Patents by Inventor Dani Grant

Dani Grant has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20240195780
    Abstract: An edge server of a distributed edge compute and routing service receives a tunnel connection request from a tunnel client residing on an origin server, that requests a tunnel be established between the edge server and the tunnel client. The request identifies the hostname that is to be tunneled. An IP address is assigned for the tunnel. DNS record(s) are added or changed that associate the hostname with the assigned IP address. Routing rules are installed in the edge servers of the distributed edge compute and routing service to reach the edge server for the tunneled hostname. The edge server receives a request for a resource of the tunneled hostname from another edge server that received the request from a client, where the other edge server is not connected to the origin server. The request is transmitted from the edge server to the origin server over the tunnel.
    Type: Application
    Filed: February 26, 2024
    Publication date: June 13, 2024
    Inventors: Dane Orion KNECHT, John GRAHAM-CUMMING, Dani GRANT, Christopher Philip BRANCH, Tom PASEKA
  • Patent number: 11979373
    Abstract: An Internet of Things (IoT) protection service at the network level is described. A secure session is established between an edge server and an IoT client that is requesting to send data to an IoT device. The edge server receives the request from the IoT client over the secure session instead of the IoT device directly because a Domain Name System (DNS) request for a unique fully qualified domain name assigned to the IoT device returns an IP address of the edge server instead of an IP address of the IoT device. The edge server analyzes the request to determine whether to transmit the request to the IoT device, including applying web application firewall rule(s) against the request. If the request does not trigger any rule, then the edge server transmits the request to the IoT device. If the request triggers any rule, then the edge server blocks the request.
    Type: Grant
    Filed: August 1, 2022
    Date of Patent: May 7, 2024
    Assignee: CLOUDFLARE, INC.
    Inventor: Dani Grant
  • Publication number: 20240126569
    Abstract: A compute server receives a request that triggers execution of a code piece out of multiple code pieces. A single process at the compute server executes the code piece, which is run in an isolated execution environment. Each other code piece runs in other isolated execution environments respectively and executed by the single process. The code piece, when executed, modifies a response to the request. The response is generated based at least in part on the executed code piece. The generated response is transmitted.
    Type: Application
    Filed: December 21, 2023
    Publication date: April 18, 2024
    Inventors: Kenton Taylor Varda, Zachary Aaron Bloom, Marek Przemyslaw Majkowski, Ingvar Stepanyan, Kyle Kloepper, Dane Orion Knecht, John Graham-Cumming, Dani Grant
  • Patent number: 11949647
    Abstract: A tunnel is established between a first edge server of a distributed edge compute and routing service and a tunnel client residing on an origin server. Routing rules are installed in the edge servers of the distributed edge compute and routing service to reach the first edge server. The routing rules are based at least in part on traffic information gathered from processing other traffic that traverses the distributed edge compute and routing service. A request for content served by the origin server through the tunnel is received at a second edge server of the distributed edge compute and routing service. A path from the second edge server to the first edge server is determined based on the routing rules. The request is transmitted on the determined path. The first edge server receives the request and transmits the request to the origin server over the tunnel.
    Type: Grant
    Filed: April 25, 2022
    Date of Patent: April 2, 2024
    Assignee: CLOUDFLARE, INC.
    Inventors: Dane Orion Knecht, John Graham-Cumming, Dani Grant, Christopher Philip Branch, Tom Paseka
  • Patent number: 11853776
    Abstract: A compute server receives a first request from a client device that triggers execution of a first third-party code piece. The first request is directed to a first zone. A single process at the compute server executes the first third-party code piece. As a result of executing the first third-party code piece, a second request is generated that triggers execution of a second third-party code piece. The second request is directed to a second zone. The single process executes the second third-party code piece. A response is generated to the first request based at least in part on the executed first third-party code piece and the executed second third-party code piece. The generated response is transmitted to the client device.
    Type: Grant
    Filed: December 30, 2022
    Date of Patent: December 26, 2023
    Assignee: CLOUDFLARE, INC.
