专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US07529933B2 TLS tunneling 有权
标题翻译： TLS隧道
公开(公告)号：US07529933B2
公开(公告)日：2009-05-05
申请号：US10157806
申请日：2002-05-30
申请人： Ashwin Palekar , Arun Ayyagari , Daniel R. Simon
发明人： Ashwin Palekar , Arun Ayyagari , Daniel R. Simon
IPC分类号： H04L9/00 , H04K1/00
CPC分类号： H04L63/0428 , H04L63/08 , H04L63/162
摘要： An authentication protocol can be used to establish a secure method of communication between two devices on a network. Once established, the secure communication can be used to authenticate a client through various authentication methods, providing security in environments where intermediate devices cannot be trusted, such as wireless networks, or foreign network access points. Additionally, the caching of session keys and other relevant information can enable the two securely communicating endpoints to quickly resume their communication despite interruptions, such as when one endpoint changes the access point through which it is connected to the network. Also, the secure communication between the two devices can enable users to roam off of their home network, providing a mechanism by which access through foreign networks can be granted, while allowing the foreign network to monitor and control the use of its bandwidth.
摘要翻译：可以使用认证协议来建立网络上的两个设备之间的安全通信方法。一旦建立，安全通信可以用于通过各种认证方法认证客户端，在中间设备不能被信任的环境中提供安全性，例如无线网络或外部网络接入点。此外，会话密钥和其他相关信息的高速缓存可以使得两个安全通信的端点能够快速恢复其通信，尽管中断，例如当一个端点改变其连接到网络的接入点时。而且，两台设备之间的安全通信可以使用户能够从家庭网络中漫游，从而提供通过外部网络进行访问的机制，同时允许外部网络监视和控制其带宽的使用。

2. 发明授权

US07917758B2 TLS tunneling 有权
标题翻译： TLS隧道
公开(公告)号：US07917758B2
公开(公告)日：2011-03-29
申请号：US11685075
申请日：2007-03-12
申请人： Ashwin Palekar , Arun Ayyagari , Daniel R. Simon
发明人： Ashwin Palekar , Arun Ayyagari , Daniel R. Simon
IPC分类号： H04L9/32 , G06F15/16
CPC分类号： H04L63/0428 , H04L63/08 , H04L63/162
摘要： An authentication protocol can be used to establish a secure method of communication between two devices on a network. Once established, the secure communication can be used to authenticate a client through various authentication methods, providing security in environments where intermediate devices cannot be trusted, such as wireless networks, or foreign network access points. Additionally, the caching of session keys and other relevant information can enable the two securely communicating endpoints to quickly resume their communication despite interruptions, such as when one endpoint changes the access point through which it is connected to the network. Also, the secure communication between the two devices can enable users to roam off of their home network, providing a mechanism by which access through foreign networks can be granted, while allowing the foreign network to monitor and control the use of its bandwidth.
摘要翻译：可以使用认证协议来建立网络上的两个设备之间的安全通信方法。一旦建立，安全通信可以用于通过各种认证方法认证客户端，在中间设备不能被信任的环境中提供安全性，例如无线网络或外部网络接入点。此外，会话密钥和其他相关信息的高速缓存可以使得两个安全通信的端点能够快速恢复其通信，尽管中断，例如当一个端点改变其连接到网络的接入点时。而且，两台设备之间的安全通信可以使用户能够从家庭网络中漫游，从而提供通过外部网络进行访问的机制，同时允许外部网络监视和控制其带宽的使用。

3. 发明申请

US20070157027A1 TLS TUNNELING 有权
标题翻译： TLS隧道
公开(公告)号：US20070157027A1
公开(公告)日：2007-07-05
申请号：US11685075
申请日：2007-03-12
申请人： Ashwin Palekar , Arun Ayyagari , Daniel Simon
发明人： Ashwin Palekar , Arun Ayyagari , Daniel Simon
IPC分类号： H04L9/00
CPC分类号： H04L63/0428 , H04L63/08 , H04L63/162
摘要： An authentication protocol can be used to establish a secure method of communication between two devices on a network. Once established, the secure communication can be used to authenticate a client through various authentication methods, providing security in environments where intermediate devices cannot be trusted, such as wireless networks, or foreign network access points. Additionally, the caching of session keys and other relevant information can enable the two securely communicating endpoints to quickly resume their communication despite interruptions, such as when one endpoint changes the access point through which it is connected to the network. Also, the secure communication between the two devices can enable users to roam off of their home network, providing a mechanism by which access through foreign networks can be granted, while allowing the foreign network to monitor and control the use of its bandwidth.
摘要翻译：可以使用认证协议来建立网络上的两个设备之间的安全通信方法。一旦建立，安全通信可以用于通过各种认证方法认证客户端，在中间设备不能被信任的环境中提供安全性，例如无线网络或外部网络接入点。此外，会话密钥和其他相关信息的高速缓存可以使得两个安全通信的端点能够快速恢复其通信，尽管中断，例如当一个端点改变其连接到网络的接入点时。而且，两台设备之间的安全通信可以使用户能够从家庭网络中漫游，从而提供通过外部网络进行访问的机制，同时允许外部网络监视和控制其带宽的使用。

