Third-party gateway for security and privacy

Assignee

• Beijing Bytedance Network Technology Co., Ltd. · CN

Inventors

• Jialin Wang · Beijing, CN
• Fangfei Chen · Los Angeles, US
• Kaitong Guo · Singapore, SG
• Yi Cao · Los Angeles, US
• Pangyang Chu · Los Angeles, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L67/563
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

Systems and methods directed to a third-party gateway that controls egress traffic from Internet Data Centers (IDC) and/or Virtual Private Clouds (VPC) are described. When egress traffic reaches the third-party gateway, a forward proxy may obtain a service identified or otherwise associated with the source IP address and port. Once, the service is identified, the third-party gateway may obtain a configuration rule specified by a rule manager to determine if the service is allowed to access the destination host(s). If the destination host is approved for the service, the forward proxy may send the traffic to the internet. If the destination host is not approved for the service, the forward proxy may block or otherwise drop the respective communication. In some examples, one or more auditors or auditing agencies may access essential information from the third-party gateway to view egress traffic logs and verify egress traffic approved destinations.