    Inventors: Kenton Taylor Varda, Zachary Aaron Bloom, Marek Przemyslaw Majkowski, Ingvar Stepanyan, Kyle Kloepper, Dane Orion Knecht, John Graham-Cumming, Dani Grant
  • Patent number: 11736740
    Abstract: A server in a content delivery network (CDN) receives a request for a web page of a domain handled by an origin server. The server retrieves the web page and the web page references a video. The server retrieves a file that indicates a list of locations of the domain in which segments of the video are located. The server fetches at least an initial portion of the segments. The server receives a request for the video. The server transmits to the requester at least the initial portion of the segments. The server receives a subsequent request of a different portion of the segments. The server transmits a response to the requester that instructs the requester to transmit the request for the different portion of segments to a second server in the CDN.
    Type: Grant
    Filed: September 14, 2020
    Date of Patent: August 22, 2023
    Assignee: CLOUDFLARE, INC.
    Inventors: Dane Orion Knecht, Igor Postelnik, Oliver Yu, John Graham-Cumming, Dani Grant, Nitin Rao
  • Publication number: 20230138161
    Abstract: A compute server receives a first request from a client device that triggers execution of a first third-party code piece. The first request is directed to a first zone. A single process at the compute server executes the first third-party code piece. As a result of executing the first third-party code piece, a second request is generated that triggers execution of a second third-party code piece. The second request is directed to a second zone. The single process executes the second third-party code piece. A response is generated to the first request based at least in part on the executed first third-party code piece and the executed second third-party code piece. The generated response is transmitted to the client device.
    Type: Application
    Filed: December 30, 2022
    Publication date: May 4, 2023
    Inventors: Kenton Taylor Varda, Zachary Aaron Bloom, Marek Przemyslaw Majkowski, Ingvar Stepanyan, Kyle Kloepper, Dane Orion Knecht, John Graham-Cumming, Dani Grant
  • Publication number: 20230083295
    Abstract: An Internet of Things (IoT) protection service at the network level is described. A secure session is established between an edge server and an IoT client that is requesting to send data to an IoT device. The edge server receives the request from the IoT client over the secure session instead of the IoT device directly because a Domain Name System (DNS) request for a unique fully qualified domain name assigned to the IoT device returns an IP address of the edge server instead of an IP address of the IoT device. The edge server analyzes the request to determine whether to transmit the request to the IoT device, including applying web application firewall rule(s) against the request. If the request does not trigger any rule, then the edge server transmits the request to the IoT device. If the request triggers any rule, then the edge server blocks the request.
    Type: Application
    Filed: August 1, 2022
    Publication date: March 16, 2023
    Inventor: Dani Grant
  • Publication number: 20230045757
    Abstract: An edge server of a distributed edge compute and routing service receives a tunnel connection request from a tunnel client residing on an origin server, that requests a tunnel be established between the edge server and the tunnel client. The request identifies the hostname that is to be tunneled. An IP address is assigned for the tunnel. DNS record(s) are added or changed that associate the hostname with the assigned IP address. Routing rules are installed in the edge servers of the distributed edge compute and routing service to reach the edge server for the tunneled hostname. The edge server receives a request for a resource of the tunneled hostname from another edge server that received the request from a client, where the other edge server is not connected to the origin server. The request is transmitted from the edge server to the origin server over the tunnel.
    Type: Application
    Filed: April 25, 2022
    Publication date: February 9, 2023
    Inventors: Dane Orion KNECHT, John GRAHAM-CUMMING, Dani GRANT, Christopher Philip BRANCH, Tom PASEKA
  • Patent number: 11561805
    Abstract: A compute server receives a request from a client device that triggers execution of a third-party code piece. The compute server is one of multiple compute servers that are part of a distributed cloud computing network. The request may be an HTTP request and directed to a zone. A single process at the compute server executes the third-party code piece in an isolated execution environment. The single process is also executing other third-party code pieces in other isolated execution environments respectively. A response is generated to the request based at least in part on the executed third-party code piece, and the generated response is transmitted to the client device.
    Type: Grant
    Filed: December 7, 2020
    Date of Patent: January 24, 2023
    Assignee: CLOUDFLARE, INC.
