Patents by Inventor Philip Lisiecki
Philip Lisiecki has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11343344Abstract: A proxy server is augmented with the capability of taking transient possession of a received entity for purposes of serving consuming devices. This capability supplements destination forwarding and/or origin server transactions performed by the proxy server. This capability enables several entity transfer modes, including a rendezvous service, in which the proxy server can (if invoked by a client) fulfill a client's request with an entity that the proxy server receives from a producing device contemporaneous with (or shortly after) the request for that entity. It also enables server-to-server transfers with synchronous or asynchronous destination forwarding behavior. It also enables a mode in which clients can request different representations of entities, e.g., from either the near-channel (e.g., the version stored at the proxy server) or a far-channel (e.g., at origin server).Type: GrantFiled: May 20, 2021Date of Patent: May 24, 2022Assignee: Akamai Technologies, Inc.Inventors: Matthew J. Stevens, Michael G. Merideth, Nil Alexandrov, Andrew F. Champagne, Brendan Coyle, Timothy Glynn, Mark A. Roman, Philip A. Lisiecki, Xin Xu
-
Patent number: 11272025Abstract: Stream delivery within a content delivery network (CDN) includes recording the stream using a recording tier, and playing the stream using a player tier. Recording begins when the stream is received in a source format. The stream is then converted into an intermediate format (IF), which comprises a stream manifest, one or more fragment indexes (FI), and a set of IF fragments. A player process begins when a requesting client is associated with a CDN HTTP proxy. In response to receipt at the proxy of a request for the stream, the HTTP proxy retrieves (either from the archive or the data store) the stream manifest and at least one fragment index. Using the fragment index, the IF fragments are retrieved to the HTTP proxy, converted to a target format, and then served in response to the client request. Preferably, fragments are accessed, cached and served by the proxy via HTTP.Type: GrantFiled: December 1, 2020Date of Patent: March 8, 2022Assignee: Akamai Technologies, Inc.Inventors: Christopher R. Knox, Philip A. Lisiecki, James Mutton, Chuck Bernard, Ashok Lalwani, William Law, Thomas Devanneaux
-
Publication number: 20210084110Abstract: Stream delivery within a content delivery network (CDN) includes recording the stream using a recording tier, and playing the stream using a player tier. Recording begins when the stream is received in a source format. The stream is then converted into an intermediate format (IF), which comprises a stream manifest, one or more fragment indexes (FI), and a set of IF fragments. A player process begins when a requesting client is associated with a CDN HTTP proxy. In response to receipt at the proxy of a request for the stream, the HTTP proxy retrieves (either from the archive or the data store) the stream manifest and at least one fragment index. Using the fragment index, the IF fragments are retrieved to the HTTP proxy, converted to a target format, and then served in response to the client request. Preferably, fragments are accessed, cached and served by the proxy via HTTP.Type: ApplicationFiled: December 1, 2020Publication date: March 18, 2021Inventors: Christopher R. Knox, Philip A. Lisiecki, James Mutton, Chuck Bernard, Ashok Lalwani, William Law, Thomas Devanneaux
-
Patent number: 10855792Abstract: Stream delivery within a content delivery network (CDN) includes recording the stream using a recording tier, and playing the stream using a player tier. Recording begins when the stream is received in a source format. The stream is then converted into an intermediate format (IF), which comprises a stream manifest, one or more fragment indexes (FI), and a set of IF fragments. A player process begins when a requesting client is associated with a CDN HTTP proxy. In response to receipt at the proxy of a request for the stream, the HTTP proxy retrieves (either from the archive or the data store) the stream manifest and at least one fragment index. Using the fragment index, the IF fragments are retrieved to the HTTP proxy, converted to a target format, and then served in response to the client request. Preferably, fragments are accessed, cached and served by the proxy via HTTP.Type: GrantFiled: May 14, 2019Date of Patent: December 1, 2020Assignee: Akamai Technologies, Inc.Inventors: Christopher R. Knox, Philip A. Lisiecki, James Mutton, Chuck Bernard, Ashok Lalwani, William Law, Thomas Devanneaux
-
Patent number: 10630771Abstract: According to certain non-limiting embodiments disclosed herein, the functionality of a distributed computing platform, such as a content delivery network with network storage, is improved by providing automated and on-demand upload capability into the network storage. In one embodiment, the platform is made up of many proxy servers. As clients request content from the proxies, they generate upload commands for the network storage subsystem to ingest the content from a content provider origin infrastructure. Preferably, the proxy servers are configured to generate ‘safe’ upload commands such that objects are not ingested if they contain sensitive information and/or are personalized and/or might be dynamically generated objects. Thus, relatively safe ‘static’ objects can be automatically uploaded and migrated from a content provider origin, as client requests arrive.Type: GrantFiled: August 25, 2015Date of Patent: April 21, 2020Assignee: Akamai Technologies, Inc.Inventors: Javier Garza, Philip A. Lisiecki, Michael Haag
