Cloudflare‘s patent involves a method where a server communicates with a browser to execute a non-HTTP layer 7 protocol client, enabling interaction with a non-HTTP layer 7 protocol service. The server proxies data over a layer 4 tunnel and logs event data from the client. GlobalData’s report on Cloudflare gives a 360-degree view of the company including its patenting strategy. Buy the report here.

According to GlobalData’s company profile on Cloudflare, Automation system authentication was a key innovation area identified from patents. Cloudflare's grant share as of February 2024 was 87%. Grant share is based on the ratio of number of grants to total number of patents.

Proxying non-http layer 7 protocol service data over layer 4 tunnel

Source: United States Patent and Trademark Office (USPTO). Credit: Cloudflare Inc

A recently granted patent (Publication Number: US11909808B2) outlines a method that involves receiving an HTTP request from a browser on a client device at a server, transmitting a response back to the browser that includes code to execute a non-HTTP layer 7 protocol client communicating with a service on an external network. The method further includes receiving data related to the service from the client in the browser, proxying this data over a layer 4 tunnel interfaced with the service, and logging event data from the client.



Additionally, the patent describes the use of WebAssembly format for the code, the implementation of a Secure Shell Protocol (SSH) client and server for the non-HTTP layer 7 protocol communication, and the reception of data over a WebSocket between the browser and server. The method also involves determining the processing of the HTTP request based on configured policies related to identity, device posture, location, and risk signals, as well as authenticating the user of the non-HTTP layer 7 protocol client with the service through various methods like login prompts or certificate generation.



In summary, the patent details a method, a machine-readable storage medium, and a server for facilitating communication between a browser and a non-HTTP layer 7 protocol service, ensuring secure and authenticated data transfer over different network layers. The use of specific protocols, formats, and authentication methods highlights the innovation in enabling efficient and secure communication in a networked environment.

