专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US08844035B2 Techniques for network protection based on subscriber-aware application proxies 有权
标题翻译：基于用户感知应用代理的网络保护技术
公开(公告)号：US08844035B2
公开(公告)日：2014-09-23
申请号：US13369498
申请日：2012-02-09
申请人： Christopher C. O'Rourke , Frank Gerard Bordonaro , Louis Menditto , Robert Batz
发明人： Christopher C. O'Rourke , Frank Gerard Bordonaro , Louis Menditto , Robert Batz
IPC分类号： H04L29/06
CPC分类号： H04L63/0227 , H04L63/1408 , H04L63/1441
摘要： Techniques for responding to intrusions on a packet switched network include receiving user data at a subscriber-aware gateway server between a network access server and a content server. The user data includes subscriber identifier data that indicates a unique identifier for a particular user, network address data that indicates a network address for a host used by the particular user, NAS data that indicates an identifier for the network access server, flow list data that indicates one or more open data packet flows, and suspicious activity data. The suspicious activity data indicates a value for a property of the open data packet flows that indicates suspicious activity. It is determined whether an intrusion condition is satisfied based on the suspicious activity data. If the intrusion condition is satisfied, then the gateway responds based at least in part on user data other than the network address data.
摘要翻译：用于响应分组交换网络上的入侵的技术包括在网络接入服务器和内容服务器之间的用户感知网关服务器处接收用户数据。用户数据包括指示特定用户的唯一标识符的用户标识符数据，指示特定用户使用的主机的网络地址的网络地址数据，指示网络接入服务器的标识符的NAS数据，指示一个或多个打开的数据分组流和可疑活动数据。可疑活动数据表示指示可疑活动的开放数据分组流的属性的值。基于可疑活动数据确定是否满足入侵条件。如果入侵条件满足，则网关至少部分地基于除了网络地址数据之外的用户数据进行响应。

2. 发明授权

US08266696B2 Techniques for network protection based on subscriber-aware application proxies 有权
标题翻译：基于用户感知应用代理的网络保护技术
公开(公告)号：US08266696B2
公开(公告)日：2012-09-11
申请号：US11273112
申请日：2005-11-14
申请人： Christopher C. O'Rourke , Frank Gerard Bordonaro , Louis Menditto , Robert Batz
发明人： Christopher C. O'Rourke , Frank Gerard Bordonaro , Louis Menditto , Robert Batz
IPC分类号： G06F11/00 , G06F12/14 , G06F12/16 , G08B23/00
CPC分类号： H04L63/0227 , H04L63/1408 , H04L63/1441
摘要： Techniques for responding to intrusions on a packet switched network include receiving user data at a subscriber-aware gateway server between a network access server and a content server. The user data includes subscriber identifier data that indicates a unique identifier for a particular user, network address data that indicates a network address for a host used by the particular user, NAS data that indicates an identifier for the network access server, flow list data that indicates one or more open data packet flows, and suspicious activity data. The suspicious activity data indicates a value for a property of the open data packet flows that indicates suspicious activity. It is determined whether an intrusion condition is satisfied based on the suspicious activity data. If the intrusion condition is satisfied, then the gateway responds based at least in part on user data other than the network address data.
摘要翻译：用于响应分组交换网络上的入侵的技术包括在网络接入服务器和内容服务器之间的用户感知网关服务器处接收用户数据。用户数据包括指示特定用户的唯一标识符的用户标识符数据，指示特定用户使用的主机的网络地址的网络地址数据，指示网络接入服务器的标识符的NAS数据，指示一个或多个打开的数据分组流和可疑活动数据。可疑活动数据表示指示可疑活动的开放数据分组流的属性的值。基于可疑活动数据确定是否满足入侵条件。如果入侵条件满足，则网关至少部分地基于除了网络地址数据之外的用户数据进行响应。

