Patents by Inventor ERIC OSTERWEIL
ERIC OSTERWEIL has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20240129290Abstract: A method, system, and computer-readable memory containing instructions include receiving a DNS request containing authentication information, validating the authentication information, determining an appropriate action to take based on the validating status, and taking the appropriate action. Actions may include responding with an individualized network layer address or service location address, delaying sending a response message, sending a network layer address or service location address corresponding to a site containing authentication information, and sending a response with a network layer address or service location address with a web address configured to mimic the website related to the requested resource.Type: ApplicationFiled: December 28, 2023Publication date: April 18, 2024Applicant: VeriSign, Inc.Inventors: Danny MCPHERSON, Joseph WALDRON, Eric OSTERWEIL
-
Patent number: 11943197Abstract: Embodiments relate to systems, devices, non-transitory computer-readable storage media, and computer-implemented methods for resolving DNS requests by receiving a first Domain Name System (DNS) resolution request, extracting first contextual data from the first DNS resolution request, determining to apply a first resolution rule based on the first contextual data and a contextual condition, forwarding the first DNS resolution request to a DNS resolver based on applying the first resolution rule, receiving a second DNS resolution request, extracting second contextual data from the second DNS resolution request, determining to apply a second resolution rule based on the second contextual data and the contextual condition, and retrieving a resource in response to the second DNS resolution request based on applying the second resolution rule.Type: GrantFiled: September 30, 2022Date of Patent: March 26, 2024Assignee: VeriSign, Inc.Inventors: Danny McPherson, Eric Osterweil
-
Patent number: 11882109Abstract: A method, system, and computer-readable memory containing instructions include receiving a DNS request containing authentication information, validating the authentication information, determining an appropriate action to take based on the validating status, and taking the appropriate action. Actions may include responding with an individualized network layer address or service location address, delaying sending a response message, sending a network layer address or service location address corresponding to a site containing authentication information, and sending a response with a network layer address or service location address with a web address configured to mimic the website related to the requested resource.Type: GrantFiled: October 2, 2020Date of Patent: January 23, 2024Assignee: VeriSign, Inc.Inventors: Danny McPherson, Joseph Waldron, Eric Osterweil
-
Patent number: 11824829Abstract: Systems, devices and methods for a Domain Name Data Networking (DNDN) content delivery system are disclosed. Embodiments perform operations including obtaining a content object having a unique identifier. The operations also include storing a local instance of the content object in association with DNS resource records and the unique identifier. The operations further include providing the local instance of the content to a client in response to receiving a request from the client including the unique identifier.Type: GrantFiled: August 5, 2022Date of Patent: November 21, 2023Assignee: VeriSign, Inc.Inventors: Eric Osterweil, G. Craig Murray, Abedelaziz Mohaisen, Danny McPherson
-
Publication number: 20230362050Abstract: In one embodiment, a zone resiliency application indicates that an authoritative name server is in a degraded state. In operation, the zone resiliency application determines that the authoritative name server is in a degraded state. The zone resiliency application then generates a status record that indicates the degraded state. Subsequently, the zone resiliency application associates the status record with a domain name service (DNS) response to a DNS query. The zone resiliency application then transmits the DNS response and the associated status record to a requester.Type: ApplicationFiled: July 13, 2023Publication date: November 9, 2023Applicant: VeriSign, Inc.Inventors: Burton S. KALISKI, JR., Eric OSTERWEIL, Duane WESSELS, Frank SCALZO, Glen WILEY, Shumon HUQUE
-
Patent number: 11743107Abstract: In one embodiment, a zone resiliency application indicates that an authoritative name server is in a degraded state. In operation, the zone resiliency application determines that the authoritative name server is in a degraded state. The zone resiliency application then generates a status record that indicates the degraded state. Subsequently, the zone resiliency application associates the status record with a domain name service (DNS) response to a DNS query. The zone resiliency application then transmits the DNS response and the associated status record to a requester.Type: GrantFiled: January 26, 2018Date of Patent: August 29, 2023Assignee: VeriSign, Inc.Inventors: Burton S. Kaliski, Jr., Eric Osterweil, Duane Wessels, Frank Scalzo, Glen Wiley, Shumon Huque
-
Publication number: 20230231856Abstract: One or more DNS services are provided that are configured to not only tolerate some commonly observed DNSSEC misconfigurations (while still providing DNSSEC's security guarantees), but also provide a more intelligent DNS resolution process informed by DNSSEC.Type: ApplicationFiled: March 24, 2023Publication date: July 20, 2023Applicant: VeriSign, Inc.Inventors: Burton S. Kaliski, JR., Eric Osterweil
-