    Inventors: Kenton Taylor Varda, Zachary Aaron Bloom, Marek Przemyslaw Majkowski, Ingvar Stepanyan, Kyle Kloepper, Dane Orion Knecht, John Graham-Cumming, Dani Grant
  • Patent number: 11405357
    Abstract: An Internet of Things (IoT) protection service at the network level is described. A secure session is established between an edge server and an IoT client that is requesting to send data to an IoT device. The edge server receives the request from the IoT client over the secure session instead of the IoT device directly because a Domain Name System (DNS) request for a unique fully qualified domain name assigned to the IoT device returns an IP address of the edge server instead of an IP address of the IoT device. The edge server analyzes the request to determine whether to transmit the request to the IoT device, including applying web application firewall rule(s) against the request. If the request does not trigger any rule, then the edge server transmits the request to the IoT device. If the request triggers any rule, then the edge server blocks the request.
    Type: Grant
    Filed: April 29, 2019
    Date of Patent: August 2, 2022
    Assignee: CLOUDFLARE, INC.
    Inventor: Dani Grant
  • Patent number: 11316825
    Abstract: An edge server of a distributed edge compute and routing service receives a tunnel connection request from a tunnel client residing on an origin server, that requests a tunnel be established between the edge server and the tunnel client. The request identifies the hostname that is to be tunneled. An IP address is assigned for the tunnel. DNS record(s) are added or changed that associate the hostname with the assigned IP address. Routing rules are installed in the edge servers of the distributed edge compute and routing service to reach the edge server for the tunneled hostname. The edge server receives a request for a resource of the tunneled hostname from another edge server that received the request from a client, where the other edge server is not connected to the origin server. The request is transmitted from the edge server to the origin server over the tunnel.
    Type: Grant
    Filed: May 26, 2020
    Date of Patent: April 26, 2022
    Assignee: CLOUDFLARE, INC.
    Inventors: Dane Orion Knecht, John Graham-Cumming, Dani Grant, Christopher Philip Branch, Tom Paseka
  • Publication number: 20210089328
    Abstract: A compute server receives a request from a client device that triggers execution of a third-party code piece. The compute server is one of multiple compute servers that are part of a distributed cloud computing network. The request may be an HTTP request and directed to a zone. A single process at the compute server executes the third-party code piece in an isolated execution environment. The single process is also executing other third-party code pieces in other isolated execution environments respectively. A response is generated to the request based at least in part on the executed third-party code piece, and the generated response is transmitted to the client device.
    Type: Application
    Filed: December 7, 2020
    Publication date: March 25, 2021
    Inventors: Kenton Taylor Varda, Zachary Aaron Bloom, Marek Przemyslaw Majkowski, Ingvar Stepanyan, Kyle Kloepper, Dane Orion Knecht, John Graham-Cumming, Dani Grant
  • Publication number: 20200413112
    Abstract: A server in a content delivery network (CDN) receives a request for a web page of a domain handled by an origin server. The server retrieves the web page and the web page references a video. The server retrieves a file that indicates a list of locations of the domain in which segments of the video are located. The server fetches at least an initial portion of the segments. The server receives a request for the video. The server transmits to the requester at least the initial portion of the segments. The server receives a subsequent request of a different portion of the segments. The server transmits a response to the requester that instructs the requester to transmit the request for the different portion of segments to a second server in the CDN.
    Type: Application
    Filed: September 14, 2020
    Publication date: December 31, 2020
    Inventors: Dane Orion Knecht, Igor Postelnik, Oliver Yu, John Graham-Cumming, Dani Grant, Nitin Rao
  • Patent number: 10860340
    Abstract: A compute server receives a request from a client device that triggers execution of a code piece. The compute server is one of multiple compute servers that are part of a distributed cloud computing network. The request is directed to a zone. A single process at the compute server executes the code piece in an isolated execution environment. The single process is also executing other code pieces in other isolated execution environments respectively. A response is generated to the request based at least in part on the executed code piece, and the generated response is transmitted to the client device.
    Type: Grant
    Filed: June 24, 2019
    Date of Patent: December 8, 2020
    Assignee: CLOUDFLARE, INC.