4. 发明授权

US08756660B2 Enabling two-factor authentication for terminal services 有权
标题翻译：启用终端服务的双因素认证
公开(公告)号：US08756660B2
公开(公告)日：2014-06-17
申请号：US12105247
申请日：2008-04-17
申请人： Meher Malakapalli , Lisen Ding , Ido Ben-Shachar , Ashwin Palekar
发明人： Meher Malakapalli , Lisen Ding , Ido Ben-Shachar , Ashwin Palekar
IPC分类号： H04L29/06
CPC分类号： H04L63/0838 , H04L63/105
摘要： Techniques for enabling two-factor authentication for terminal services are described. A client receives an authentication token from an authentication server. The authentication token is used as a factor for authenticating the client to a terminal services device. Native authentication of the client is also performed.
摘要翻译：描述了用于启用终端服务的双因素认证的技术。客户端从认证服务器接收认证令牌。身份验证令牌用作向终端服务设备认证客户端的一个因素。还执行客户端的本地认证。

5. 发明授权

US08640131B2 Demand-based processor cycle allocation subsequent to equal group-based processor cycle distribution 有权
标题翻译：在基于组的处理器周期分配之后的基于需求的处理器周期分配
公开(公告)号：US08640131B2
公开(公告)日：2014-01-28
申请号：US12016869
申请日：2008-01-18
申请人： Ara Bernardi , Costin Hagiu , Nelamangal Krishnaswamy Srinivas , Ashwin Palekar , Arun U. Kishan , Karthik Thirumalai
发明人： Ara Bernardi , Costin Hagiu , Nelamangal Krishnaswamy Srinivas , Ashwin Palekar , Arun U. Kishan , Karthik Thirumalai
IPC分类号： G06F9/46
CPC分类号： G06F9/5061 , G06F9/4881 , G06F2209/483 , G06F2209/5012 , G06F2209/508
摘要： Embodiments that facilitate the fair and dynamic distribution of central processing unit (CPU) time are disclosed. In accordance with one embodiment, a method includes organizing one or more processes into one or more groups. The method further includes allocating a CPU time interval for each group. The allocation of a CPU time interval for each group is accomplished by equally distributing a CPU cycle based on the number of groups. The method also includes adjusting the allocated CPU time intervals based on a change in the quantity of the one or more groups.
摘要翻译：公开了促进中央处理单元（CPU）时间的公平和动态分配的实施例。根据一个实施例，一种方法包括将一个或多个过程组织成一个或多个组。该方法还包括为每个组分配CPU时间间隔。每个组的CPU时间间隔的分配通过基于组的数量均等地分配CPU周期来实现。该方法还包括基于一个或多个组的数量的改变来调整分配的CPU时间间隔。