Patent number: 11700230Abstract: In one embodiment, a domain name system (DNS) server processes a DNS query based on a policy statement that is attached to the DNS query. Upon receiving the DNS query, the DNS server executes one or more commands specified in the policy statement to generate a query state. The query state controls DNS resolution behavior that the DNS server implements as part of processing the DNS query. The DNS server then performs one or more DNS resolution operations based on DNS query and the query state to generate a response. Advantageously, because the semantics of the policy statement are encapsulated within the policy statement, the policy statement enables a client to unambiguously control DNS resolution behavior. By contrast, conventional DNS resolution guidance mechanisms that rely on DNS servers to infer policies based on client data may not reflect the preferences of the clients.Type: GrantFiled: April 1, 2021Date of Patent: July 11, 2023Assignee: VeriSign, Inc.Inventors: Eric Osterweil, Ashvatth Lakshmanan
-
Patent number: 11616788Abstract: One or more DNS services are provided that are configured to not only tolerate some commonly observed DNSSEC misconfigurations (while still providing DNSSEC's security guarantees), but also provide a more intelligent DNS resolution process informed by DNSSEC.Type: GrantFiled: July 24, 2020Date of Patent: March 28, 2023Assignee: VeriSign, Inc.Inventors: Burton S. Kaliski, Jr., Eric Osterweil
-
Publication number: 20220377050Abstract: Systems, devices and methods for a Domain Name Data Networking (DNDN) content delivery system are disclosed. Embodiments perform operations including obtaining a content object having a unique identifier. The operations also include storing a local instance of the content object in association with DNS resource records and the unique identifier. The operations further include providing the local instance of the content to a client in response to receiving a request from the client including the unique identifier.Type: ApplicationFiled: August 5, 2022Publication date: November 24, 2022Applicant: VeriSign, Inc.Inventors: Eric OSTERWEIL, G. Craig MURRAY, Abedelaziz MOHAISEN, Danny MCPHERSON
-
Patent number: 11477159Abstract: Embodiments relate to systems, devices, non-transitory computer-readable storage media, and computer-implemented methods for resolving DNS requests by receiving a first Domain Name System (DNS) resolution request, extracting first contextual data from the first DNS resolution request, determining to apply a first resolution rule based on the first contextual data and a contextual condition, forwarding the first DNS resolution request to a DNS resolver based on applying the first resolution rule, receiving a second DNS resolution request, extracting second contextual data from the second DNS resolution request, determining to apply a second resolution rule based on the second contextual data and the contextual condition, and retrieving a resource in response to the second DNS resolution request based on applying the second resolution rule.Type: GrantFiled: December 28, 2016Date of Patent: October 18, 2022Assignee: VeriSign, Inc.Inventors: Danny McPherson, Eric Osterweil
-
Publication number: 20220255910Abstract: Provided herein is a method for registering an IoT device with a DNS registry. The method can include obtaining, at a DNS server, an identifier, IP address, and a public key of an asymmetric key pair associated with the IoT device from a network gateway device that is in communication with the IoT device, wherein the asymmetric key pair is provisioned onto the IoT device and an associated private key stored within a memory of the IoT device at a time that IoT device is manufactured or during a predetermined time window after manufacturing; creating at least one DNS record for the IoT device; assigning a domain name associated with the internet protocol (“IP”) address to the IoT device; storing the identifier, IP address, the domain name, and the public key in the at least one DNS record; and providing confirmation of the registration to the IoT device.Type: ApplicationFiled: April 26, 2022Publication date: August 11, 2022Applicant: VeriSign, Inc.Inventors: Stephen Daniel JAMES, Daniel SCHONFELD, Andrew FREGLY, Eric OSTERWEIL
-
Patent number: 11411912Abstract: Systems, devices and methods for a Domain Name Data Networking (DNDN) content delivery system are disclosed. Embodiments perform operations including obtaining a content object having a unique identifier. The operations also include storing a local instance of the content object in association with DNS resource records and the unique identifier. The operations further include providing the local instance of the content to a client in response to receiving a request from the client including the unique identifier.Type: GrantFiled: May 5, 2016Date of Patent: August 9, 2022Assignee: VeriSign, Inc.Inventors: Eric Osterweil, G. Craig Murray, Abedelaziz Mohaisen, Danny McPherson
-
Patent number: 11323422Abstract: Provided herein is a method for registering an IoT device with a DNS registry. The method can include obtaining, at a DNS server, an identifier, IP address, and a public key of an asymmetric key pair associated with the IoT device from a network gateway device that is in communication with the IoT device, wherein the asymmetric key pair is provisioned onto the IoT device and an associated private key stored within a memory of the IoT device at a time that IoT device is manufactured or during a predetermined time window after manufacturing; creating at least one DNS record for the IoT device; assigning a domain name associated with the internet protocol (“IP”) address to the IoT device; storing the identifier, IP address, the domain name, and the public key in the at least one DNS record; and providing confirmation of the registration to the IoT device.Type: GrantFiled: September 11, 2017Date of Patent: May 3, 2022Assignee: VeriSign, Inc.Inventors: Stephen Daniel James, Daniel Schonfeld, Andrew Fregly, Eric Osterweil
