专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

11. 发明申请

US20090059914A1 METHODS FOR THE SECURED INTERCONNECTION OF VNET SITES OVER WAN 有权
标题翻译：万维网上VNET站点安全互连的方法
公开(公告)号：US20090059914A1
公开(公告)日：2009-03-05
申请号：US11846011
申请日：2007-08-28
申请人： Mohamed Khalid , Khalil Jabr , Rajiv Asati , Warren Scott Wainner , Scott Thomas Fanning
发明人： Mohamed Khalid , Khalil Jabr , Rajiv Asati , Warren Scott Wainner , Scott Thomas Fanning
IPC分类号： H04L12/28
CPC分类号： H04L12/4666 , H04L12/2854 , H04L45/00 , H04L45/02
摘要： One embodiment provides a method to interconnect virtual network segments (VNETs) defined for a local-area network (LAN) infrastructure separated by a wide-area network infrastructure. The technique involves the routing device at the LAN-WAN interconnection points to impose or dispose the VNET-shim, which encodes the VNET-id information in a Layer 4 portion of the packet. In a data plane, a new IP protocol value may be used to signify the presence of the VNET-shim followed by cryptography specific information in an IP packet. In a control plane, the routing protocol is expanded to exchange the routing information along with the VNET information.
摘要翻译：一个实施例提供了一种互连为由广域网基础设施分开的局域网（LAN）基础设施定义的虚拟网段（VNET）的互连方法。该技术涉及LAN-WAN互联点处的路由设备，以对VNET-shim进行处理或配置，VNET-shim将数据包的第4层部分中的VNET-id信息编码。在数据平面中，可以使用新的IP协议值来表示VIP-shim的存在，随后是IP分组中的加密特定信息。在控制平面中，路由协议被扩展以便与VNET信息一起交换路由信息。

12. 发明申请

US20070115990A1 Method of providing an encrypted multipoint VPN service 有权
标题翻译：提供加密多点VPN服务的方法
公开(公告)号：US20070115990A1
公开(公告)日：2007-05-24
申请号：US11284951
申请日：2005-11-22
申请人： Rajiv Asati , Mohamed Khalid , Haseeb Niazi , Vijay Bollapragada
发明人： Rajiv Asati , Mohamed Khalid , Haseeb Niazi , Vijay Bollapragada
IPC分类号： H04L12/56 , H04J3/24
CPC分类号： H04L45/00 , H04L63/0272 , H04L63/164
摘要： A method, apparatus and computer program product for providing an encrypted multipoint Virtual Private Network (VPN) service is presented. A first packet of a plurality of packets is received at an ingress provider edge (PE) the plurality of packets destined for a remote server in communication with said egress PE router. A lookup for a destination prefix of a first packet is preformed, and a determination made that a next-hop for the first packet is reachable through a mGRE tunnel. A resolution request is sent to a hub to acquire a routable IP address. The packets sent to the hub are encapsulated, and encrypting until a resolution reply is received and until security associations (SAs) have been exchanged. Then a VPN is established between the ingress and egress PEs and is used for all subsequent packets.
摘要翻译：提出了一种用于提供加密的多点虚拟专用网（VPN）服务的方法，装置和计算机程序产品。多个分组的第一分组在入口提供商边缘（PE）处接收去往与所述出口PE路由器通信的远程服务器的多个分组。执行对第一分组的目的地前缀的查找，并且确定通过mGRE隧道可以达到第一分组的下一跳。将解析请求发送到集线器以获取可路由的IP地址。发送到集线器的数据包被封装，并进行加密，直到收到解决回复，直到交换安全关联（SA）为止。然后在入口和出口PE之间建立VPN，并用于所有后续数据包。

