专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20070248091A1 Methods and apparatus for tunnel stitching in a network 审中-公开
标题翻译：网络中隧道拼接的方法和装置
公开(公告)号：US20070248091A1
公开(公告)日：2007-10-25
申请号：US11409586
申请日：2006-04-24
申请人： Mohamed Khalid , Rajiv Asati , Vijay Bollapragada , Sunil Cherukuri
发明人： Mohamed Khalid , Rajiv Asati , Vijay Bollapragada , Sunil Cherukuri
IPC分类号： H04L12/56
CPC分类号： H04L63/0272 , H04L63/029 , H04L63/061
摘要： An edge router (disposed between a packet-switched network and a label-switching network) is configured to receive an IKE message originating from a client on the Internet (e.g., packet-switched network) attempting to set up a tunnel. Upon receipt of the IKE message, the edge router utilizes a unique identifier in the IKE message to identify a virtual private network in the label-switching network. In lieu of terminating an IPSec tunnel at the edge router and performing a respective key exchange with the client, the edge router identifies a corresponding forwarding table associated with the virtual private network (identified by the unique identifier in the IKE message) and, based on the corresponding forwarding table, forwards the IKE message to a destination reachable via the label-switching network. The destination (e.g., a key server in a corresponding VPN) communicates with the client through the edge router to set up the tunnel.
摘要翻译：边缘路由器（布置在分组交换网络和标签交换网络之间）被配置为接收来自尝试建立隧道的因特网上的客户端（例如，分组交换网络）的IKE消息。在接收到IKE消息时，边缘路由器利用IKE消息中的唯一标识符来标识标签交换网络中的虚拟专用网络。边缘路由器代替在边缘路由器上终止IPSec隧道并与客户端进行相应的密钥交换，从而识别与虚拟专用网络相关联的对应转发表（由IKE消息中的唯一标识符标识），并且基于相应的转发表，将IKE消息转发到可通过标签交换网络到达的目的地。目的地（例如，对应的VPN中的密钥服务器）通过边缘路由器与客户端进行通信，以建立隧道。

2. 发明授权

US08862883B2 System and method for secure cloud service delivery with prioritized services in a network environment 有权
标题翻译：用于在网络环境中优先化服务的安全云服务传送的系统和方法
公开(公告)号：US08862883B2
公开(公告)日：2014-10-14
申请号：US13473418
申请日：2012-05-16
申请人： Sunil Cherukuri , Mohamed Khalid , Brian Cinque
发明人： Sunil Cherukuri , Mohamed Khalid , Brian Cinque
IPC分类号： H04L9/32 , H04L29/06 , H04L9/08
CPC分类号： H04L63/0272 , H04L9/0838 , H04L41/0803 , H04L67/1002
摘要： An example method includes receiving a request for a cloud capability set during an Internet Key Exchange negotiation associated with a virtual private network (VPN) tunnel between a subscriber and a cloud, wherein the cloud capability set comprises one or more cloud capabilities, mapping the request to one or more cryptographic modules that can support the cloud capability set, and offloading the VPN tunnel to the one or more cryptographic modules. The request can be an Internet Security Association and Key Management Protocol (ISAKMP) packet listing the one or more cloud capabilities in a private payload. The method may further include splitting the VPN tunnel between the cryptographic modules if no single cryptographic module can support substantially all the cloud capabilities in the cloud capability set. In some embodiments, the request is compared with a service catalog comprising authorized cloud capabilities.
摘要翻译：示例性方法包括在与订户和云之间的虚拟专用网（VPN）隧道相关联的因特网密钥交换协商期间接收对云能力集的请求，其中所述云能力集合包括一个或多个云能力，映射请求到一个或多个可以支持云能力集合的加密模块，以及将VPN隧道卸载到一个或多个加密模块。该请求可以是列出私有有效载荷中的一个或多个云能力的因特网安全关联和密钥管理协议（ISAKMP）分组。该方法还可以包括在加密模块之间分割VPN隧道，如果没有单个密码模块可以支持云能力集中的实质上所有的云能力。在一些实施例中，该请求与包括授权云能力的服务目录进行比较。