3. 发明申请

US20120137366A1 TECHNIQUES FOR NETWORK PROTECTION BASED ON SUBSCRIBER-AWARE APPLICATION PROXIES 有权
标题翻译：基于订户应用程序代码的网络保护技术
公开(公告)号：US20120137366A1
公开(公告)日：2012-05-31
申请号：US13369498
申请日：2012-02-09
申请人： Christopher C. O'Rourke , Frank Gerard Bordonaro , Louis Menditto , Robert Batz
发明人： Christopher C. O'Rourke , Frank Gerard Bordonaro , Louis Menditto , Robert Batz
IPC分类号： G06F21/00
CPC分类号： H04L63/0227 , H04L63/1408 , H04L63/1441
摘要： Techniques for responding to intrusions on a packet switched network include receiving user data at a subscriber-aware gateway server between a network access server and a content server. The user data includes subscriber identifier data that indicates a unique identifier for a particular user, network address data that indicates a network address for a host used by the particular user, NAS data that indicates an identifier for the network access server, flow list data that indicates one or more open data packet flows, and suspicious activity data. The suspicious activity data indicates a value for a property of the open data packet flows that indicates suspicious activity. It is determined whether an intrusion condition is satisfied based on the suspicious activity data. If the intrusion condition is satisfied, then the gateway responds based at least in part on user data other than the network address data.
摘要翻译：用于响应分组交换网络上的入侵的技术包括在网络接入服务器和内容服务器之间的用户感知网关服务器处接收用户数据。用户数据包括指示特定用户的唯一标识符的用户标识符数据，指示特定用户使用的主机的网络地址的网络地址数据，指示网络接入服务器的标识符的NAS数据，指示一个或多个打开的数据分组流和可疑活动数据。可疑活动数据表示指示可疑活动的开放数据分组流的属性的值。基于可疑活动数据确定是否满足入侵条件。如果入侵条件满足，则网关至少部分地基于除了网络地址数据之外的用户数据进行响应。

4. 发明申请

US20070113284A1 Techniques for network protection based on subscriber-aware application proxies 有权
标题翻译：基于用户感知应用代理的网络保护技术
公开(公告)号：US20070113284A1
公开(公告)日：2007-05-17
申请号：US11273112
申请日：2005-11-14
申请人： Christopher O'Rourke , Frank Bordonaro , Louis Menditto , Robert Batz
发明人： Christopher O'Rourke , Frank Bordonaro , Louis Menditto , Robert Batz
IPC分类号： G06F12/14
CPC分类号： H04L63/0227 , H04L63/1408 , H04L63/1441
摘要： Techniques for responding to intrusions on a packet switched network include receiving user data at a subscriber-aware gateway server between a network access server and a content server. The user data includes subscriber identifier data that indicates a unique identifier for a particular user, network address data that indicates a network address for a host used by the particular user, NAS data that indicates an identifier for the network access server, flow list data that indicates one or more open data packet flows, and suspicious activity data. The suspicious activity data indicates a value for a property of the open data packet flows that indicates suspicious activity. It is determined whether an intrusion condition is satisfied based on the suspicious activity data. If the intrusion condition is satisfied, then the gateway responds based at least in part on user data other than the network address data.
摘要翻译：用于响应分组交换网络上的入侵的技术包括在网络接入服务器和内容服务器之间的用户感知网关服务器处接收用户数据。用户数据包括指示特定用户的唯一标识符的用户标识符数据，指示特定用户使用的主机的网络地址的网络地址数据，指示网络接入服务器的标识符的NAS数据，指示一个或多个打开的数据分组流和可疑活动数据。可疑活动数据表示指示可疑活动的开放数据分组流的属性的值。基于可疑活动数据确定是否满足入侵条件。如果入侵条件满足，则网关至少部分地基于除了网络地址数据之外的用户数据进行响应。

5. 发明授权

US06891839B2 Distributing packets among multiple tiers of network appliances 有权
标题翻译：在多层网络设备之间分发数据包
公开(公告)号：US06891839B2
公开(公告)日：2005-05-10
申请号：US09771232
申请日：2001-01-26
申请人： Mark Albert , Robert Batz , Richard Gray , Jacob Mark McGuire , Louis Menditto , Chris O'Rourke , Pranav Tiwari , Tzu-Ming Tsang
发明人： Mark Albert , Robert Batz , Richard Gray , Jacob Mark McGuire , Louis Menditto , Chris O'Rourke , Pranav Tiwari , Tzu-Ming Tsang
IPC分类号： H04L12/46 , H04L12/56 , H04L29/06 , H04L29/08 , H04L29/12
CPC分类号： H04L29/12009 , H04L12/4633 , H04L29/06 , H04L29/12783 , H04L45/00 , H04L45/50 , H04L61/35 , H04L63/0218 , H04L63/0254 , H04L67/02 , H04L67/025 , H04L67/1002 , H04L69/329
摘要： A network is disclosed that includes a first tier of forwarding agents connected to a first tier of network devices. A second tier of forwarding agents is connected to a second tier of network devices. A service manager is configured to receive a packet from one of the forwarding agents; determine the tier of the forwarding agent; and send an instruction to the forwarding agent directing the forwarding agent to forward the packet to a network device connected to the tier of forwarding agents that includes the forwarding agent.
摘要翻译：公开了一种网络，其包括连接到第一层网络设备的第一层转发代理。第二层转发代理连接到第二层网络设备。服务管理器被配置为从其中一个转发代理接收分组; 确定转发代理的层次; 并向转发代理发送指令，指示转发代理将分组转发到连接到包括转发代理的转发代理层的网络设备。