-
Patent number: 10601887Abstract: A method of delivering a live stream is implemented within a content delivery network (CDN) and includes the high level functions of recording the stream using a recording tier, and playing the stream using a player tier. The step of recording the stream includes a set of sub-steps that begins when the stream is received at a CDN entry point in a source format. The stream is then converted into an intermediate format (IF), which is an internal format for delivering the stream within the CDN and comprises a stream manifest, a set of one or more fragment indexes (FI), and a set of IF fragments. The player process begins when a requesting client is associated with a CDN HTTP proxy. In response to receipt at the HTTP proxy of a request for the stream or a portion thereof, the HTTP proxy retrieves (either from the archive or the data store) the stream manifest and at least one fragment index.Type: GrantFiled: July 26, 2017Date of Patent: March 24, 2020Assignee: Akamai Technologies, Inc.Inventors: Christopher R. Knox, Philip A. Lisiecki, James Mutton, Chuck Bernard
-
Patent number: 10547585Abstract: To serve content through a content delivery network (CDN), the CDN must have some information about the identity, characteristics and state of its target objects. Such additional information is provided in the form of object metadata, which according to the invention can be located in the request string itself, in the response headers from the origin server, in a metadata configuration file distributed to CDN servers, or in a per-customer metadata configuration file. CDN content servers execute a request identification and parsing process to locate object metadata and to handle the request in accordance therewith. Where different types of metadata exist for a particular object, metadata in a configuration file is overridden by metadata in a response header or request string, with metadata in the request string taking precedence.Type: GrantFiled: December 19, 2017Date of Patent: January 28, 2020Assignee: Akamai Technologies, Inc.Inventors: Joel M. Wein, John Josef Kloninger, Mark C. Nottingham, David R. Karger, Philip A. Lisiecki
-
Publication number: 20190268432Abstract: Stream delivery within a content delivery network (CDN) includes recording the stream using a recording tier, and playing the stream using a player tier. Recording begins when the stream is received in a source format. The stream is then converted into an intermediate format (IF), which comprises a stream manifest, one or more fragment indexes (FI), and a set of IF fragments. A player process begins when a requesting client is associated with a CDN HTTP proxy. In response to receipt at the proxy of a request for the stream, the HTTP proxy retrieves (either from the archive or the data store) the stream manifest and at least one fragment index. Using the fragment index, the IF fragments are retrieved to the HTTP proxy, converted to a target format, and then served in response to the client request. Preferably, fragments are accessed, cached and served by the proxy via HTTP.Type: ApplicationFiled: May 14, 2019Publication date: August 29, 2019Inventors: Christopher R. Knox, Philip A. Lisiecki, James Mutton, Chuck Bernard, Ashok Lalwani, William Law, Thomas Devanneaux
-
Patent number: 10291734Abstract: Live stream delivery within a content delivery network (CDN) includes recording the stream using a recording tier, and playing the stream using a player tier. Recording begins when the stream is received in a source format. The stream is then converted into an intermediate format (IF), which comprises a stream manifest, one or more fragment indexes (FI), and a set of IF fragments. A player process begins when a requesting client is associated with a CDN HTTP proxy. In response to receipt at the proxy of a request for the stream, the HTTP proxy retrieves (either from the archive or the data store) the stream manifest and at least one fragment index. Using the fragment index, the IF fragments are retrieved to the HTTP proxy, converted to a target format, and then served in response to the client request. Preferably, fragments are accessed, cached and served by the proxy via HTTP.Type: GrantFiled: December 26, 2016Date of Patent: May 14, 2019Assignee: Akamai Technologies, Inc.Inventors: Christopher R. Knox, Philip A. Lisiecki, James Mutton, Chuck Bernard, Ashok Lalwani, William Law, Thomas Devanneaux
-
Patent number: 10120924Abstract: A data storage system with quorum-based commits sometimes experiences replica failure, due to unavailability of a replica-hosting node, for example. Described herein are methods and systems for improving data persistence and availability in a distributed data store where data is stored in a plurality of shards and a given shard is replicated across a plurality of nodes so as to create a plurality of replicas, and a quorum of replicas is needed for access to the given shard. Among other things, the methods and systems generally involve determining whether to quarantine or delete unavailable replicas in a given shard, and how to handle purge requests related to the shard when there are quarantined replicas.Type: GrantFiled: November 17, 2014Date of Patent: November 6, 2018Assignee: AKAMAI TECHNOLOGIES, INC.Inventors: Kai C Wong, Philip A Lisiecki, Sung Chiu
-
