Patents Assigned to VeriSign, Inc.
  • Patent number: 11190479
    Abstract: A method for detecting a predetermined behavior during a domain name registration or a domain resolution activity includes identifying one or more dimensions to be tracked. One or more metrics for each dimension is/are identified. A first time series for each of the metrics is generated. One or more first outliers in at least one of the first time series is detected. One or more sets of metrics is generated, each set including a combination of two or more of the metrics. A second time series for each of the metrics in the one or more sets of metrics is generated. One or more second outliers in at least one of the second time series is/are detected.
    Type: Grant
    Filed: May 23, 2017
    Date of Patent: November 30, 2021
    Assignee: VERISIGN, INC.
    Inventors: Yannis Labrou, Tomofumi Okubo, Eric Osterweil, Matthew Thomas
  • Patent number: 11190397
    Abstract: In one embodiment, a delegation engine automatically provisions a device connected to a network to securely identify and interact with external services. As a device boots in a deployment environment, the delegation engine generates a search domain name based on a manufacturer-supplied domain name and a domain name associated with the deployment environment. The delegation engine then searches a Domain Name System (DNS) to retrieve a delegation record stored at the search domain name. After verifying a manufacturer signature associated with the delegation record, the delegation engine configures the device based on service discovery information included in the delegation record. Because the delegation engine automates the provisioning process, the time required to provision devices is acceptable irrespective of the number of the devices. Further, because the delegation engine verifies the delegation record, the delegation engine does not expose the device to security risks during the provisioning process.
    Type: Grant
    Filed: May 6, 2016
    Date of Patent: November 30, 2021
    Assignee: VeriSign, Inc.
    Inventors: Andrew Cathrow, Andrew Fregly, Stephen D. James
  • Patent number: 11184299
    Abstract: A method of publishing a publication message includes receiving, at one of a plurality of first relays, a subscription request from a first client and transmitting the subscription request from the one of the plurality of first relays to only one of a plurality of central relays. The method also includes receiving, at another of the plurality of first relays, a publication request from a second client. The publication request includes the publication message. The method further includes transmitting the publication message from the another of the plurality of first relays to all of the plurality of central relays, transmitting the publication message from at least one of the plurality of central relays to the one of the plurality of first relays, and transmitting the publication message from the one of the plurality of first relays to the first client.
    Type: Grant
    Filed: December 4, 2018
    Date of Patent: November 23, 2021
    Assignee: VERISIGN, INC.
    Inventors: John K. Gallant, Brad Verd, Karl M. Henderson
  • Patent number: 11171917
    Abstract: A method of providing domain name system (“DNS”) eligibility is provided. The method includes obtaining, at an eligibility service comprising at least one electronic server computer communicatively coupled to a computer network, a request of an eligibility proof from a DNS client; validating, by the eligibility service, the request; providing, by the eligibility service, the eligibility proof to the DNS client; obtaining, by the eligibility service, the eligibility proof, wherein the eligibility proof is related to a registration of a domain name by the DNS client with a DNS registry; validating, by the eligibility service, the eligibility proof; applying, by the eligibility service, a promotion credit to an account of the DNS client; and providing, by the eligibility service, a confirmation of the promotion credit to the DNS client.
    Type: Grant
    Filed: November 1, 2017
    Date of Patent: November 9, 2021
    Assignee: VERISIGN, INC.
    Inventors: James Gould, Karthik Shyamsunder
  • Patent number: 11122004
    Abstract: In one embodiment, a global domain name system (DNS) server processes a DNS query based on an internal network policy. Upon receiving a DNS query that is associated with a source IP address, the global DNS server identifies a client subnet based on the DNS query. The client subnet is associated with an internal device on an internal network. The global DNS server selects an internal network policy from multiple predetermined policies based on the source IP address and the client subnet. The global DNS server then tailors one or more DNS resolution operations that generate a response to the DNS query based on the selected internal network policy. Advantageously, the client subnet provides the global DNS server with visibility into the internal network. Such visibility enables the global DNS server to apply policies selectively at the granularity of individual devices on the internal network.