3. 发明授权

US08650618B2 Integrating service insertion architecture and virtual private network 有权
标题翻译：集成服务插入架构和虚拟专用网络
公开(公告)号：US08650618B2
公开(公告)日：2014-02-11
申请号：US12507422
申请日：2009-07-22
申请人： Rajiv Asati , Mohamed Khalid , Sunil Cherukuri , Kenneth A. Durazzo , Shree Murthy
发明人： Rajiv Asati , Mohamed Khalid , Sunil Cherukuri , Kenneth A. Durazzo , Shree Murthy
IPC分类号： G06F7/04
CPC分类号： H04L63/0272 , H04L12/4633 , H04L12/4641 , H04L63/0892 , H04L63/102 , H04L63/164
摘要： Apparatus, methods, and other embodiments associated with providing service insertion architecture (SIA) differentiated services in a virtual private network (VPN) environment are described. Embodiments may provision an authentication, authorization, and accounting (AAA) server with user-to-SIA service-context mapping information. With the AAA server provisioned, embodiments may acquire, in an IPSec VPN hub, during IPSec tunnel user authentication, from the AAA server, the user-to-SIA service-context mapping information. With the mapping information available, embodiments may dynamically map an SIA service to an IPSec VPN tunnel user based on the service information acquired from the Service Broker or Pseudo-Service Broker. The dynamic mapping facilitates providing differentiated services in the SIA by facilitating forwarding an IPSec packet received on the IPSec VPN tunnel from the user to a service node associated with the SIA service based, at least in part, on the IPSec SADB entry modified using the service information.
摘要翻译：描述了与在虚拟专用网络（VPN）环境中提供服务插入架构（SIA）差异化服务相关联的装置，方法和其他实施例。实施例可以提供具有用户到SIA服务 - 上下文映射信息的认证，授权和计费（AAA）服务器。在提供AAA服务器的情况下，实施例可以在IPSec VPN集线器中从AAA服务器获取用户到SIA服务上下文映射信息的IPSec隧道用户认证期间。利用可用的映射信息，实施例可以基于从服务代理或伪服务代理获取的服务信息来动态地将SIA服务映射到IPSec VPN隧道用户。动态映射有助于在SIA中提供差分服务，方法是至少部分地基于使用该服务修改的IPSec SADB条目，将在IPSec VPN隧道上接收的IPSec分组从用户转发到与SIA服务相关联的服务节点信息。

4. 发明申请

US20130311778A1 SYSTEM AND METHOD FOR SECURE CLOUD SERVICE DELIVERY WITH PRIORITIZED SERVICES IN A NETWORK ENVIRONMENT 有权
标题翻译：系统和方法，用于在网络环境中安全优先服务提供的云服务
公开(公告)号：US20130311778A1
公开(公告)日：2013-11-21
申请号：US13473418
申请日：2012-05-16
申请人： Sunil Cherukuri , Mohamed Khalid , Brian Cinque
发明人： Sunil Cherukuri , Mohamed Khalid , Brian Cinque
IPC分类号： H04L9/28
CPC分类号： H04L63/0272 , H04L9/0838 , H04L41/0803 , H04L67/1002
摘要： An example method includes receiving a request for a cloud capability set during an Internet Key Exchange negotiation associated with a virtual private network (VPN) tunnel between a subscriber and a cloud, wherein the cloud capability set comprises one or more cloud capabilities, mapping the request to one or more cryptographic modules that can support the cloud capability set, and offloading the VPN tunnel to the one or more cryptographic modules. The request can be an Internet Security Association and Key Management Protocol (ISAKMP) packet listing the one or more cloud capabilities in a private payload. The method may further include splitting the VPN tunnel between the cryptographic modules if no single cryptographic module can support substantially all the cloud capabilities in the cloud capability set. In some embodiments, the request is compared with a service catalog comprising authorized cloud capabilities.
摘要翻译：示例性方法包括在与订户和云之间的虚拟专用网（VPN）隧道相关联的因特网密钥交换协商期间接收对云能力集的请求，其中所述云能力集合包括一个或多个云能力，映射请求到一个或多个可以支持云能力集合的加密模块，以及将VPN隧道卸载到一个或多个加密模块。该请求可以是列出私有有效载荷中的一个或多个云能力的因特网安全关联和密钥管理协议（ISAKMP）分组。该方法还可以包括在加密模块之间分割VPN隧道，如果没有单个密码模块可以支持云能力集中的实质上所有的云能力。在一些实施例中，该请求与包括授权云能力的服务目录进行比较。

