专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20090097417A1 SYSTEM AND METHOD FOR IMPROVING SPOKE TO SPOKE COMMUNICATION IN A COMPUTER NETWORK 有权
标题翻译：用于改进计算机网络中的支持通信的系统和方法
公开(公告)号：US20090097417A1
公开(公告)日：2009-04-16
申请号：US11871508
申请日：2007-10-12
申请人： Rajiv Asati , Mohamed Khalid , Brian E. Weis , Pratima Pramod Sethi
发明人： Rajiv Asati , Mohamed Khalid , Brian E. Weis , Pratima Pramod Sethi
IPC分类号： H04L12/28
CPC分类号： H04L45/00 , H04L45/02 , H04L63/0272 , H04L63/061 , H04L63/164
摘要： Various embodiments of the disclosed subject matter provide methods and systems for improved efficiency in spoke-to-spoke network communication. Embodiments provide systems and methods for registering a spoke with a hub, updating at least one database with spoke registration information at the hub, and advertising the spoke registration information to other spokes using a single control plane that includes transport security, peer discovery, and unicast routing information.
摘要翻译：所公开的主题的各种实施例提供了用于提高辐对话网络通信的效率的方法和系统。实施例提供了用于将轮辐与集线器进行注册的系统和方法，在集线器处用轮辐注册信息更新至少一个数据库，并且使用包括传输安全性，对等体发现和单播的单个控制平面向其他轮辐广告该辐条登记信息路由信息。

2. 发明授权

US08625610B2 System and method for improving spoke to spoke communication in a computer network 有权
标题翻译：用于改善计算机网络中的讲话通信的系统和方法
公开(公告)号：US08625610B2
公开(公告)日：2014-01-07
申请号：US11871508
申请日：2007-10-12
申请人： Rajiv Asati , Mohamed Khalid , Brian E. Weis , Pratima Pramod Sethi
发明人： Rajiv Asati , Mohamed Khalid , Brian E. Weis , Pratima Pramod Sethi
IPC分类号： H04L12/28
CPC分类号： H04L45/00 , H04L45/02 , H04L63/0272 , H04L63/061 , H04L63/164
摘要： Various embodiments of the disclosed subject matter provide methods and systems for improved efficiency in spoke-to-spoke network communication. Embodiments provide systems and methods for registering a spoke with a hub, updating at least one database with spoke registration information at the hub, and advertising the spoke registration information to other spokes using a single control plane that includes transport security, peer discovery, and unicast routing information.
摘要翻译：所公开的主题的各种实施例提供了用于提高辐对话网络通信的效率的方法和系统。实施例提供了用于将轮辐与集线器进行注册的系统和方法，在集线器处用轮辐注册信息更新至少一个数据库，并且使用包括传输安全性，对等体发现和单播的单个控制平面向其他轮辐广告该辐条登记信息路由信息。

3. 发明授权

US07602737B2 Methods and apparatus for providing an enhanced dynamic multipoint virtual private network architecture 有权
标题翻译：用于提供增强的动态多点虚拟专用网络架构的方法和装置
公开(公告)号：US07602737B2
公开(公告)日：2009-10-13
申请号：US11414787
申请日：2006-05-01
申请人： Rajiv Asati , Mohamed Khalid , Brian E. Weis , Pratima Pramod Sethi
发明人： Rajiv Asati , Mohamed Khalid , Brian E. Weis , Pratima Pramod Sethi
IPC分类号： H04L12/28
CPC分类号： H04L12/4633 , H04L45/00 , H04L45/30
摘要： A system transmits, to a hub from a first spoke, first routing information associated with the first spoke. The system receives, at the first spoke, from the hub, second routing information associated with a plurality of spokes in communication with the hub. The plurality of spokes includes a second spoke. The system resolves, at the first spoke, a next hop determination for the packet based on the second routing information received from the hub. The system routes the packet from the first spoke to the second spoke using the next hop determination.
摘要翻译：系统从第一辐条向中枢发送与第一辐条相关联的第一路由信息。系统在第一辐条时从集线器接收与与集线器通信的多个辐条相关联的第二路由信息。多个辐条包括第二辐条。基于从集线器接收到的第二路由信息，系统在第一个分支处解析分组的下一跳确定。系统使用下一跳确定路由数据包从第一个辐条到第二个辐条。