    Type: Grant
    Filed: October 21, 2016
    Date of Patent: September 14, 2021
    Assignee: VERISIGN, INC.
    Inventors: Michael Kaczmarek, Eric Osterweil
  • Patent number: 11095604
    Abstract: A computer-implemented method, computer-readable medium, and an apparatus operable to perform the method is provided for managing multiple provisioned domain name system (“DNS”) registry objects. The method can include receiving, at a DNS registry, a multiple domain extensible provisioning protocol (“EPP”) command from a registrar on behalf of a registrant to perform an action for each provisioned DNS registry object of the multiple provisioned DNS registry objects; comparing the action with one or more allowable actions in a policy maintained by the registry; determining, by a processor, that the action is allowable based on the comparing; and performing, based on the determining, the action on each of the provisioned DNS registry objects in one transaction.
    Type: Grant
    Filed: January 30, 2019
    Date of Patent: August 17, 2021
    Assignee: VERISIGN, INC.
    Inventors: James F. Gould, Srikanth Veeramachaneni, Nagesh Chigurupati
  • Patent number: 11080483
    Abstract: Techniques for generating unregistered internet domain names using machine learning are presented. The techniques include parsing terms in an embedding training corpus of computer-readable text produce a tokenized embedding training corpus of text; adding tag(s) to produce a tagged tokenized embedding training corpus of text; vectorizing to produce a vector space embedding model mapping tagged tokenized terms to vectors; parsing domain names of a domain name training corpus of registered domain names to obtain a tokenized domain name training corpus; adding at least one tag to tokens to obtain a tagged tokenized domain name training corpus; vectorizing using the vector space model to produce a vectorized domain name training corpus; training a machine learning algorithm with the vectorized domain name training corpus to produce a trained machine learning model; generating an output domain name by the trained machine learning model; and outputting the output domain name.
    Type: Grant
    Filed: February 28, 2018
    Date of Patent: August 3, 2021
    Assignee: VERISIGN, INC.
    Inventors: Mohammad Raihanul Islam, Yaser Keneshloo, Yannis Labrou, Andrew West
  • Patent number: 11082392
    Abstract: Systems and methods for out-of-band communications in the domain name system (DNS) are disclosed. Embodiments include a system for negotiating DNS services in the DNS. The system includes an in-band communication channel connecting a first party and a second party, and one or more out-of-band communication channels connecting the first party and the second party. The first party performs messaging for the DNS services with the second party using the in-band communication channel. Further, the first party advertises terms of the DNS service offered by the second party using the one or more out-of-band communication channels.
    Type: Grant
    Filed: October 30, 2019
    Date of Patent: August 3, 2021
    Assignee: VERISIGN, INC.
    Inventors: Burton S. Kaliski, Jr., Shumon Huque
  • Patent number: 11032127
    Abstract: In one embodiment, a resolution resiliency application performs robust domain name system (DNS) resolution. In operation, the resolution resiliency application determines that an authoritative name server that is responsible for a domain name specified in a DNS query is unavailable. In response to determining that the authoritative name server is unavailable, the resolution resiliency application performs operation(s) that modify one or more DNS records stored in a cache based on one or more resiliency policies associated with the authoritative name server. The resolution resiliency application then generates a DNS response to the DNS query based on a DNS record stored in the modified cache. Notably, unlike conventional techniques that may generate inaccurate DNS responses based on stale DNS records, the disclosed techniques increase the likelihood of providing clients with DNS responses that accurately provide requested information.
    Type: Grant
    Filed: June 26, 2017
    Date of Patent: June 8, 2021
    Assignee: VERISIGN, INC.