6. 发明授权

US08438281B2 Techniques for accounting for multiple transactions in a transport control protocol (TCP) payload 有权
标题翻译：用于计算传输控制协议（TCP）有效载荷中的多个事务的技术
公开(公告)号：US08438281B2
公开(公告)日：2013-05-07
申请号：US11175849
申请日：2005-07-06
申请人： Mark Albert , Robert Batz , Louis Menditto , Richard Gray , Tzu-Ming Tsang , Michael Sutton
发明人： Mark Albert , Robert Batz , Louis Menditto , Richard Gray , Tzu-Ming Tsang , Michael Sutton
IPC分类号： G06F15/173
CPC分类号： H04L43/04 , H04L12/14 , H04L12/1425 , H04L67/02
摘要： Techniques for separately accounting for multiple transactions in the same data packets communicated over a network using Transport Control Protocol (TCP) include receiving an Internet Protocol (IP) data packet that includes Transport Control Protocol (TCP) payload data. The TCP payload is parsed to determine boundary data that indicates a byte location on a boundary between a first transaction and a second transaction. A byte count that indicates a number of bytes in the TCP payload associated with the first transaction is determined based on the boundary data. Accounting data for the first transaction is determined based at least in part on the byte count. These techniques allow a service gateway to bill separately for different requests and responses carried in TCP data packets, such as those for Hypertext Transfer Protocol (HTTP) and Real Time Streaming Protocol (RTSP).
摘要翻译：用于单独计算通过使用传输控制协议（TCP）通过网络传送的相同数据分组中的多个事务的技术包括接收包括传输控制协议（TCP）有效载荷数据的因特网协议（IP）数据分组。解析TCP有效载荷以确定指示在第一事务和第二事务之间的边界上的字节位置的边界数据。基于边界数据确定指示与第一事务相关联的TCP有效载荷中的字节数的字节计数。至少部分地基于字节计数确定第一事务的计费数据。这些技术允许服务网关对TCP数据分组（例如超文本传输协议（HTTP）和实时流协议（RTSP））中携带的不同请求和响应进行单独计费。

7. 发明申请

US20050188065A1 System and method for communicating in a loadbalancing environment 有权
标题翻译：在负载平衡环境中通信的系统和方法
公开(公告)号：US20050188065A1
公开(公告)日：2005-08-25
申请号：US10192919
申请日：2002-07-10
申请人： Chris O'Rourke , Robert Batz , Rabih Dabboussi , John Glotzer , Louis Menditto , Alpesh Patel , Kent Leung
发明人： Chris O'Rourke , Robert Batz , Rabih Dabboussi , John Glotzer , Louis Menditto , Alpesh Patel , Kent Leung
IPC分类号： H04L12/28 , H04L12/46 , G06F15/173
CPC分类号： H04L12/2859 , H04L12/4633
摘要： A method for communicating in a loadbalancing environment is provided that in a particular embodiment includes receiving a request packet from a network access server (NAS) to initiate a communication session. The request packet is then communicated to a tunneling protocol network server (TPNS) and a response packet is received in response to the request packet. The response packet establishes a tunnel that facilitates the communication session and that includes an identification element associated with the TPNS such that a data transfer associated with the communication session is executed between the NAS and the TPNS.
摘要翻译：提供了一种用于在负载平衡环境中通信的方法，其在特定实施例中包括从网络接入服务器（NAS）接收请求分组以发起通信会话。然后将请求分组传送到隧道协议网络服务器（TPNS），并响应于请求分组接收响应分组。响应分组建立一个便于通信会话的隧道，并且包括与TPNS相关联的识别元件，使得在NAS和TPNS之间执行与通信会话相关联的数据传输。