13. 发明授权

US08675478B2 Network based switchover to original content after ad-insertion device failure 有权
标题翻译：广告插入设备发生故障后，基于网络的切换到原始内容
公开(公告)号：US08675478B2
公开(公告)日：2014-03-18
申请号：US12112641
申请日：2008-04-30
申请人： Rajiv Asati , Gregory Shepherd , Mohamed Khalid
发明人： Rajiv Asati , Gregory Shepherd , Mohamed Khalid
IPC分类号： G01R31/08 , G06F11/00 , G08C15/00 , H04J1/16 , H04J3/14 , H04L1/00 , H04L12/26
CPC分类号： H04L12/185 , H04L12/1868 , H04L45/00 , H04L45/16 , H04L45/22 , H04L45/28 , H04L45/48
摘要： In one embodiment, a network device joins a first multicast tree to receive post-ad-inserted video content. The network device also joins a second multicast tree to receive the pre-ad-inserted video content. The content from the first multicast tree is forwarded by the network device to the receiver(s). The network device determines if it does not receive the content on the first multicast tree due to any failure, in which case, it delivers the content from the second multicast tree to the receiver(s). This enables the receiver to receive the original (pre-ad-inserted) content during the failure in first multicast tree. When the failure is resolved, the network device can go back to sending the content from the first multicast tree to the receiver(s).
摘要翻译：在一个实施例中，网络设备加入第一多播树以接收插入后的视频内容。网络设备还加入第二多播树以接收预先插入的视频内容。来自第一多播树的内容由网络设备转发给接收者。网络设备由于任何故障而确定它是否在第一多播树上不接收内容，在这种情况下，它将内容从第二多播树传送到接收者。这使得接收机能够在第一个多播树中的故障期间接收原始（预先插入的）内容。当故障解决时，网络设备可以返回将内容从第一多播树发送到接收者。

14. 发明授权

US08515079B1 Hybrid rekey distribution in a virtual private network environment 有权
标题翻译：在虚拟专用网络环境中进行混合重新分配
公开(公告)号：US08515079B1
公开(公告)日：2013-08-20
申请号：US11627637
申请日：2007-01-26
申请人： Rajiv Asati , Mohamed Khalid , Aamer Akhter , Brian Weis , Shashi Sastry
发明人： Rajiv Asati , Mohamed Khalid , Aamer Akhter , Brian Weis , Shashi Sastry
IPC分类号： H04L29/06
CPC分类号： H04L63/062 , H04L63/0272
摘要： In one embodiment, a rekey distribution process transmits, from a key server, a multicast probe message intended to be received by at least one group member device. The rekey distribution process also receives, at the key server, an acknowledgement message from each group member device that received the multicast probe message. In turn, the rekey distribution process transmits, from the key server, a multicast rekey data message intended to be received by each group member device from which the key server received an acknowledgment message. Furthermore, the rekey distribution process transmits, from the key server, a unicast rekey data message to each group member device from which the key server did not receive an acknowledgment message.
摘要翻译：在一个实施例中，密钥分发处理从密钥服务器发送旨在被至少一个组成员设备接收的多播探测消息。密钥分发过程还在密钥服务器处接收到来自接收到多播探测消息的每个组成员设备的确认消息。依次，密钥分发处理从密钥服务器发送打算由密钥服务器从其收到确认消息的每个组成员设备接收的多播重新密钥数据消息。此外，密钥分发处理从密钥服务器向单个密钥服务器未接收到确认消息的每个组成员设备发送单播重新密钥数据消息。

15. 发明授权

US08411866B2 Distribution of group cryptography material in a mobile IP environment 有权
标题翻译：在移动IP环境中分发密码材料
公开(公告)号：US08411866B2
公开(公告)日：2013-04-02
申请号：US11940237
申请日：2007-11-14
申请人： Mohamed Khalid , Ciprian Pompiliu Popoviciu , Kavitha Kamarthy , Aamer Saeed Akhter , Rajiv Asati
发明人： Mohamed Khalid , Ciprian Pompiliu Popoviciu , Kavitha Kamarthy , Aamer Saeed Akhter , Rajiv Asati
IPC分类号： H04K1/00 , H04L29/06 , H04L9/32 , G06F7/04 , G06F15/16 , G06F17/30 , G06F15/173
CPC分类号： H04L9/0833 , H04L2209/80
摘要： In one embodiment, a Home Agent receives a Mobile IP registration request from a group member, where the group member is a Mobile Node. The Home Agent generates a mobility binding for the group member that associates the group member with a care-of address, wherein the group member is a member of one or more groups. The Home Agent generates a Mobile IP registration reply, where the Mobile IP registration reply identifies one or more key servers. Each of the one or more key servers serves at least one of the one or more groups and is adapted for distributing group cryptography material to members of each group that is served by the corresponding key server. The Home Agent sends the Mobile IP registration reply to the group member, thereby enabling the group member to obtain cryptography material for at least one of the one or more groups from at least one of the one or more key servers to enable the group member to use the cryptography group material to securely communicate with other group members.
摘要翻译：在一个实施例中，归属代理从组成员接收移动IP注册请求，其中组成员是移动节点。归属代理为组成员生成关联组成员与转交地址的移动性绑定，其中组成员是一个或多个组的成员。归属代理生成移动IP注册答复，其中移动IP注册应答标识一个或多个密钥服务器。一个或多个密钥服务器中的每一个服务于一个或多个组中的至少一个，并且适于将组密码材料分发给由相应的密钥服务器服务的每个组的成员。归属代理将移动IP注册回复发送给组成员，从而使得组成员可以从一个或多个密钥服务器中的至少一个获得针对所述一个或多个组中的至少一个的加密材料，以使该组成员能够使用加密组资料与其他群组成员进行安全通信。