    Inventors: Shumon Huque, Burton S. Kaliski, Jr., Eric Osterweil, Frank Scalzo, Glen Wiley
  • Patent number: 11025407
    Abstract: Techniques for signing internet data are disclosed. The techniques include accessing a plurality of internet data records. The techniques also include generating, using at least one electronic processor, leaf nodes from the plurality of internet data records, and constructing a recursive hash tree from the plurality of leaf nodes. The techniques also include deriving information sufficient to validate the root node, and publishing, in an internet public key infrastructure (PKI) as a synthesized public key, the information sufficient to validate the root node. The techniques also include providing, through the internet and as a signature on at least one of the plurality of internet data records, validation data including sibling path data from the recursive hash tree, such that an internet client validates the at least one of the internet data records using at least the validation data and the synthesized public key.
    Type: Grant
    Filed: June 2, 2017
    Date of Patent: June 1, 2021
    Assignee: VERISIGN, INC.
    Inventor: Burton S. Kaliski, Jr.
  • Patent number: 11025482
    Abstract: In one embodiment, a resolution resiliency application modifies domain name service (DNS) resolution. In operation, the resolution resiliency application determines that an authoritative name server has begun recovering from a degraded state or receives a flush list update from the authoritative name server. In response, the resolution resiliency application performs operation(s) that modify a query rate and/or a cache. The query rate specifies a frequency associated with DNS queries transmitted to the first authoritative name server. The cache stores DNS record(s) received from the first authoritative name server. Finally, the resolution resiliency application generates a DNS response to a DNS query based on the modified query rate and/or the modified cache.
    Type: Grant
    Filed: January 26, 2018
    Date of Patent: June 1, 2021
    Assignee: VERISIGN, INC.
    Inventors: Shumon Huque, Burton S. Kaliski, Jr., Eric Osterweil, Frank Scalzo, Duane Wessels, Glen Wiley
  • Patent number: 11016950
    Abstract: A system and method for modifying a bulk set of domain names through bulk operations. A request to modify a bulk set of data associated with domain names is received by a registry. A bulk processing engine associated with the registry can analyze the requested update job, and enforce compliance with a set of policies governing the operation of registry. A priority level can also be assigned to the requested job, so that it will be executed before or after other pending jobs. The user can likewise provide user-supplied policies, which can also be validated against the set of registry policies. Data faults can be reduced or eliminated, and update operations can be performed by comparatively inexperienced personnel.
    Type: Grant
    Filed: August 21, 2018
    Date of Patent: May 25, 2021
    Assignee: VERISIGN, INC.
    Inventors: Hui Griffiths, Srikanth Veeramachaneni
  • Patent number: 11005808
    Abstract: A computer-implemented method, computer-readable medium, and an apparatus operable to perform the method is provided for managing multiple provisioned domain name system (“DNS”) registry objects. The method can include receiving, at a DNS registry, a multiple domain extensible provisioning protocol (“EPP”) command from a registrar on behalf of a registrant to perform an action for each provisioned DNS registry object of the multiple provisioned DNS registry objects; comparing the action with one or more allowable actions in a policy maintained by the registry; determining, by a processor, that the action is allowable based on the comparing; and performing, based on the determining, the action on each of the provisioned DNS registry objects in one transaction.
    Type: Grant
    Filed: January 30, 2019
    Date of Patent: May 11, 2021
    Assignee: VERISIGN, INC.
    Inventors: James F. Gould, Srikanth Veeramachaneni, Nagesh Chigurupati
  • Patent number: 11005856
    Abstract: One or more DNS services are provided that are configured to not only tolerate some commonly observed DNSSEC misconfigurations (while still providing DNSSEC's security guarantees), but also provide a more intelligent DNS resolution process informed by DNSSEC.
    Type: Grant
    Filed: September 26, 2018
    Date of Patent: May 11, 2021
    Assignee: VERISIGN, INC.
