专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

11. 发明授权

US07206313B2 Apparatus and method for using information in one direction of a bi-directional flow in a network to alter characteristics of the return direction flow 有权
标题翻译：在网络中的双向流的一个方向上使用信息以改变返回方向流的特征的装置和方法
公开(公告)号：US07206313B2
公开(公告)日：2007-04-17
申请号：US10166884
申请日：2002-06-11
申请人： Robert Daniel Maher, III , James Robert Deerman , Milton Andre Lie
发明人： Robert Daniel Maher, III , James Robert Deerman , Milton Andre Lie
IPC分类号： H04L12/56
CPC分类号： H04L65/1006 , H04L29/06027 , H04L47/10 , H04L47/70 , H04L47/785 , H04L47/801 , H04L47/805 , H04L47/823 , H04L47/825 , H04L65/1043 , H04L65/80
摘要： A network processing system is described that is able to bind all the network traffic related to a bi-directional communication. Unidirectional processing engines take the data from line interfaces, and associate each data packet with an identifier, which identifies the flow of which the data packet is a part. The flows examined to determine if they are part of a bi-directional communication. If the flow is part of a bi-directional communication information related to the return flow or flows is extracted and passed to the unidirectional processing engine handling the flows in the opposite direction. This processing engine then pre-allocates resources in anticipation of the return flows. The pre-allocation of resources includes creating an entry in a session memory that contains state information on the flows passing through the network processing system.
摘要翻译：描述了能够绑定与双向通信相关的所有网络流量的网络处理系统。单向处理引擎从线路接口获取数据，并将每个数据分组与标识符相关联，标识数据分组是其一部分的流程。检查流程以确定它们是否是双向通信的一部分。如果流是与返回流相关的双向通信信息的一部分，或者流被提取并传递到处理相反方向的流的单向处理引擎。然后，该处理引擎预期返回流量预先分配资源。资源的预分配包括在会话存储器中创建包含通过网络处理系统的流的状态信息的条目。

12. 发明授权

US06741595B2 Device for enabling trap and trace of internet protocol communications 有权
公开(公告)号：US06741595B2
公开(公告)日：2004-05-25
申请号：US10167311
申请日：2002-06-11
申请人： Robert Daniel Maher, III , James Robert Deerman , Milton Andre Lie
发明人： Robert Daniel Maher, III , James Robert Deerman , Milton Andre Lie
IPC分类号： H04L1228
CPC分类号： H04L43/026 , H04L41/0893 , H04L47/2441 , H04L63/00 , H04L63/30 , H04M3/2281 , H04M7/006
摘要： A network processing system is described that is able to monitor IP network traffic, including the ability to perform trap and trace on IP communications flowing over the IP network. The network processing system is able to scan the entire contents of data packets passing through it, and to associate related data packets into discrete sessions, or flows, which allows the network processing system to search for predetermined search criteria contained within those flows. If a flow is found to contain a predetermined search criteria, the network processing system is able to maintain a record of the flow or to replicate the flow and save it or send it to another IP address for monitoring. The monitoring of a flow can include the entire contents of the flow, or any subset of information in the flow such as call identifying information.

13. 发明授权

US07894432B2 Apparatus and method creating virtual routing domains in an internet protocol network 有权
标题翻译：在互联网协议网络中创建虚拟路由域的装置和方法
公开(公告)号：US07894432B2
公开(公告)日：2011-02-22
申请号：US11103099
申请日：2005-04-09
申请人： Ashwin Vishanji Rana , Milton Andre Lie , Robert Harold Walls , Robert Daniel Maher, III
发明人： Ashwin Vishanji Rana , Milton Andre Lie , Robert Harold Walls , Robert Daniel Maher, III
IPC分类号： H04L12/28
CPC分类号： H04L45/302 , H04L45/04 , H04L45/3065 , H04L45/38 , H04L47/10 , H04L47/20 , H04L47/2416 , H04L47/2425 , H04L47/6215 , H04L63/0272 , H04L63/1458
摘要： A method and apparatus is described that allow the creation of virtual routing domains in an IP network. These virtual routing domains allow individual networks to be configures so that it appears that its routing domain covers the entire IP address space. A network processing system is used to implement the virtual routing domains and to allow network traffic to cross the individual routing domains. The network processing system is able to use application layer information to allow the crossing of virtual routing domain boundaries. By examining application layer information the network processing system is able to look up customer/user information and use that information to determine destination virtual routing domains and route otherwise unroutable addresses between domains.
摘要翻译：描述了允许在IP网络中创建虚拟路由域的方法和装置。这些虚拟路由域允许单独的网络进行配置，以使它的路由域覆盖整个IP地址空间。网络处理系统用于实现虚拟路由域，并允许网络流量跨越各个路由域。网络处理系统能够使用应用层信息来允许跨越虚拟路由域边界。通过检查应用层信息，网络处理系统能够查找客户/用户信息，并使用该信息来确定目的地虚拟路由域，并在域间路由否则不可路由的地址。