    Inventors: Kenton Taylor Varda, Zachary Aaron Bloom, Marek Przemyslaw Majkowski, Ingvar Stepanyan, Kyle Kloepper, Dane Orion Knecht, John Graham-Cumming, Dani Grant
  • Patent number: 10779015
    Abstract: A server in a content delivery network (CDN) receives a request for a web page of a domain handled by an origin server. The server retrieves the web page and the web page references a video. The server retrieves a file that indicates a list of locations of the domain in which segments of the video are located. The server fetches at least an initial portion of the segments. The server receives a request for the video. The server transmits to the requester at least the initial portion of the segments. The server receives a subsequent request of a different portion of the segments. The server transmits a response to the requester that instructs the requester to transmit the request for the different portion of segments to a second server in the CDN.
    Type: Grant
    Filed: October 5, 2017
    Date of Patent: September 15, 2020
    Assignee: CLOUDFLARE, INC.
    Inventors: Dane Orion Knecht, Igor Postelnik, Oliver Yu, John Graham-Cumming, Dani Grant, Nitin Rao
  • Publication number: 20200287867
    Abstract: An edge server of a distributed edge compute and routing service receives a tunnel connection request from a tunnel client residing on an origin server, that requests a tunnel be established between the edge server and the tunnel client. The request identifies the hostname that is to be tunneled. An IP address is assigned for the tunnel. DNS record(s) are added or changed that associate the hostname with the assigned IP address. Routing rules are installed in the edge servers of the distributed edge compute and routing service to reach the edge server for the tunneled hostname. The edge server receives a request for a resource of the tunneled hostname from another edge server that received the request from a client, where the other edge server is not connected to the origin server. The request is transmitted from the edge server to the origin server over the tunnel.
    Type: Application
    Filed: May 26, 2020
    Publication date: September 10, 2020
    Inventors: Dane Orion KNECHT, John GRAHAM-CUMMING, Dani GRANT, Christopher Philip BRANCH, Tom PASEKA
  • Patent number: 10666613
    Abstract: An edge server of a distributed edge compute and routing service receives a tunnel connection request from a tunnel client residing on an origin server, that requests a tunnel be established between the edge server and the tunnel client. The request identifies the hostname that is to be tunneled. An IP address is assigned for the tunnel. DNS record(s) are added or changed that associate the hostname with the assigned IP address. Routing rules are installed in the edge servers of the distributed edge compute and routing service to reach the edge server for the tunneled hostname. The edge server receives a request for a resource of the tunneled hostname from another edge server that received the request from a client, where the other edge server is not connected to the origin server. The request is transmitted from the edge server to the origin server over the tunnel.
    Type: Grant
    Filed: October 15, 2018
    Date of Patent: May 26, 2020
    Assignee: CLOUDFLARE, INC.
    Inventors: Dane Orion Knecht, John Graham-Cumming, Dani Grant, Christopher Philip Branch, Tom Paseka
  • Publication number: 20200142711
    Abstract: A compute server receives a request from a client device that triggers execution of a code piece. The compute server is one of multiple compute servers that are part of a distributed cloud computing network. The request is directed to a zone. A single process at the compute server executes the code piece in an isolated execution environment. The single process is also executing other code pieces in other isolated execution environments respectively. A response is generated to the request based at least in part on the executed code piece, and the generated response is transmitted to the client device.
    Type: Application
    Filed: June 24, 2019
    Publication date: May 7, 2020
    Inventors: Kenton Taylor Varda, Zachary Aaron Bloom, Marek Przemyslaw Majkowski, Ingvar Stepanyan, Kyle Kloepper, Dane Orion Knecht, John Graham-Cumming, Dani Grant
  • Patent number: 10601941
    Abstract: A method and system for optimization of an advertisement in a network resource in a proxy server of a cloud-based proxy service are described. Responsive to determining that there is an advertisement element in a network resource, the proxy server automatically modifies the advertisement element. The automatic modification of the advertisement element includes: 1) compressing style code into compressed style code; 2) compressing the image; and 3) compressing the style generation code. The proxy server generates a modified version of the network resource including the modified version of the advertisement element, where the modified version of the advertisement element is smaller in size than the advertisement element included in the network resource retrieved from the origin server; and transmits the modified version of the network resource to the client device instead of the network resource.
    Type: Grant
    Filed: November 28, 2018
    Date of Patent: March 24, 2020
    Assignee: CLOUDFLARE, INC.
    Inventors: Igor Postelnik, John Fawcett, Dane Orion Knecht, Oliver Zi-gang Yu, Dani Grant