16. 发明授权

US08307442B2 Method of preventing infection propagation in a dynamic multipoint virtual private network 有权
标题翻译：防止动态多点虚拟专用网中感染传播的方法
公开(公告)号：US08307442B2
公开(公告)日：2012-11-06
申请号：US11497956
申请日：2006-08-01
申请人： Rajiv Asati , Mohamed Khalid , Haseeb Niazi , Jason Guy
发明人： Rajiv Asati , Mohamed Khalid , Haseeb Niazi , Jason Guy
IPC分类号： H04L29/06
CPC分类号： H04L63/145
摘要： A method, apparatus and computer program product for preventing infection propagation in a DMVPN is presented. An infected spoke router site is isolated from the DMVPN network such that the spoke router may (bi-directionally) completely or partially limit communicating with any network devices (including the hub router, any other spoke routers etc.) within the DMVPN which prevents the DMVPN melt-down, isolates a worm-infected spoke router site from the rest of the DMVPN and restricts the spread of the worm within the DMVPN network.
摘要翻译：提出了一种防止DMVPN中感染传播的方法，装置和计算机程序产品。受感染的分支路由器站点与DMVPN网络隔离，使得分支路由器可以（双向）完全或部分地限制与DMVPN内的任何网络设备（包括集线器路由器，任何其他分支路由器等）的通信，从而防止 DMVPN融合，将蠕虫感染的分支路由器站点与DMVPN的其余部分隔离开，并限制蠕虫在DMVPN网络内的传播。

17. 发明授权

US07987506B1 Methods and systems for dynamically updating a routing table in a virtual private network 有权
标题翻译：用于在虚拟专用网络中动态更新路由表的方法和系统
公开(公告)号：US07987506B1
公开(公告)日：2011-07-26
申请号：US11592505
申请日：2006-11-03
申请人： Mohamed Khalid , Rajiv Asati , Shashidhar P. Patil , Aamer Akhter
发明人： Mohamed Khalid , Rajiv Asati , Shashidhar P. Patil , Aamer Akhter
IPC分类号： G06F15/16
CPC分类号： H04L63/0272 , H04L12/4633 , H04L12/4641 , H04L45/02
摘要： A method, system, and computer program product for dynamically updating a routing table in a virtual private network including a concentrator with a routing table and one or more security associations is provided. A change is identified in the virtual private network, and related network information is also identified. A notification update message is created, including (i) a type of change to be made to the routing table based on to the identified change and (ii) the related network information. The notification update message is sent to the concentrator, which updates the routing table according to the notification update message. During the updating of the routing table of the concentrator, current security associations of the virtual private network tunnel are maintained.
摘要翻译：提供了一种用于动态地更新包括具有路由表和一个或多个安全关联的集中器的虚拟专用网中的路由表的方法，系统和计算机程序产品。在虚拟专用网中识别出变化，并且还识别相关的网络信息。创建通知更新消息，包括（i）基于所识别的改变对路由表进行的改变的类型和（ii）相关的网络信息。通知更新消息被发送到集中器，其根据通知更新消息来更新路由表。在更新集中器的路由表期间，维护虚拟专用网隧道的当前安全关联。