14. 发明授权

US07471683B2 Device for enabling trap and trace of internet protocol communications 有权
标题翻译：用于启用互联网协议通信的陷阱和跟踪的设备
公开(公告)号：US07471683B2
公开(公告)日：2008-12-30
申请号：US10852343
申请日：2004-05-24
申请人： Robert Daniel Maher, III , James Robert Deerman , Milton Andre Lie
发明人： Robert Daniel Maher, III , James Robert Deerman , Milton Andre Lie
IPC分类号： H04L12/28 , H04L12/56 , H04M1/00 , H04B7/00
CPC分类号： H04L43/026 , H04L41/0893 , H04L47/2441 , H04L63/00 , H04L63/30 , H04M3/2281 , H04M7/006
摘要： A network processing system is described that is able to monitor IP network traffic, including the ability to perform trap and trace on IP communications flowing over the IP network. The network processing system is able to scan the entire contents of data packets passing through it, and to associate related data packets into discrete sessions, or flows, which allows the network processing system to search for predetermined search criteria contained within those flows. If a flow is found to contain a predetermined search criteria, the network processing system is able to maintain a record of the flow or to replicate the flow and save it or send it to another IP address for monitoring. The monitoring of a flow can include the entire contents of the flow, or any subset of information in the flow such as call identifying information.
摘要翻译：描述了能够监视IP网络流量的网络处理系统，包括对通过IP网络流动的IP通信进行陷阱和跟踪的能力。网络处理系统能够扫描通过它的数据分组的整个内容，并将相关数据分组关联成离散会话或流，这允许网络处理系统搜索包含在这些流中的预定搜索标准。如果发现流包含预定的搜索条件，则网络处理系统能够维护流的记录或复制流并将其保存或发送到另一IP地址进行监视。流的监视可以包括流的整个内容，或流中的任何信息子集，例如呼叫识别信息。

15. 发明申请

US20130024928A1 SECURE NETWORK COMMUNICATIONS FOR METERS 审中-公开
标题翻译：安全网络通信
公开(公告)号：US20130024928A1
公开(公告)日：2013-01-24
申请号：US13188995
申请日：2011-07-22
申请人： Robert James Burke , Prateek Sangal , Robert Daniel Maher, III
发明人： Robert James Burke , Prateek Sangal , Robert Daniel Maher, III
IPC分类号： G06F15/16 , G06F21/20
CPC分类号： H04L63/04 , H04L63/0272 , H04L63/0281 , H04L67/12 , H04L67/2814 , H04Q9/00 , H04Q2209/30 , H04Q2209/84
摘要： A system and method are provided for secure network communications. A proxy server receives meter data, from a meter of a set of meters via a local network, for an energy management server. The proxy server uses secure communications to send the meter data via a non-secure network to the energy management server.
摘要翻译：提供了一种用于安全网络通信的系统和方法。代理服务器通过本地网络从能量管理服务器的一组仪表接收仪表数据。代理服务器使用安全通信通过非安全网络将电表数据发送到能量管理服务器。

16. 发明授权

US07058974B1 Method and apparatus for preventing denial of service attacks 失效
标题翻译：防止拒绝服务攻击的方法和装置
公开(公告)号：US07058974B1
公开(公告)日：2006-06-06
申请号：US09598631
申请日：2000-06-21
申请人： Robert Daniel Maher, III , Victor A. Bennett
发明人： Robert Daniel Maher, III , Victor A. Bennett
IPC分类号： G06F11/00 , G06F11/22 , G06F11/30 , G06F11/32
CPC分类号： H04L63/1416 , H04L47/15 , H04L47/22 , H04L47/24 , H04L47/32 , H04L63/1458
摘要： A method and apparatus for preventing denial of service type attacks on data networks is described. The method involves scanning the contents of the data packets flowing over the data network using a traffic flow scanning engine. The data packets are reordered and reassembled and then the payload contents are scanned to determine whether they conform to predetermined requirements. Data packets which do not reorder or reassemble correctly or which do not conform to the predetermined requirements may be dropped. Dropping packets which do not reorder or reassemble correctly or which do not conform to the predetermined requirements prevent denial of service attack which exploit bugs in the TCP/IP implementation or shortcomings in the TCP/IP specification The traffic flow scanning engine is further operable to determine whether the data packets are associated with validated traffic flows. Those data packets associated with validated traffic flows are assigned to a higher priority while those not associated with a validated traffic flow are assigned to a low priority, which may occupy no more that a predetermined maximum of the available bandwidth. Assigning data packets associated with a non-validated traffic flow to a low priority prevent brute force type denial of service attacks designed to clog networks.
摘要翻译：描述了一种用于防止对数据网络的拒绝服务型攻击的方法和装置。该方法包括使用流量扫描引擎扫描在数据网络上流动的数据分组的内容。数据包被重新排序并重新组装，然后扫描有效载荷内容以确定它们是否符合预定的要求。不会正确重新排列或重新组装或不符合预定要求的数据包可能被丢弃。丢弃不正确重新排列或重新组装或不符合预定要求的数据包可防止利用TCP / IP实现中的错误或TCP / IP规范中的缺点的拒绝服务攻击。流量扫描引擎还可用于确定数据包是否与验证的流量流相关联。与验证的业务流相关联的那些数据分组被分配给较高的优先级，而不与经验证的业务流相关联的那些数据分组被分配给低优先级，这可能不再占用可用带宽的预定最大值。将与非验证业务流相关联的数据分组分配到低优先级可防止设计为阻塞网络的暴力类型拒绝服务攻击。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式