4. 发明申请

US20080298592A1 TECHNIQUE FOR CHANGING GROUP MEMBER REACHABILITY INFORMATION 审中-公开
标题翻译：改变集团会员可追溯性信息的技术
公开(公告)号：US20080298592A1
公开(公告)日：2008-12-04
申请号：US11754780
申请日：2007-05-29
申请人： Mohamed Khalid , Aamer S. Akhter , Rajiv Asati , Brian E. Weis
发明人： Mohamed Khalid , Aamer S. Akhter , Rajiv Asati , Brian E. Weis
IPC分类号： H04L9/12
CPC分类号： H04L9/0833 , H04L9/0891 , H04L63/0272 , H04L63/065
摘要： In one embodiment, a technique for updating an address associated with a first entity in a communications network with a second entity in the communications network wherein the address is used to forward information to the first entity from the second entity. The first entity registers a first address associated with the first entity with the second entity. The first entity determines that a second address associated with the first entity is to be used instead of the first address to communicate with the first entity. The first entity generates an update message containing the second address, the update message obviating having to register the second address with the second entity. The first entity forwards the update message to the second entity to cause the second entity to use the second address instead of the first address to forward information to the first entity.
摘要翻译：在一个实施例中，一种用于在通信网络中与第二实体更新与通信网络中的第一实体相关联的地址的技术，其中所述地址用于将信息从所述第二实体转发到所述第一实体。第一实体将与第一实体相关联的第一地址与第二实体注册。第一实体确定将使用与第一实体相关联的第二地址而不是与第一实体进行通信的第一地址。第一实体生成包含第二地址的更新消息，更新消息消除了必须向第二实体注册第二地址。第一实体将更新消息转发给第二实体以使第二实体使用第二地址而不是第一地址来将信息转发到第一实体。

5. 发明授权

US07613826B2 Methods and apparatus for providing multiple policies for a virtual private network 有权
标题翻译：为虚拟专用网提供多种策略的方法和装置
公开(公告)号：US07613826B2
公开(公告)日：2009-11-03
申请号：US11350991
申请日：2006-02-09
申请人： James N. Guichard , W. Scott Wainner , Brian E. Weis , Mohamed Khalid
发明人： James N. Guichard , W. Scott Wainner , Brian E. Weis , Mohamed Khalid
IPC分类号： G06F15/16
CPC分类号： H04L12/4641 , H04L45/00 , H04L45/42 , H04L45/586 , H04L47/10 , H04L47/125 , H04L47/20 , H04L63/0272
摘要： A system provides a request for a policy from a policy server, and receives the policy from the policy server. The policy indicates processing to be applied to a traffic partition passing through the device. The system configures the policy within a routing structure associated with the traffic partition for the policy in the device, and routes a stream of traffic for the routing structure in accordance with the policy for that routing structure.
摘要翻译：系统从策略服务器提供对策略的请求，并从策略服务器接收策略。该策略指示要应用于通过设备的流量分区的处理。系统在与设备中策略的流量分配相关联的路由结构中配置策略，并根据路由结构的策略为路由结构路由流量流。

6. 发明授权

US08867747B2 Key generation for networks 有权
标题翻译：网络的关键一代
公开(公告)号：US08867747B2
公开(公告)日：2014-10-21
申请号：US12414772
申请日：2009-03-31
申请人： David A. McGrew , Brian E. Weis
发明人： David A. McGrew , Brian E. Weis
IPC分类号： H04L9/08
CPC分类号： H04L9/0869 , H04L9/083
摘要： Systems, methods, and other embodiments associated with key generation for networks are described. One example method includes configuring a key server with a pseudo-random function (PRF). The key server may provide keying material to gateways. The method may also include controlling the key server to generate a cryptography data structure (e.g., D-matrix) based, at least in part, on the PRF and a seed value. The method may also include controlling the key server to selectively distribute a portion of the cryptography data structure and/or data derived from the cryptography data structure to a gateway. The gateway may then encrypt communications based, at least in part, on the portion of the cryptography data structure. The method may also include selectively distributing an epoch value to members of the set of gateways that may then decrypt an encrypted communication based, at least in part, on the epoch value.
摘要翻译：描述了与网络的密钥生成相关联的系统，方法和其他实施例。一个示例性方法包括配置具有伪随机函数（PRF）的密钥服务器。密钥服务器可以向网关提供密钥材料。该方法还可以包括：至少部分地基于PRF和种子值来控制密钥服务器以生成加密数据结构（例如，D矩阵）。该方法还可以包括控制密钥服务器以选择性地将加密数据结构的一部分和/或从加密数据结构导出的数据分发到网关。网关可以至少部分地基于加密数据结构的一部分加密通信。该方法还可以包括选择性地将时代值分配到该组网关的成员，该网关组可以至少部分地基于时期值来解密加密的通信。