6. 发明授权

US08413210B2 Credential sharing between multiple client applications 有权
标题翻译：多个客户端应用程序之间的凭据共享
公开(公告)号：US08413210B2
公开(公告)日：2013-04-02
申请号：US12331293
申请日：2008-12-09
申请人： Sergey Kuzin , Olga Ivanova , Ashwin Palekar , Kashif Mehmood , Sriram Sampath , Ersev Samim Erdogan
发明人： Sergey Kuzin , Olga Ivanova , Ashwin Palekar , Kashif Mehmood , Sriram Sampath , Ersev Samim Erdogan
IPC分类号： G06F7/04 , G06F17/30
CPC分类号： H04L63/0815 , G06F21/41
摘要： Disclosed are techniques for sharing user credentials between multiple client applications when connecting to a set of remote resources. The mechanism enables a single sign-on between a terminal server web access service and the remote applications, remote desktops and corresponding terminal servers accessible through the service. User credentials may be received by one of the client applications and passed to a credential store running as a local software object in association with the user's logon session. Further requests to launch a new remote connection may then pass through the credential store. Upon successful validation of the request, the credential store may attach user credential information to the request and pass the request to the requested client. The requested client may also execute as a software object associated with the current logon session. The client may then use the supplied credential for authentication to the requested resource or application.
摘要翻译：公开了在连接到一组远程资源时在多个客户端应用之间共享用户凭证的技术。该机制能够在终端服务器Web访问服务与通过服务访问的远程应用程序，远程桌面和相应的终端服务器之间进行单一登录。用户凭证可以由客户端应用程序之一接收，并被传递给作为与用户的登录会话相关联的本地软件对象运行的凭证存储。进一步请求启动新的远程连接可能会通过凭据存储。在成功验证请求之后，凭证存储可以将用户凭证信息附加到请求，并将请求传递给所请求的客户端。请求的客户端也可以作为与当前登录会话相关联的软件对象执行。然后，客户端可以使用提供的凭证来对所请求的资源或应用进行认证。

7. 发明申请

US20120266214A1 CREATING SECURE INTERACTIVE CONNECTIONS WITH REMOTE RESOURCES 有权
标题翻译：创建与远程资源的安全交互式连接
公开(公告)号：US20120266214A1
公开(公告)日：2012-10-18
申请号：US13532593
申请日：2012-06-25
申请人： Costin Hagiu , Elton Saul , Rajneesh Mahajan , Sergey A. Kuzin , Joy Chik , John E. Parsons , Ashwin Palekar , Ara Bernardi
发明人： Costin Hagiu , Elton Saul , Rajneesh Mahajan , Sergey A. Kuzin , Joy Chik , John E. Parsons , Ashwin Palekar , Ara Bernardi
IPC分类号： G06F21/00
CPC分类号： H04L63/0823 , G06F21/42 , G06F21/606 , G06F2221/2107 , H04L67/14 , H04L67/141
摘要： Implementations of the present invention efficiently establish secure connections between a client and server, at least in part by authenticating the client and server early on in the connection setup phases. A client initiating a connection with a server identifies the secure communication protocols enabled at the client, and identifies these protocols in a connection request it sends to the server. The server processes the message and responds with a communication protocol it deems appropriate for the connection. The client and server then exchange appropriate authentication information, and then establish a connection session that implements the chosen communication protocol, and encrypts messages using the negotiated communication protocol. Additional implementations relate to reestablishing dropped connections behind virtual Internet Protocol addresses, without necessarily having to recommit much connection resource overhead.
摘要翻译：本发明的实施方式至少部分地通过在连接建立阶段早期认证客户端和服务器来有效地建立客户端和服务器之间的安全连接。发起与服务器的连接的客户端识别在客户端启用的安全通信协议，并在发送到服务器的连接请求中识别这些协议。服务器处理消息并使用其认为适合连接的通信协议进行响应。然后，客户端和服务器交换适当的认证信息，然后建立实现所选通信协议的连接会话，并使用协商的通信协议加密消息。其他实现涉及在虚拟因特网协议地址之后重新建立丢弃的连接，而不必重新承担大量的连接资源开销。

8. 发明申请

US20120117245A1 GROUP BASED ALLOCATION OF NETWORK BANDWIDTH 有权
标题翻译：基于组的分配网络带宽
公开(公告)号：US20120117245A1
公开(公告)日：2012-05-10
申请号：US13346196
申请日：2012-01-09
申请人： Ara Bernardi , Nelamangal Krishnaswamy Srinivas , Ashwin Palekar
发明人： Ara Bernardi , Nelamangal Krishnaswamy Srinivas , Ashwin Palekar
IPC分类号： G06F15/173
CPC分类号： H04L47/10 , H04L47/125 , H04L47/2441 , H04L47/2475
摘要： The present invention extends to methods, systems, and computer program products for group based allocation of terminal server network bandwidth. Output packets are classified into groups based on classification criteria. Output packets for each group are queue into a corresponding queue. During a queue flush cycle each queue containing data is flushed for an essentially equal amount of time. Flushing each queue essentially equally reduces the negative impact that can otherwise result when a subset of sessions (or even a single session) request(s) a disproportional share of terminal server network bandwidth. Responsiveness can be further increased by distributing the essentially equal amount for each queue across the queue flush cycle.
摘要翻译：本发明扩展到用于基于组的终端服务器网络带宽分配的方法，系统和计算机程序产品。输出数据包根据分类标准分为组。每个组的输出数据包都被排队到相应的队列中。在队列刷新循环期间，每个包含数据的队列刷新基本相等的时间量。刷新每个队列基本上同样地减少了当会话（或甚至单个会话）的子集要求终端服务器网络带宽的不成比例的共享时可能导致的负面影响。通过在队列刷新循环中为每个队列分配基本上相等的量来进一步提高响应性。

