

    Methods and systems for bootstrapping
    8.
    发明授权
    Methods and systems for bootstrapping 有权

    公开(公告)号:US09935771B2

    公开(公告)日:2018-04-03

    申请号:US14860885

    申请日:2015-09-22

    申请人: VERISIGN, INC.

    发明人: Ramakant Pandrangi Eric Osterweil Paul Livesay

    IPC分类号: H04L29/06 H04L9/32

    CPC分类号: H04L9/321 H04L9/3263 H04L61/1511 H04L63/123 H04L63/126 H04L63/20

    摘要: The disclosure is directed to securely bootstrapping devices in a network environment. Methods and systems include hardware and/or operations for receiving, based on an identifier provisioned at a relying entity, instances of a security credential of an information system, wherein the instances are associated with respective certifying entities. The operations also include verifying the authenticity of the instances of the security credential using information of the certifying entities provisioned at the relying entity. The operations further includes determining matches between the instances of the security credential. Additionally, the operations include determining based on the matches that a first instance of the security credential satisfies a policy provisioned at the relying entity. Further, the operations include verifying the authenticity of information requested from the information system using the first instance of the security credential. In various implementations, the information system may be the domain name system.

    METHODS AND SYSTEMS FOR DOMAIN NAME DATA NETWORKING
    9.
    发明申请
    METHODS AND SYSTEMS FOR DOMAIN NAME DATA NETWORKING 审中-公开
    域名数据网络的方法和系统

    公开(公告)号:US20170019371A1

    公开(公告)日:2017-01-19

    申请号:US15147387

    申请日:2016-05-05

    申请人: VERISIGN, INC.

    发明人: Eric Osterweil G. Craig Murray Abedelaziz Mohaisen Danny McPherson

    IPC分类号: H04L29/12 H04L29/08

    CPC分类号: H04L61/1511 H04L63/126 H04L67/2842

    摘要: Systems, devices and methods for a Domain Name Data Networking (DNDN) content delivery system are disclosed. Embodiments perform operations including obtaining a content object having a unique identifier. The operations also include storing a local instance of the content object in association with DNS resource records and the unique identifier. The operations further include providing the local instance of the content to a client in response to receiving a request from the client including the unique identifier.

    摘要翻译: 公开了域名数据网络(DNDN)内容传送系统的系统,设备和方法。 实施例执行包括获得具有唯一标识符的内容对象的操作。 这些操作还包括与DNS资源记录和唯一标识符相关联地存储内容对象的本地实例。 这些操作进一步包括响应于从客户端接收包括唯一标识符的请求,向客户端提供内容的本地实例。