7. 发明申请

US20110258431A1 SYSTEM AND METHOD FOR PROVIDING PREFIXES INDICATIVE OF MOBILITY PROPERTIES IN A NETWORK ENVIRONMENT 有权
标题翻译：用于提供在网络环境中表示移动性的前缀的系统和方法
公开(公告)号：US20110258431A1
公开(公告)日：2011-10-20
申请号：US12762204
申请日：2010-04-16
申请人： Srinath Gundavelli , Brian E. Weis
发明人： Srinath Gundavelli , Brian E. Weis
IPC分类号： H04L12/56 , H04L29/06
CPC分类号： H04L61/2007 , H04L29/12254 , H04L29/12283 , H04L29/12933 , H04L45/00 , H04L45/72 , H04L61/2038 , H04L61/2061 , H04L61/6068 , H04L63/0428 , H04L67/12 , H04W8/04 , H04W72/04
摘要： An example method includes receiving an Internet protocol (IP) address request in a network and selecting an IP address associated with a prefix that represents an IP subnet. The prefix includes a color attribute to be provided as part of a communication session that includes a plurality of packets. The prefix defines one or more properties associated with an application for the session. The prefix is communicated to a network element in a signaling plane, the prefix is configured to be used to make a routing decision for at least some of the plurality of packets. In more specific embodiments, the method can include applying one or more network policies based on the prefix associated with the IP address. The method could also include decrypting an encryption protocol in order to identify the prefix of a subsequent communication flow, and executing a routing decision based on the prefix.
摘要翻译：示例性方法包括在网络中接收因特网协议（IP）地址请求，并且选择与表示IP子网的前缀相关联的IP地址。前缀包括要作为包括多个分组的通信会话的一部分提供的颜色属性。前缀定义与会话的应用程序相关联的一个或多个属性。前缀被传送到信令平面中的网元，前缀被配置为用于为多个分组中的至少一些分组做出路由决定。在更具体的实施例中，该方法可以包括基于与IP地址相关联的前缀应用一个或多个网络策略。该方法还可以包括解密加密协议以便识别后续通信流的前缀，以及基于前缀执行路由决定。

8. 发明申请

US20110164752A1 Detection of Stale Encryption Policy By Group Members 有权
标题翻译：按组成员检测陈旧的加密策略
公开(公告)号：US20110164752A1
公开(公告)日：2011-07-07
申请号：US12652324
申请日：2010-01-05
申请人： Warren Scott Wainner , Sheela D. Rowles , Brian E. Weis , David Arthur McGrew , Scott R. Fluhrer , Kavitha Kamarthy
发明人： Warren Scott Wainner , Sheela D. Rowles , Brian E. Weis , David Arthur McGrew , Scott R. Fluhrer , Kavitha Kamarthy
IPC分类号： H04L9/00 , G06F15/173 , G06F21/00
CPC分类号： H04L63/0428 , H04L9/0833 , H04L9/0891 , H04L12/1818 , H04L63/061 , H04L63/104 , H04L63/20
摘要： Various techniques that allow group members to detect the use of stale encryption policy by other group members are disclosed. One method involves receiving a message from a first group member via a network. The message is received by a second group member. The method then detects that the first group member is not using a most recent policy update supplied by a key server, in response to information in the message. In response, a notification message can be sent from the second group member. The notification message indicates that at least one group member is not using the most recently policy update. The notification message can be sent to the key server or towards the first group member.
摘要翻译：公开了允许组成员检测到其他组成员使用过时加密策略的各种技术。一种方法涉及经由网络从第一组成员接收消息。该消息由第二组成员接收。然后该方法检测到第一组成员不响应于消息中的信息使用由密钥服务器提供的最新策略更新。作为响应，可以从第二组成员发送通知消息。通知消息表示至少有一个组成员没有使用最近的策略更新。通知消息可以发送到密钥服务器或朝向第一个组成员。