5. 发明授权

US07976346B2 Interface connection management using a removable adapter for communications equipment 有权
标题翻译：使用可移动适配器进行通信设备的接口连接管理
公开(公告)号：US07976346B2
公开(公告)日：2011-07-12
申请号：US12399613
申请日：2009-03-06
申请人： Jason Guy , Aamer Akhter , Sunil Cherukuri , Haseeb Niazi , Robert Payment
发明人： Jason Guy , Aamer Akhter , Sunil Cherukuri , Haseeb Niazi , Robert Payment
IPC分类号： H01R25/00
CPC分类号： H01R31/06 , H01R13/2421 , H01R13/518 , H01R13/639 , H01R13/64 , H01R24/64
摘要： An interface comprising a docking site having a first electrical connector adapted to interconnect a bus, and having at least one first retainer portion; and an adapter comprising: at least one second retainer portion, wherein the at least one second retainer portion and the at least one first retainer portion are adapted to releasably engage; a second electrical connector, wherein the second electrical connector and the first electrical connector are adapted to engage and interconnect; at least one port adapted to accept at least one modular connector having at least one electrical contact; and at least one electrical interconnect adapted to interconnect the at least one electrical contact with the second electrical connector.
摘要翻译：一种接口，包括对接位置，其具有适于互连总线的第一电连接器，并具有至少一个第一保持器部分; 以及适配器，包括：至少一个第二保持器部分，其中所述至少一个第二保持器部分和所述至少一个第一保持器部分适于可释放地接合; 第二电连接器，其中所述第二电连接器和所述第一电连接器适于接合和互连; 至少一个端口，适于接纳具有至少一个电触点的至少一个模块化连接器; 以及适于将所述至少一个电触头与所述第二电连接器互连的至少一个电互连。

6. 发明申请

US20110023090A1 INTEGRATING SERVICE INSERTION ARCHITECTURE AND VIRTUAL PRIVATE NETWORK 有权
标题翻译：集成服务插入架构和虚拟私有网络
公开(公告)号：US20110023090A1
公开(公告)日：2011-01-27
申请号：US12507422
申请日：2009-07-22
申请人： Rajiv ASATI , Mohamed KHALID , Sunil CHERUKURI , Kenneth A. DURAZZO , Shree MURTHY
发明人： Rajiv ASATI , Mohamed KHALID , Sunil CHERUKURI , Kenneth A. DURAZZO , Shree MURTHY
IPC分类号： G06F21/00 , H04L9/32
CPC分类号： H04L63/0272 , H04L12/4633 , H04L12/4641 , H04L63/0892 , H04L63/102 , H04L63/164
摘要： Apparatus, methods, and other embodiments associated with providing service insertion architecture (SIA) differentiated services in a virtual private network (VPN) environment are described. Embodiments may provision an authentication, authorization, and accounting (AAA) server with user-to-SIA service-context mapping information. With the AAA server provisioned, embodiments may acquire, in an IPSec VPN hub, during IPSec tunnel user authentication, from the AAA server, the user-to-SIA service-context mapping information. With the mapping information available, embodiments may dynamically map an SIA service to an IPSec VPN tunnel user based on the service information acquired from the Service Broker or Pseudo-Service Broker. The dynamic mapping facilitates providing differentiated services in the SIA by facilitating forwarding an IPSec packet received on the IPSec VPN tunnel from the user to a service node associated with the SIA service based, at least in part, on the IPSec SADB entry modified using the service information.
摘要翻译：描述了与在虚拟专用网络（VPN）环境中提供服务插入架构（SIA）差异化服务相关联的装置，方法和其他实施例。实施例可以提供具有用户到SIA服务 - 上下文映射信息的认证，授权和计费（AAA）服务器。在提供AAA服务器的情况下，实施例可以在IPSec VPN集线器中从AAA服务器获取用户到SIA服务上下文映射信息的IPSec隧道用户认证期间。利用可用的映射信息，实施例可以基于从服务代理或伪服务代理获取的服务信息来动态地将SIA服务映射到IPSec VPN隧道用户。动态映射有助于在SIA中提供差分服务，方法是至少部分地基于使用该服务修改的IPSec SADB条目，将在IPSec VPN隧道上接收的IPSec分组从用户转发到与SIA服务相关联的服务节点信息。

7. 发明申请

US20100227493A1 INTERFACE CONNECTION MANAGEMENT USING A REMOVABLE ADAPTER FOR COMMUNICATIONS EQUIPMENT 有权
标题翻译：使用可移动适配器进行通信设备的接口连接管理
公开(公告)号：US20100227493A1
公开(公告)日：2010-09-09
申请号：US12399613
申请日：2009-03-06
申请人： Jason Guy , Aamer Akhter , Sunil Cherukuri , Haseeb Niazi , Robert Payment
发明人： Jason Guy , Aamer Akhter , Sunil Cherukuri , Haseeb Niazi , Robert Payment
IPC分类号： H01R13/40
CPC分类号： H01R31/06 , H01R13/2421 , H01R13/518 , H01R13/639 , H01R13/64 , H01R24/64
摘要： An interface comprising a docking site having a first electrical connector adapted to interconnect a bus, and having at least one first retainer portion; and an adapter comprising: at least one second retainer portion, wherein the at least one second retainer portion and the at least one first retainer portion are adapted to releasably engage; a second electrical connector, wherein the second electrical connector and the first electrical connector are adapted to engage and interconnect; at least one port adapted to accept at least one modular connector having at least one electrical contact; and at least one electrical interconnect adapted to interconnect the at least one electrical contact with the second electrical connector.
摘要翻译：一种接口，包括对接位置，其具有适于互连总线的第一电连接器，并具有至少一个第一保持器部分; 以及适配器，包括：至少一个第二保持器部分，其中所述至少一个第二保持器部分和所述至少一个第一保持器部分适于可释放地接合; 第二电连接器，其中所述第二电连接器和所述第一电连接器适于接合和互连; 至少一个端口，适于接纳具有至少一个电触点的至少一个模块化连接器; 以及适于将所述至少一个电触头与所述第二电连接器互连的至少一个电互连。

