Search

KR-102960564-B1 - Systems and methods for evaluating client device trust in distributed computing systems

KR102960564B1KR 102960564 B1KR102960564 B1KR 102960564B1KR-102960564-B1

Abstract

The method comprises the step of receiving a request for desired content from a client device by a processing device of a content sharing platform, wherein the content is stored in a content delivery network (CDN). The method further comprises the step of generating a partial trust metric associated with the client device based on data available to the content sharing platform, wherein the partial trust metric is to be used by a CDN server to make a determination regarding access to the desired content by the client device. The method further comprises the step of generating a response to the content request, wherein the response includes the partial trust metric and one or more resource locators for accessing the desired content from the CDN. The method further comprises the step of transmitting the response to the client device to enable the client device to request the desired content from the CDN server using the resource locator(s) and the partial trust metric.

Inventors

  • 드레이퍼, 존
  • 휘태커, 콜린
  • 샤오, 하이둥
  • 리, 데이빗
  • 아일스, 아드리안
  • 코발코브, 막심

Assignees

  • 구글 엘엘씨

Dates

Publication Date
20260507
Application Date
20220303
Priority Date
20210303

Claims (20)

  1. As a method, A step of receiving a request for desired content from a client device by a processing device of a content sharing platform - said content is stored in a content delivery network (CDN), said content sharing platform supplies said content to client devices and said CDN provides said content to said client devices -; A step of generating a partial trust metric associated with the client device by an authorization service of the content sharing platform based on data available on the content sharing platform - the partial trust metric must be used by a CDN server to make a determination regarding access to the desired content by the client device -; A step of generating a response of the content sharing platform to the above content request—the response comprising the partial trust metric and one or more resource locators for accessing the desired content on the CDN—; and A step of transmitting the response to the client device to enable the client device to request the desired content from the CDN server using the one or more resource locators and the partial trust metric. A method including
  2. In paragraph 1, Data available on the content sharing platform comprises one or more of a plurality of characteristics, including the viewing history of a user associated with the client device, whether the user has previously viewed the desired content, whether the client device has previously successfully decrypted other content, whether the user is logged in, whether the user has engaged in or is suspected of engaging in unauthorized activity, the internet protocol (IP) address of the client device, or encryption logs associated with the client device.
  3. In paragraph 1, The above partial confidence metric is a method generated using heuristic rules.
  4. In paragraph 1, The above partial confidence metric is generated using a machine learning model.
  5. In paragraph 1, A method in which a response comprising one or more resource locators and a partial trust metric is digitally signed using one or more signed parameters that provide at least one of an expiration time for at least one of the partial trust metric and at least one of the one or more resource locators, a bit rate for delivering the desired content, or an identifier of a playback event generated for a request for the desired content.
  6. In paragraph 1, Step of rejecting the content request based on the above partial trust metric A method that further includes.
  7. In paragraph 1, A method in which the above partial trust metric is to be used by the CDN server to determine whether to release the desired content to the client device or to downgrade the quality of the desired content.
  8. In paragraph 2, A method in which the data available to the content sharing platform used to generate the partial trust metric is not available to the CDN server, and when the client device requests the desired content, the partial trust metric is provided to the CDN server but none of the multiple characteristics are provided.
  9. In paragraph 1, The above partial trust metric must be combined with one or more additional factors to determine the client device trust status used by the CDN to determine whether the CDN server will release the desired content to the client device or downgrade the quality of the desired content, and the one or more additional factors are identified by the CDN server based on data available to the CDN server.
  10. In Paragraph 9, The above additional factors include at least one of an IP address used by the client device to request content from the CDN server, one or more cookies provided to the CDN server along with the content request, a client agent reported to the CDN server by the client device, a type of the requested content, a bitrate of the requested content, or an amount of content requested in the content request.
  11. As a system, Memory; and Processing device of a content sharing platform coupled to the above memory Includes, The above processing device is: The processing device of the above-mentioned content sharing platform receives a request for desired content from a client device - the content is stored in a content delivery network (CDN), the content sharing platform supplies the content to client devices, and the CDN provides the content to the client devices -; Based on data available on the content sharing platform, a trust package associated with the client device is generated—the trust package must be used by a CDN server to make a determination regarding access to the desired content by the client device—; Generating a response of the content sharing platform to the above content request - said response includes the trust package and one or more resource locators for accessing the desired content on the CDN -; A system for transmitting the response to the client device to enable the client device to request the desired content from the CDN server using the one or more resource locators and the trust package.
  12. In Paragraph 11, Data available on the content sharing platform comprises one or more of a plurality of characteristics, including the viewing history of a user associated with the client device, whether the user has previously viewed the desired content, whether the client device has previously successfully decrypted other content, whether the user is logged in, whether the user has engaged in or is suspected of engaging in unauthorized activity, the Internet Protocol (IP) address of the client device, or encryption logs associated with the client device.
  13. In Paragraph 11, The above trust package is a system comprising a plurality of characteristics indicating whether the user of the client device is logged in, the type of browser used by the user to request the content, the geographical location of the client device, or the IP address of the client device.
  14. In Paragraph 11, A system comprising a trust package that includes commands that instruct the CDN server to perform one or more functions in response to the satisfaction of a condition.
  15. In Paragraph 11, A system in which a response comprising one or more resource locators and a trust package is digitally signed using one or more signed parameters that provide at least one of an expiration time for at least one of the trust package and at least one of the one or more resource locators, a bit rate for delivering the desired content, or an identifier of a playback event generated for a request for the desired content.
  16. In Paragraph 11, The above processing device additionally: A system that operates to reject the content request based on the above trust package.
  17. In Paragraph 11, A system in which the above trust package is to be used by the CDN server to determine whether to release the desired content to the client device or to downgrade the quality of the desired content.
  18. In Paragraph 11, A system in which a plurality of characteristics of the above-mentioned trust package are to be compared with data obtained from a content request of the client device to the CDN by the CDN server.
  19. In Paragraph 11, The above processing device additionally: Based on data available on the content sharing platform, the purpose is to generate partial trust metrics associated with the client device, and A system in which the above partial trust metric must be used by the CDN server together with the trust package to make a determination regarding access to the desired content by the client device.
  20. As a computer-readable storage medium containing instructions, The above commands cause the processing device to perform operations in response to execution by the processing device for the content sharing platform, and the operations are: An operation of receiving a request for desired content from a client device - said content is stored in a content delivery network (CDN), said content sharing platform supplies said content to client devices and said CDN provides said content to said client devices -; An operation to generate a partial trust metric associated with the client device based on data available on a content sharing platform - said partial trust metric must be used by a CDN server to make a determination regarding access to the desired content by said client device -; An operation to generate a response of the content sharing platform to the above content request—the response comprising the partial trust metric and one or more resource locators for accessing the desired content on the CDN—; and The operation of transmitting the response to the client device to enable the client device to request the desired content from the CDN server using the one or more resource locators and the partial trust metric. A computer-readable storage medium comprising