9. 发明申请

US20090132642A1 DELEGATING APPLICATION INVOCATION BACK TO CLIENT 有权
标题翻译：将应用程序转发回客户端
公开(公告)号：US20090132642A1
公开(公告)日：2009-05-21
申请号：US11941071
申请日：2007-11-15
申请人： Amos Ortal , Nir Nice , Ashwin Palekar , Craig Alan Nelson , Paresh Ramchandra Haridas
发明人： Amos Ortal , Nir Nice , Ashwin Palekar , Craig Alan Nelson , Paresh Ramchandra Haridas
IPC分类号： G06F15/16
CPC分类号： G06F9/5027 , G06F9/451 , G06F9/452 , G06F9/5055 , G06F2209/509
摘要： Aspects of the subject matter described herein relate to delegating application invocation back to a client. In aspects, a server hosts an application that has a user interface that is presented on a client. User interaction on the user interface is encoded and sent to the server to give to the application. When the user uses the application such that another application is to be executed, a server delegator determines whether to execute the other application on the server or the client. If the application is to be executed on the client, the server delegator instructs a component that executes on the client to execute the application on the client. Otherwise, the application is executed on the server and data representing the user interface of the application is sent to the client so that the client may present the user interface to a user.
摘要翻译：本文描述的主题的方面涉及将应用调用委托给客户端。在方面，服务器托管具有在客户端上呈现的用户界面的应用程序。用户界面上的用户交互被编码并发送给服务器给予应用程序。当用户使用应用程序使得另一个应用程序被执行时，服务器委托者确定是否在服务器或客户机上执行其他应用程序。如果应用程序要在客户机上执行，则服务器委托者指示在客户机上执行的组件在客户机上执行应用程序。否则，在服务器上执行应用程序，并将表示应用程序的用户界面的数据发送给客户端，以便客户端可以向用户呈现用户界面。

10. 发明授权

US07533407B2 System and methods for providing network quarantine 有权
标题翻译：提供网络检疫的系统和方法
公开(公告)号：US07533407B2
公开(公告)日：2009-05-12
申请号：US10823686
申请日：2004-04-14
申请人： Elliot D. Lewis , Hakan Berk , Narendra C. Gidwani , Jesper M. Johansson , Timothy M. Moore , Ashwin Palekar , Calvin C. Choe
发明人： Elliot D. Lewis , Hakan Berk , Narendra C. Gidwani , Jesper M. Johansson , Timothy M. Moore , Ashwin Palekar , Calvin C. Choe
IPC分类号： G06F7/04 , G06F21/00
CPC分类号： H04L63/10 , G06F21/552 , G06F21/57 , G06F21/577 , G06F2221/2105 , H04L29/12226 , H04L61/2015 , H04L67/34
摘要： A client quarantine agent requests bill of health from a quarantine server, and receives a manifest of checks that the client computer must perform. The quarantine agent then sends a status report on the checks back to the quarantine server. If the client computer is in a valid security state, the bill of health is issued to the client. If the client computer is in an invalid state, the client is directed to install the appropriate software/patches to achieve a valid state. When a client requests the use of network resources from a network administrator, the network administrator requests the client's bill of health. If the bill of health is valid, the client is admitted to the network. If the bill of health is invalid, the client is placed in quarantine.
摘要翻译：客户端隔离代理从隔离服务器请求健康状况，并收到客户端计算机必须执行的检查清单。然后，隔离代理将检查的状态报告发送到隔离服务器。如果客户端计算机处于有效的安全状态，则会向客户端发送健康证明。如果客户端计算机处于无效状态，客户端将被指示安装相应的软件/修补程序以实现有效状态。当客户端请求网络管理员使用网络资源时，网络管理员请求客户的健康状况。如果身体健康状况有效，客户可以进入网络。如果健康状况无效，客户将被隔离。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式