Patent number: 10091240Abstract: An infrastructure delivery platform provides a RSA proxy service as an enhancement to the TLS/SSL protocol to off-load, from an edge server to an external cryptographic server, the decryption of an encrypted pre-master secret. The technique provides forward secrecy in the event that the edge server is compromised, preferably through the use of a cryptographically strong hash function that is implemented separately at both the edge server and the cryptographic server. To provide the forward secrecy for this particular leg, the edge server selects an ephemeral value, and applies a cryptographic hash the value to compute a server random value, which is then transmitted back to the requesting client. That server random value is later re-generated at the cryptographic server to enable the cryptographic server to compute a master secret. The forward secrecy is enabled by ensuring that the ephemeral value does not travel on the wire.Type: GrantFiled: January 22, 2018Date of Patent: October 2, 2018Assignee: Akamai Technologies, Inc.Inventors: Charles E. Gero, Philip A. Lisiecki
-
Publication number: 20180146010Abstract: An infrastructure delivery platform provides a RSA proxy service as an enhancement to the TLS/SSL protocol to off-load, from an edge server to an external cryptographic server, the decryption of an encrypted pre-master secret. The technique provides forward secrecy in the event that the edge server is compromised, preferably through the use of a cryptographically strong hash function that is implemented separately at both the edge server and the cryptographic server. To provide the forward secrecy for this particular leg, the edge server selects an ephemeral value, and applies a cryptographic hash the value to compute a server random value, which is then transmitted back to the requesting client. That server random value is later re-generated at the cryptographic server to enable the cryptographic server to compute a master secret. The forward secrecy is enabled by ensuring that the ephemeral value does not travel on the wire.Type: ApplicationFiled: January 22, 2018Publication date: May 24, 2018Inventors: Charles E. Gero, Philip A. Lisiecki
-
Publication number: 20180109489Abstract: To serve content through a content delivery network (CDN), the CDN must have some information about the identity, characteristics and state of its target objects. Such additional information is provided in the form of object metadata, which according to the invention can be located in the request string itself, in the response headers from the origin server, in a metadata configuration file distributed to CDN servers, or in a per-customer metadata configuration file. CDN content servers execute a request identification and parsing process to locate object metadata and to handle the request in accordance therewith. Where different types of metadata exist for a particular object, metadata in a configuration file is overridden by metadata in a response header or request string, with metadata in the request string taking precedence.Type: ApplicationFiled: December 19, 2017Publication date: April 19, 2018Inventors: Joel M. Wein, John Josef Kloninger, Mark C. Nottingham, David R. Karger, Philip A. Lisiecki
-
Patent number: 9876820Abstract: An infrastructure delivery platform provides a RSA proxy service as an enhancement to the TLS/SSL protocol to off-load, from an edge server to an external cryptographic server, the decryption of an encrypted pre-master secret. The technique provides forward secrecy in the event that the edge server is compromised, preferably through the use of a cryptographically strong hash function that is implemented separately at both the edge server and the cryptographic server. To provide the forward secrecy for this particular leg, the edge server selects an ephemeral value, and applies a cryptographic hash the value to compute a server random value, which is then transmitted back to the requesting client. That server random value is later re-generated at the cryptographic server to enable the cryptographic server to compute a master secret. The forward secrecy is enabled by ensuring that the ephemeral value does not travel on the wire.Type: GrantFiled: June 26, 2017Date of Patent: January 23, 2018Assignee: Akamai Technologies, Inc.Inventors: Charles E. Gero, Philip A. Lisiecki
-
Patent number: 9847966Abstract: To serve content through a content delivery network (CDN), the CDN must have some information about the identity, characteristics and state of its target objects. Such additional information is provided in the form of object metadata, which according to the invention can be located in the request string itself, in the response headers from the origin server, in a metadata configuration file distributed to CDN servers, or in a per-customer metadata configuration file. CDN content servers execute a request identification and parsing process to locate object metadata and to handle the request in accordance therewith. Where different types of metadata exist for a particular object, metadata in a configuration file is overridden by metadata in a response header or request string, with metadata in the request string taking precedence.Type: GrantFiled: October 12, 2015Date of Patent: December 19, 2017Assignee: Akamai Technologies, Inc.Inventors: Joel M. Wein, John Josef Kloninger, Mark C. Nottingham, David R. Karger, Philip A. Lisiecki
-