-
Patent number: 11190479Abstract: A method for detecting a predetermined behavior during a domain name registration or a domain resolution activity includes identifying one or more dimensions to be tracked. One or more metrics for each dimension is/are identified. A first time series for each of the metrics is generated. One or more first outliers in at least one of the first time series is detected. One or more sets of metrics is generated, each set including a combination of two or more of the metrics. A second time series for each of the metrics in the one or more sets of metrics is generated. One or more second outliers in at least one of the second time series is/are detected.Type: GrantFiled: May 23, 2017Date of Patent: November 30, 2021Assignee: VERISIGN, INC.Inventors: Yannis Labrou, Tomofumi Okubo, Eric Osterweil, Matthew Thomas
-
Patent number: 11122004Abstract: In one embodiment, a global domain name system (DNS) server processes a DNS query based on an internal network policy. Upon receiving a DNS query that is associated with a source IP address, the global DNS server identifies a client subnet based on the DNS query. The client subnet is associated with an internal device on an internal network. The global DNS server selects an internal network policy from multiple predetermined policies based on the source IP address and the client subnet. The global DNS server then tailors one or more DNS resolution operations that generate a response to the DNS query based on the selected internal network policy. Advantageously, the client subnet provides the global DNS server with visibility into the internal network. Such visibility enables the global DNS server to apply policies selectively at the granularity of individual devices on the internal network.Type: GrantFiled: October 21, 2016Date of Patent: September 14, 2021Assignee: VERISIGN, INC.Inventors: Michael Kaczmarek, Eric Osterweil
-
Patent number: 11032127Abstract: In one embodiment, a resolution resiliency application performs robust domain name system (DNS) resolution. In operation, the resolution resiliency application determines that an authoritative name server that is responsible for a domain name specified in a DNS query is unavailable. In response to determining that the authoritative name server is unavailable, the resolution resiliency application performs operation(s) that modify one or more DNS records stored in a cache based on one or more resiliency policies associated with the authoritative name server. The resolution resiliency application then generates a DNS response to the DNS query based on a DNS record stored in the modified cache. Notably, unlike conventional techniques that may generate inaccurate DNS responses based on stale DNS records, the disclosed techniques increase the likelihood of providing clients with DNS responses that accurately provide requested information.Type: GrantFiled: June 26, 2017Date of Patent: June 8, 2021Assignee: VERISIGN, INC.Inventors: Shumon Huque, Burton S. Kaliski, Jr., Eric Osterweil, Frank Scalzo, Glen Wiley
-
Patent number: 11025482Abstract: In one embodiment, a resolution resiliency application modifies domain name service (DNS) resolution. In operation, the resolution resiliency application determines that an authoritative name server has begun recovering from a degraded state or receives a flush list update from the authoritative name server. In response, the resolution resiliency application performs operation(s) that modify a query rate and/or a cache. The query rate specifies a frequency associated with DNS queries transmitted to the first authoritative name server. The cache stores DNS record(s) received from the first authoritative name server. Finally, the resolution resiliency application generates a DNS response to a DNS query based on the modified query rate and/or the modified cache.Type: GrantFiled: January 26, 2018Date of Patent: June 1, 2021Assignee: VERISIGN, INC.Inventors: Shumon Huque, Burton S. Kaliski, Jr., Eric Osterweil, Frank Scalzo, Duane Wessels, Glen Wiley
-
Patent number: 11005856Abstract: One or more DNS services are provided that are configured to not only tolerate some commonly observed DNSSEC misconfigurations (while still providing DNSSEC's security guarantees), but also provide a more intelligent DNS resolution process informed by DNSSEC.Type: GrantFiled: September 26, 2018Date of Patent: May 11, 2021Assignee: VERISIGN, INC.Inventors: Burton S. Kaliski, Jr., Eric Osterweil
-
Patent number: 10999240Abstract: In one embodiment, a domain name system (DNS) server processes a DNS query based on a policy statement that is attached to the DNS query. Upon receiving the DNS query, the DNS server executes one or more commands specified in the policy statement to generate a query state. The query state controls DNS resolution behavior that the DNS server implements as part of processing the DNS query. The DNS server then performs one or more DNS resolution operations based on DNS query and the query state to generate a response. Advantageously, because the semantics of the policy statement are encapsulated within the policy statement, the policy statement enables a client to unambiguously control DNS resolution behavior. By contrast, conventional DNS resolution guidance mechanisms that rely on DNS servers to infer policies based on client data may not reflect the preferences of the clients.Type: GrantFiled: August 31, 2016Date of Patent: May 4, 2021Assignee: VERISIGN, INC.Inventors: Eric Osterweil, Ashvatth Lakshmanan