8. 发明申请

US20070011329A1 Techniques for accounting for multiple transactions in a transport control protocol (TCP) payload 有权
标题翻译：用于计算传输控制协议（TCP）有效载荷中的多个事务的技术
公开(公告)号：US20070011329A1
公开(公告)日：2007-01-11
申请号：US11175849
申请日：2005-07-06
申请人： Mark Albert , Robert Batz , Louis Menditto , Richard Gray , Tzu-Ming Tsang , Michael Sutton
发明人： Mark Albert , Robert Batz , Louis Menditto , Richard Gray , Tzu-Ming Tsang , Michael Sutton
IPC分类号： G06F15/173
CPC分类号： H04L43/04 , H04L12/14 , H04L12/1425 , H04L67/02
摘要： Techniques for separately accounting for multiple transactions in the same data packets communicated over a network using Transport Control Protocol (TCP) include receiving an Internet Protocol (IP) data packet that includes Transport Control Protocol (TCP) payload data. The TCP payload is parsed to determine boundary data that indicates a byte location on a boundary between a first transaction and a second transaction. A byte count that indicates a number of bytes in the TCP payload associated with the first transaction is determined based on the boundary data. Accounting data for the first transaction is determined based at least in part on the byte count. These techniques allow a service gateway to bill separately for different requests and responses carried in TCP data packets, such as those for Hypertext Transfer Protocol (HTTP) and Real Time Streaming Protocol (RTSP).
摘要翻译：用于单独计算通过使用传输控制协议（TCP）通过网络传送的相同数据分组中的多个事务的技术包括接收包括传输控制协议（TCP）有效载荷数据的因特网协议（IP）数据分组。解析TCP有效载荷以确定指示在第一事务和第二事务之间的边界上的字节位置的边界数据。基于边界数据确定指示与第一事务相关联的TCP有效载荷中的字节数的字节计数。至少部分地基于字节计数确定第一事务的计费数据。这些技术允许服务网关对TCP数据分组（例如超文本传输协议（HTTP）和实时流协议（RTSP））中携带的不同请求和响应进行单独计费。

9. 发明申请

US20060047814A1 System and method for managing end user approval for charging in a network environment 有权
标题翻译：用于在网络环境中管理终端用户批准以进行计费的系统和方法
公开(公告)号：US20060047814A1
公开(公告)日：2006-03-02
申请号：US10928932
申请日：2004-08-27
申请人： Robert Batz , Louis Menditto , John White
发明人： Robert Batz , Louis Menditto , John White
IPC分类号： G06F15/173
CPC分类号： H04L12/14 , G06Q30/00 , H04L63/10 , H04L67/02 , H04L67/14 , H04L67/16
摘要： An apparatus for managing information in a network environment is provided that includes a content service gateway operable to communicate with an end user in order to facilitate a communication session. The communication session relates to a request by the end user for content or for a service. A quota server coupled to the content service gateway is operable to receive a service authorization request from the content service gateway relating to the communication session. The service authorization request operates to authorize access to the service or to the content for the end user.
摘要翻译：提供一种用于在网络环境中管理信息的装置，其包括可操作以与最终用户通信的内容服务网关，以便于通信会话。通信会话涉及最终用户对内容或服务的请求。耦合到内容服务网关的配额服务器可操作以从与通信会话有关的内容服务网关接收服务授权请求。服务授权请求操作以授权对最终用户的服务或内容的访问。

10. 发明申请

US20050044138A1 System and method for managing access for an end user in a network environment 审中-公开
标题翻译：用于在网络环境中管理最终用户的访问的系统和方法
公开(公告)号：US20050044138A1
公开(公告)日：2005-02-24
申请号：US10645139
申请日：2003-08-21
申请人： Mark Albert , Robert Batz , Richard Gray , Louis Menditto , Michael Sutton , Tzu-Ming Tsang , Pranav Tiwari
发明人： Mark Albert , Robert Batz , Richard Gray , Louis Menditto , Michael Sutton , Tzu-Ming Tsang , Pranav Tiwari
IPC分类号： G06Q30/00 , G06F15/16 , G06F17/60
CPC分类号： G06Q30/02 , G06Q20/102
摘要： An apparatus for managing network access is provided that includes a billing system element operable to receive one or more packets of a communication flow and to communicate with a price server. The price server is operable to receive a query from the billing system element associated with a pricing parameter relating to a data segment to be accessed by an end user associated with the communication flow. The price server is also operable to return a response to the billing system element that includes the pricing parameter relating to the data segment such that the end user can verify the pricing parameter before accessing the data segment.
摘要翻译：提供了一种用于管理网络访问的装置，其包括可操作以接收通信流的一个或多个分组并与价格服务器通信的计费系统元件。价格服务器可操作以从与由与通信流相关联的最终用户访问的数据段相关的定价参数相关联的计费系统元件接收查询。价格服务器还可操作地向包括与数据段相关的定价参数的计费系统元件返回响应，使得最终用户可以在访问数据段之前验证定价参数。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式