    Inventors: Burton S. Kaliski, Jr., Eric Osterweil
  • Patent number: 10999240
    Abstract: In one embodiment, a domain name system (DNS) server processes a DNS query based on a policy statement that is attached to the DNS query. Upon receiving the DNS query, the DNS server executes one or more commands specified in the policy statement to generate a query state. The query state controls DNS resolution behavior that the DNS server implements as part of processing the DNS query. The DNS server then performs one or more DNS resolution operations based on DNS query and the query state to generate a response. Advantageously, because the semantics of the policy statement are encapsulated within the policy statement, the policy statement enables a client to unambiguously control DNS resolution behavior. By contrast, conventional DNS resolution guidance mechanisms that rely on DNS servers to infer policies based on client data may not reflect the preferences of the clients.
    Type: Grant
    Filed: August 31, 2016
    Date of Patent: May 4, 2021
    Assignee: VERISIGN, INC.
    Inventors: Eric Osterweil, Ashvatth Lakshmanan
  • Patent number: 10992630
    Abstract: Various embodiments disclosed herein provide techniques for transmitting an email message over a network. An email forwarding application executing on an email server receives a first request from a first device within the network to resolve an email address of an email recipient, where the email address is associated with a first domain. The email forwarding application determines that the email recipient is associated with a second domain. The email forwarding application transmits, to the first device, a first response to the first request that identifies the email recipient and the second domain.
    Type: Grant
    Filed: January 22, 2018
    Date of Patent: April 27, 2021
    Assignee: VERISIGN, INC.
    Inventors: Michael Kaczmarek, Sameer Thakar, Eric Osterweil
  • Patent number: 10979224
    Abstract: Systems and methods for updating a Domain Name System (DNS) registry are disclosed. Embodiments perform operations including maintaining a domain name record of a DNS registrant recorded in a database of the DNS registry by a primary DNS interface. The operations also include receiving a request to update the domain name record of the DNS registrant via a secondary DNS interface. The operations further include modifying the domain name record of the DNS registrant in the DNS database in accordance with the request.
    Type: Grant
    Filed: December 28, 2015
    Date of Patent: April 13, 2021
    Assignee: VERISIGN, INC.
    Inventors: Burton S. Kaliski, Jr., Scott Hollenbeck
  • Patent number: 10979384
    Abstract: Provided is a method of provisioning a named resource in a domain name system (“DNS”) with a registrar while preserving privacy of a registrant. The method includes obtaining, by a server of the registrar over a network, a request, from the registrant, to provision the named resource; determining, by at least one hardware processor of the server of the registrar, that the request requires additional handling by a privacy provider based on information in the request or information from the registrar; determining, by at least one hardware processor of the server of the registrar, a privacy provider from one or more privacy providers located in different geographic locations to service the request based on a location of the registrant; forwarding the request to the privacy provider; obtaining a cloaked identifier from the privacy provider; and provisioning the named resource in a database of a DNS registry using the cloaked identifier.
    Type: Grant
    Filed: March 25, 2016
    Date of Patent: April 13, 2021
    Assignee: VERISIGN, INC.
    Inventor: Andrew Fregly
  • Patent number: 10958617
    Abstract: A technique for resolving a uniform resource locator (URL) present on a social network website is presented. The technique includes detecting that a user's computing device is rendering a social network web page on the social network website, detecting a user activation of the URL present on the social network web page, where the URL present on the social network web page includes a domain name, obtaining a domain name system (DNS) resource record for the domain name, detecting, in the DNS resource record for the domain name, an entry for the social network website associated with a destination URL, retrieving content from the destination URL in response to at least the detecting that the user's computing device is rendering the social network web page and the detecting a user activation of the URL present on the social network web page, and causing the content to be displayed.
    Type: Grant
    Filed: April 10, 2017
    Date of Patent: March 23, 2021
    Assignee: VERISIGN, INC.
    Inventors: John Cochran, Karthik Shyamsunder, Ashvatth Lakshmanan
  • Patent number: D917552
    Type: Grant
    Filed: March 1, 2019
    Date of Patent: April 27, 2021
    Assignee: VERISIGN, INC.
    Inventors: Amanda Bessette, Jeremy McLean, Alla Proskuryakova