18. 发明申请

US20100254385A1 Service Insertion Architecture (SIA) in a Virtual Private Network (VPN) Aware Network 审中-公开
标题翻译：虚拟专用网（VPN）感知网络中的服务插入架构（SIA）
公开(公告)号：US20100254385A1
公开(公告)日：2010-10-07
申请号：US12419569
申请日：2009-04-07
申请人： Govind Prasad Sharma , Mohamed Khalid , Shree Murthy , Rajiv Asati
发明人： Govind Prasad Sharma , Mohamed Khalid , Shree Murthy , Rajiv Asati
IPC分类号： H04L12/56 , H04L12/54
CPC分类号： H04L45/00 , H04L12/4633 , H04L12/4641
摘要： Systems, methods, and other embodiments associated with interworking a VPN and an SIA are described. One example apparatus includes a mapping data store to store a mapping between two logical groups of network devices having separate forwarding planes that are at least partially incompatible. The apparatus includes an instantiation logic to establish the mapping based on unique identifiers associated with the logical groups. The apparatus also includes an encoding logic to implicitly encode information to identify the first logical group in a packet received from the first logical group, provided to the second logical group, and then provided back to the first logical group. The implicitly encoded information is configured to be used without modification by the forwarding plane associated with the second logical group and is configured to facilitate a member of the second logical group resolving the mapping.
摘要翻译：描述与互联VPN和SIA相关联的系统，方法和其他实施例。一个示例性设备包括映射数据存储，用于存储具有至少部分不兼容的具有单独转发平面的两个逻辑组网络设备之间的映射。该装置包括用于基于与逻辑组相关联的唯一标识符建立映射的实例化逻辑。该装置还包括编码逻辑，用于隐含地编码信息以识别提供给第二逻辑组的从第一逻辑组接收的分组中的第一逻辑组，然后提供给第一逻辑组。隐式编码的信息被配置为不经由与第二逻辑组相关联的转发平面的修改使用，并且被配置为便于解决映射的第二逻辑组的成员。

19. 发明申请

US20090097417A1 SYSTEM AND METHOD FOR IMPROVING SPOKE TO SPOKE COMMUNICATION IN A COMPUTER NETWORK 有权
标题翻译：用于改进计算机网络中的支持通信的系统和方法
公开(公告)号：US20090097417A1
公开(公告)日：2009-04-16
申请号：US11871508
申请日：2007-10-12
申请人： Rajiv Asati , Mohamed Khalid , Brian E. Weis , Pratima Pramod Sethi
发明人： Rajiv Asati , Mohamed Khalid , Brian E. Weis , Pratima Pramod Sethi
IPC分类号： H04L12/28
CPC分类号： H04L45/00 , H04L45/02 , H04L63/0272 , H04L63/061 , H04L63/164
摘要： Various embodiments of the disclosed subject matter provide methods and systems for improved efficiency in spoke-to-spoke network communication. Embodiments provide systems and methods for registering a spoke with a hub, updating at least one database with spoke registration information at the hub, and advertising the spoke registration information to other spokes using a single control plane that includes transport security, peer discovery, and unicast routing information.
摘要翻译：所公开的主题的各种实施例提供了用于提高辐对话网络通信的效率的方法和系统。实施例提供了用于将轮辐与集线器进行注册的系统和方法，在集线器处用轮辐注册信息更新至少一个数据库，并且使用包括传输安全性，对等体发现和单播的单个控制平面向其他轮辐广告该辐条登记信息路由信息。

20. 发明申请

US20090080657A1 ACTIVE-ACTIVE HIERARCHICAL KEY SERVERS 有权
标题翻译：主动分层键控服务器
公开(公告)号：US20090080657A1
公开(公告)日：2009-03-26
申请号：US11862027
申请日：2007-09-26
申请人： Rajiv Asati , Scott Thomas Fanning , Haseeb Niazi , Sheela Rowles , Kavitha Kamarthy , Mohamed Khalid
发明人： Rajiv Asati , Scott Thomas Fanning , Haseeb Niazi , Sheela Rowles , Kavitha Kamarthy , Mohamed Khalid
IPC分类号： H04L9/00
CPC分类号： H04L9/0891 , H04L9/083 , H04L63/0272 , H04L63/062 , H04L63/065
摘要： In one embodiment, group member devices may be divided into at least one cluster, wherein each cluster includes a primary key server designated to synchronize with a master key server. Each cluster further includes at least one registration server configured to communicate with member devices in the group within the cluster and to synchronize with the primary key server.
摘要翻译：在一个实施例中，组成员设备可以被划分为至少一个群集，其中每个群集包括被指定为与主密钥服务器同步的主密钥服务器。每个集群还包括至少一个注册服务器，其被配置为与集群内的组中的成员设备通信并与主密钥服务器同步。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式