Publication number: 20170324796Abstract: A method of delivering a live stream is implemented within a content delivery network (CDN) and includes the high level functions of recording the stream using a recording tier, and playing the stream using a player tier. The step of recording the stream includes a set of sub-steps that begins when the stream is received at a CDN entry point in a source format. The stream is then converted into an intermediate format (IF), which is an internal format for delivering the stream within the CDN and comprises a stream manifest, a set of one or more fragment indexes (FI), and a set of IF fragments. The player process begins when a requesting client is associated with a CDN HTTP proxy. In response to receipt at the HTTP proxy of a request for the stream or a portion thereof, the HTTP proxy retrieves (either from the archive or the data store) the stream manifest and at least one fragment index.Type: ApplicationFiled: July 26, 2017Publication date: November 9, 2017Applicant: Akamai Technologies, Inc.Inventors: Christopher R. Knox, Philip A. Lisiecki, James Mutton, Chuck Bernard
-
Publication number: 20170302700Abstract: An infrastructure delivery platform provides a RSA proxy service as an enhancement to the TLS/SSL protocol to off-load, from an edge server to an external cryptographic server, the decryption of an encrypted pre-master secret. The technique provides forward secrecy in the event that the edge server is compromised, preferably through the use of a cryptographically strong hash function that is implemented separately at both the edge server and the cryptographic server. To provide the forward secrecy for this particular leg, the edge server selects an ephemeral value, and applies a cryptographic hash the value to compute a server random value, which is then transmitted back to the requesting client. That server random value is later re-generated at the cryptographic server to enable the cryptographic server to compute a master secret. The forward secrecy is enabled by ensuring that the ephemeral value does not travel on the wire.Type: ApplicationFiled: June 26, 2017Publication date: October 19, 2017Inventors: Charles E. Gero, Philip A. Lisiecki
-
Publication number: 20170302585Abstract: According to certain non-limiting embodiments disclosed herein, the functionality of a server is extended with a mechanism for identifying connections with clients that have exhibited attack characteristics (for example, characteristics indicating a DoS attack), and for transitioning internal ownership of those connections such that server resources consumed by the connection are reduced, while keeping the connection open. The connection thus moves from a state of relatively high resource use to a state of relatively low server resource use. According to certain non-limiting embodiments disclosed herein, the functionality of a server is extended by enabling the server to determine that any of a client and a connection exhibits one or more attack characteristics (e.g., based on at least one of client attributes, connection attributes, and client behavior during the connection, or otherwise). As a result of the determination, the server changes its treatment of the connection.Type: ApplicationFiled: March 18, 2017Publication date: October 19, 2017Applicant: Akamai Technologies, Inc.Inventors: Sudhin Mishra, Stephen L. Ludin, John A. Dilley, Erik Nygren, Philip Lisiecki, Karl-Eliv J. Hallin, Joshua Hunt
-
Patent number: 9794282Abstract: According to certain non-limiting embodiments disclosed herein, the functionality of a server is extended with a mechanism for identifying connections with clients that have exhibited attack characteristics (for example, characteristics indicating a DoS attack), and for transitioning internal ownership of those connections such that server resources consumed by the connection are reduced, while keeping the connection open. The connection thus moves from a state of relatively high resource use to a state of relatively low server resource use. According to certain non-limiting embodiments disclosed herein, the functionality of a server is extended by enabling the server to determine that any of a client and a connection exhibits one or more attack characteristics (e.g., based on at least one of client attributes, connection attributes, and client behavior during the connection, or otherwise). As a result of the determination, the server changes its treatment of the connection.Type: GrantFiled: March 18, 2017Date of Patent: October 17, 2017Assignee: Akamai Technologies, Inc.Inventors: Sudhin Mishra, Stephen L. Ludin, John A. Dilley, Erik Nygren, Philip Lisiecki, Karl-Eliv J. Hallin, Joshua Hunt
-
Patent number: 9692736Abstract: An infrastructure delivery platform provides a RSA proxy service as an enhancement to the TLS/SSL protocol to off-load, from an edge server to an external cryptographic server, the decryption of an encrypted pre-master secret. The technique provides forward secrecy in the event that the edge server is compromised, preferably through the use of a cryptographically strong hash function that is implemented separately at both the edge server and the cryptographic server. To provide the forward secrecy for this particular leg, the edge server selects an ephemeral value, and applies a cryptographic hash the value to compute a server random value, which is then transmitted back to the requesting client. That server random value is later re-generated at the cryptographic server to enable the cryptographic server to compute a master secret. The forward secrecy is enabled by ensuring that the ephemeral value does not travel on the wire.Type: GrantFiled: December 26, 2016Date of Patent: June 27, 2017Assignee: Akamai Technologies, Inc.Inventors: Charles E. Gero, Philip A. Lisiecki