Description

Systems and methods for evaluating client device trust in distributed computing systems The aspects and embodiments of the present disclosure relate to content sharing platforms, and more specifically, to evaluating client device trust in a distributed computing system. Content delivery platforms connected via the Internet enable users to connect with one another and share information. Many content delivery platforms include modes of content sharing that allow users to upload, view, and share content such as video items, image items, and audio items. Other users of the content delivery platform may comment on shared content, discover new content, locate updates, share content, or otherwise interact with the provided content. Shared content may include content from professional content creators, such as movie clips, TV clips, and music video items, as well as content from amateur content creators, such as video blogging and short original video items. One aspect of the present disclosure provides a method comprising: receiving a request for desired content from a client device by a processing device of a content sharing platform, wherein the content is stored in a content delivery network (CDN); generating a partial trust metric associated with the client device based on data available to the content sharing platform, wherein the partial trust metric is to be used by a CDN server to make a determination regarding access to the desired content by the client device; generating a response to the content request, wherein the response comprises the partial trust metric and one or more resource locators for accessing the desired content in the CDN; and transmitting the response to the client device to enable the client device to request the desired content from the CDN server using the one or more resource locators and the partial trust metric. Further embodiments of the present disclosure provide a system comprising: a memory; and a processing device coupled to the memory, wherein the processing device comprises: receiving a request for desired content from a client device by the processing device of a content sharing platform—the content is stored in a content delivery network (CDN)—; generating a trust package associated with the client device based on data available to the content sharing platform—wherein the trust package is to be used by a CDN server to make a determination regarding access to the desired content by the client device—; generating a response to the content request—wherein the response comprises the trust package and one or more resource locators for accessing the desired content in the CDN—; and transmitting the response to the client device to enable the client device to request the desired content from the CDN server using one or more resource locators and the trust package. Further aspects of the present disclosure provide a computer program product (e.g., a software product that can be downloaded without necessarily being stored in a non-transitual manner, or a tangible computer-readable medium) comprising instructions that, in response to execution by a processing device, cause the processing device to perform operations including a method according to any aspect or embodiment described herein. The aspects and embodiments of the present disclosure will be more fully understood from the detailed description provided below and from the accompanying drawings of the various aspects and embodiments of the present disclosure, but these accompanying drawings are not to be construed as limiting the present disclosure to specific aspects or embodiments and are for illustrative and illustrative purposes only.FIG. 1 illustrates an exemplary system architecture according to one embodiment of the present disclosure. FIG. 2 is a diagram of operations for evaluating client device reliability according to embodiments of the present disclosure. FIG. 3 is another diagram of operations for evaluating client device reliability according to embodiments of the present disclosure. FIG. 4 illustrates a flow diagram of a method for generating a partial confidence metric according to embodiments of the present disclosure. FIG. 5 illustrates a flow diagram of a method for determining a client device trust state according to embodiments of the present disclosure. FIG. 6 is a block diagram illustrating an exemplary computer system according to one embodiment of the present disclosure. A content sharing platform (also referred to herein as a “content delivery platform”) may supply content, such as video items, audio items, or gaming items, to users through client devices. Users may log in to a user account associated with the content sharing platform to access the content sharing platform and upload and/or consume content. The content sharing platform may use a content distribution network (CDN) (also referred to herein as a “content delivery network”) to store content and provide it to client devices. A CDN may incl