8. 发明授权

US08850521B2 Providing differentiated network services and priorities to VPN routers/clients 有权
标题翻译：为VPN路由器/客户端提供差异化的网络服务和优先级
公开(公告)号：US08850521B2
公开(公告)日：2014-09-30
申请号：US12535555
申请日：2009-08-04
申请人： Mohamed Khalid , Sunil Cherukuri , Haseeb Sarwar Niazi , Muhammad Afaq Khan
发明人： Mohamed Khalid , Sunil Cherukuri , Haseeb Sarwar Niazi , Muhammad Afaq Khan
IPC分类号： G06F17/00 , H04L29/06 , G06F7/04 , G06F15/16 , G06F9/00 , G06F12/00 , G06F12/14 , G06F13/00 , G06F17/30 , G11C7/00 , H04L12/46
CPC分类号： H04L67/141 , H04L12/4641 , H04L63/0272 , H04L63/164 , H04L63/20
摘要： In one embodiment, a first network device receives a priority message from a second network device, wherein the priority message conforms to a connection establishment protocol and indicates a priority associated with the second network device. The first network device obtains the priority from the priority message and stores the priority. The first network device allocates resources for at least one of control or data plane processing to the second network device in accordance with the priority.
摘要翻译：在一个实施例中，第一网络设备从第二网络设备接收优先级消息，其中优先级消息符合连接建立协议并且指示与第二网络设备相关联的优先级。第一网络设备从优先级消息获取优先级并存储优先级。第一网络设备根据优先级向第二网络设备分配至少一个控制或数据平面处理的资源。

9. 发明申请

US20100256823A1 Mechanism for On-Demand Environmental Services Based on Network Activity 审中-公开
标题翻译：基于网络活动的按需环境服务机制
公开(公告)号：US20100256823A1
公开(公告)日：2010-10-07
申请号：US12418570
申请日：2009-04-04
申请人： Sunil Cherukuri , Mohamed Khalid
发明人： Sunil Cherukuri , Mohamed Khalid
IPC分类号： G05D23/00 , G06F15/16 , G06F1/26
CPC分类号： H04L12/2827 , H04L67/12 , H04L2012/285
摘要： In an example embodiment, a method includes determining the network activity associated with a predetermined area of a building and determining a desired environmental service for the area in response to the activity.
摘要翻译：在示例实施例中，一种方法包括确定与建筑物的预定区域相关联的网络活动，并响应于活动确定该区域的期望环境服务。

10. 发明申请

US20110035796A1 Providing Differentiated Network Services and Priorities to VPN Routers/Clients 有权
标题翻译：为VPN路由器/客户端提供差异化网络服务和优先级
公开(公告)号：US20110035796A1
公开(公告)日：2011-02-10
申请号：US12535555
申请日：2009-08-04
申请人： Mohamed Khalid , Sunil Cherukuri , Haseeb Sarwar Niazi , Muhammad Afaq Khan
发明人： Mohamed Khalid , Sunil Cherukuri , Haseeb Sarwar Niazi , Muhammad Afaq Khan
IPC分类号： G06F15/173 , G06F21/00
CPC分类号： H04L67/141 , H04L12/4641 , H04L63/0272 , H04L63/164 , H04L63/20
摘要： In one embodiment, a first network device receives a priority message from a second network device, wherein the priority message conforms to a connection establishment protocol and indicates a priority associated with the second network device. The first network device obtains the priority from the priority message and stores the priority. The first network device allocates resources for at least one of control or data plane processing to the second network device in accordance with the priority.
摘要翻译：在一个实施例中，第一网络设备从第二网络设备接收优先级消息，其中优先级消息符合连接建立协议并且指示与第二网络设备相关联的优先级。第一网络设备从优先级消息获取优先级并存储优先级。第一网络设备根据优先级向第二网络设备分配至少一个控制或数据平面处理的资源。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式