Content delivery is of increasing importance to the overall architecture of the web. Content providers and content consumers are interested in value-add services that operate on content before its delivery to content consumer. Current proposals for providing services that would be deployed in the network involve, for example, a web proxy cache between the origin server and the client, that would transform or filter content. Examples of proposed services include assembling personalized web pages, adding user-specific regional information to web pages, virus scanning, content adaptation for clients with limited bandwidth, language translation, and the like.
Providing edge services have also paved the road to the use of Content Services Overlay Networks, whereby, the customization of the content can be performed across service engines or application gateways that span multiple networks. Content Services Overlay Networks can consist of service engines that belong to different authoritative domains that agree to cooperate together to provide value added service on the content on behalf of content providers.
However, the introduction of intermediaries in the content path requires the development of mechanisms that guarantee the integrity of the content in transit in the Internet between client/intermediary, intermediary/intermediary, and intermediary/origin server. This in return raises serious questions about the integrity of the content as delivered to the consumer, and whether the content provider or content consumer authorizes the adaptations that were performed on the content. For example, in transparent caching, a proxy server instead of the intended server can silently fulfill user's requests for the content. In general, transparent caching can be performed without consent of the user or the content provider.
Any proposal must protect end-to-end data integrity by supporting end-host detection and response to inappropriate behavior by intermediaries. Certainly, the presence of intermediaries and caches in the content path add intelligence within the public network, where content storage and/or adaptation can occur. Thus, what is needed is an approach that ensures the security, trust and integrity of content in an intelligent network. In the essence, there should be an approach that guarantee the end-to-end data integrity in a network with distributed intelligence.
Content providers can describe the list of adaptations, modifications, cache-ability and policies that they authorize on their content in whole or any dynamically generated parts in content profiles. The content profile also includes the set of policies that they would like to be used to determine the allowable set of modifications that could be used on the content.
In order to ensure content trust and integrity a mechanism should be developed that allow the creation of content profiles. The profiles encapsulate information about the content and their associated polices. This includes information such as available variants at the content source, encoding method, and dimensions. Content profiles and policies also include information about what is and is not allowed in terms of use or manipulation of that content (e.g. do not allow legal documents to be translated into another language). Furthermore, content profiles must be able applicable to static and dynamically generated content. The static content and the dynamically generated content can also be cacheable.
Content policies are an integral part of the content profile for a given piece of content. A content profile must encapsulate all of the information about the content, which is needed to make any of the adaptation decisions required for that content. Ensuring the integrity of content in the Internet requires the development of a generalized, protocol-independent definition of content profiles.
Content profiles may be stored as part of the content or as separate entities. In this regard, there may be a need to develop appropriate protocols that distribute and invalidate content profiles in the network in a secure manner.
A proposed method enables content owners to express how their content is treated as part of the content message. The method allows for fine-grained delegation of modification rights. The method allows any party to validate the message with respect to owner's intentions, even if several intermediaries are involved in the modification process. In particular, the requester can validate the final message. The method is friendly to caches whereby partially modified message forms can be cached. This is because the method separates the content from the authorization and validation information.
In the method, the content owner specifies content as a set of parts, some of which are immutable and some of which are replaceable. Each part has permissions, and the set of parts and their permissions is the message “manifest”, an index to the message. The content owner's signature on the manifest specifies his/her intentions.
In order for the owner to delegate modification rights verifiable to parts of a message, the message must have well-defined part boundaries. This can be accomplished by specifying byte ranges with MIME or other standards. The manifest names each part and its hash value: non-invertible, collision-resistant function of each byte of the part. The modification right for a part includes both the permitted action and the identification of the parties authorized to perform the action. The modification rights can be extended to specify content type, size, resolution and method.
Each party that modifies the message in accordance with the owner instructions must attach an action notification to the message. This refers to the permission in the manifest, the message part, the action, the hash of the manifest, the identity of the editor, and a signature over these items. Because, the manifest and the signed actions are separate from the content, the content remains cacheable even in partially modified from. The manifest concept is similar to the W3C XML Digital Signature standard. This allows for the possibility of including information about the content that might not be part of the current content, such as the contents associated with URL. The method separates Content profile from the content and is a good candidate to be used as a building block for defining content profiles that include the rules that are associated with it. It can also be used as a building block for developing techniques that enable the content provider to verify the operations of intermediaries.
The content path describes the path that content requests and responses take through the network. In the traditional client/server Internet end-to-end model content requests and responses flow between the client and the content server.
However, in an intelligent network, content requests and responses may flow between a client, a single or group of intermediaries and a content server. Content requests and responses may also be directed to remote callout servers that perform added content services.
To ensure content integrity and security, every intermediary in the content path must be authorized by the content provider to act on the content. Content profiles can be used to enforce the rules and policies that are associated with that content. What is needed is a proper model that ensures that all the entities in the content path are entities with legal access to the content and its associated profiles.
Overlay networks are a powerful abstraction that creates a virtual network of connected devices layered on an existing underlying network in order to provide new network functionality. The functionality can be packet based or content based.
In packet based VPNs, the emphasis is on transporting packets in a secure fashion across a public medium. The level of security depends on the tunneling mechanism that is used. This type of VPNs examine the packet headers at a given protocol stack in order to make a routing or forwarding decision. There is no consideration to which content the packets belong to and no attempt to relate the packets to a given content profile.
At the content level, it is possible to define Edge Networks consisting of intermediaries in the network for the delivery of content in a close proximity to the content consumer. These overlay networks create a virtual overlay on top of IP packet networks, that via ‘intermediaries’ enables the necessary network infrastructure to provide better content delivery services.
There are two forms of edge servers, the ‘delegate’ and the ‘surrogate’. ‘Delegates’, are authorized agents ‘intermediaries’ that act on behalf of ‘clients’. Surrogates on the other hand, are authorized agent ‘intermediaries’ that act on behalf of ‘origin servers’. Due to their strategic location in the network, Edge servers are ideal candidates for performing content delivery and ‘content services’.
In a similar fashion overlay networks can be used to construct Content Services Networks. In this case, Application Gateways can be introduced between independent end-to-end sessions to construct a specialized form of application network Overlays. Content service networks provide services that act on content flowing through the ‘content path’. Content service networks are constrained to provide services only on the ‘content path’, as opposed to general applications.
There are other models that can be used within the Internet for providing content services. However, regardless of the nature of the network, there should exist mechanisms that allow the establishment of a trust model for the content.