9. 发明授权

US07761702B2 Method and apparatus for distributing group data in a tunneled encrypted virtual private network 有权
标题翻译：在隧道加密的虚拟专用网络中分发组数据的方法和装置
公开(公告)号：US07761702B2
公开(公告)日：2010-07-20
申请号：US11107532
申请日：2005-04-15
申请人： Brian E. Weis , Jan Vilhuber , Michael Lee Sullenberger , Frederic R.P. Detienne
发明人： Brian E. Weis , Jan Vilhuber , Michael Lee Sullenberger , Frederic R.P. Detienne
IPC分类号： H04L9/00
CPC分类号： H04L12/1886 , H04L45/16 , H04L63/0428 , H04L63/065
摘要： A packet forwarding process, on a data communications device, forwards a packet to a plurality of destinations within a network from that data communications device using an “encrypt then replicate” method. The packet forwarding process receives a packet that is to be transmitted to the plurality of destinations, and applies a security association to the packet using security information shared between the data communications device, and the plurality of destinations, to create a secured packet. The secured packet contains a header that has a source address and a destination address. The source address is inserted into the header, and then the packet forwarding process replicates the secured packet, once for each of the plurality of destinations. After replication, the destination address is inserted into the header, and the packet forwarding process transmits each replicated secured packet to each of the plurality of destinations authorized to maintain the security association.
摘要翻译：在数据通信设备上的分组转发过程使用“加密然后复制”方法将数据包从该数据通信设备转发到网络内的多个目的地。分组转发过程接收要发送到多个目的地的分组，并且使用在数据通信设备和多个目的地之间共享的安全信息来向分组应用安全关联，以创建安全分组。安全数据包包含一个具有源地址和目标地址的报头。源地址被插入到报头中，然后分组转发过程对多个目的地中的每个目的地一次复制安全分组。在复制之后，目的地址被插入到报头中，并且分组转发过程将每个复制的安全分组传送到被授权维护安全关联的多个目的地中的每一个。

10. 发明授权

US07676679B2 Method for self-synchronizing time between communicating networked systems using timestamps 有权
标题翻译：使用时间戳通信网络系统之间的自同步时间的方法
公开(公告)号：US07676679B2
公开(公告)日：2010-03-09
申请号：US11059178
申请日：2005-02-15
申请人： Brian E. Weis , David A. McGrew
发明人： Brian E. Weis , David A. McGrew
IPC分类号： H04L9/00 , H04L9/32
CPC分类号： H04L9/12 , H04L9/3297 , H04L63/126 , H04L63/1466
摘要： Nodes in a network include a pseudo-timestamp in messages or packets, derived from local pseudo-time clocks. When a packet is received, a first time is determined representing when the packet was sent and a second time is determined representing when the packet was received. If the difference between the second time and the first time is greater than a predetermined amount, the packet is considered to be stale and is rejected, thereby deterring replay. Because each node maintains its own clock and time, to keep the clocks relatively synchronized, if a time associated with a timestamp of a received packet is later than a certain amount with respect to the time at the receiver, the receiver's clock is set ahead by an amount that expected to synchronize the receiver's and the sender's clocks. However, a receiver never sets its clock back, to deter attacks.
摘要翻译：网络中的节点包括从本地伪时间时钟导出的消息或分组中的伪时间戳。当接收到分组时，确定第一次表示何时发送分组，并且确定表示何时接收分组的第二时间。如果第二时间和第一时间之间的差异大于预定量，则该分组被认为是陈旧的并且被拒绝，从而阻止重放。由于每个节点保持其自身的时钟和时间，为了保持时钟相对同步，如果与接收到的分组的时间戳相关联的时间相对于接收机的时间晚于一定量，则将接收机的时钟设置在预计会使接收器和发送器的时钟同步的量。然而，接收机从未将其时钟重新设置为阻止攻击。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式