会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 1. 发明授权
    • Virtual network interface
    • 虚拟网络接口
    • US08213429B2
    • 2012-07-03
    • US11575395
    • 2005-08-03
    • Michael John WrayChristopher I Dalton
    • Michael John WrayChristopher I Dalton
    • H04L12/56
    • H04L12/4633
    • A virtual network has network interfaces coupled by a multipoint tunnel (100) through a forwarding network (40), each interface having a forwarding address in an address space of the forwarding network, each network interface having a reconfigurable address mapper (320) for determining a forwarding address for a packet, and encapsulating the packet with its forwarding address so that the forwarding network can forward the data packet transparent to its destination address. This makes the virtual network more agile since changes to the virtual network can be achieved by reconfiguring the corresponding forwarding addresses without needing to set up new tunnels new routing to these different tunnels. The forwarding network need not be aware of the virtual network and so no adaptation of the forwarding network or specialised hardware is needed.
    • 虚拟网络具有通过转发网络(40)通过多点隧道(100)耦合的网络接口,每个接口在转发网络的地址空间中具有转发地址,每个网络接口具有可重配置地址映射器(320),用于确定 分组的转发地址,并用转发地址封装分组,使转发网络能​​够将数据包转发到目的地址。 这使得虚拟网络更加灵活,因为可以通过重新配置相应的转发地址来实现对虚拟网络的更改,而无需为新隧道建立新的路由到这些不同的隧道。 转发网络不需要知道虚拟网络,因此不需要转发网络或专用硬件的适配。
    • 2. 发明申请
    • VIRTUAL NETWORK INTERFACE
    • 虚拟网络接口
    • US20090129385A1
    • 2009-05-21
    • US11575395
    • 2005-08-03
    • Michael John WrayChristopher I. Dalton
    • Michael John WrayChristopher I. Dalton
    • H04L12/28
    • H04L12/4633
    • A virtual network has network interfaces coupled by a multipoint tunnel (100) through a forwarding network (40), each interface having a forwarding address in an address space of the forwarding network, each network interface having a reconfigurable address mapper (320) for determining a forwarding address for a packet, and encapsulating the packet with its forwarding address so that the forwarding network can forward the data packet transparent to its destination address. This makes the virtual network more agile since changes to the virtual network can be achieved by reconfiguring the corresponding forwarding addresses without needing to set up new tunnels new routing to these different tunnels. The forwarding network need not be aware of the virtual network and so no adaptation of the forwarding network or specialised hardware is needed.
    • 虚拟网络具有通过转发网络(40)通过多点隧道(100)耦合的网络接口,每个接口在转发网络的地址空间中具有转发地址,每个网络接口具有可重配置地址映射器(320),用于确定 分组的转发地址,并用转发地址封装分组,使转发网络能​​够将数据包转发到目的地址。 这使得虚拟网络更加灵活,因为可以通过重新配置相应的转发地址来实现对虚拟网络的更改,而无需为新隧道建立新的路由到这些不同的隧道。 转发网络不需要知道虚拟网络,因此不需要转发网络或专用硬件的适配。
    • 3. 发明授权
    • Security attributes of nodes in trusted computing systems
    • 可信计算系统中节点的安全属性
    • US07552328B2
    • 2009-06-23
    • US10810348
    • 2004-03-26
    • Michael John Wray
    • Michael John Wray
    • G06F21/00
    • G06F21/57
    • A system and method for resolving a rule conflict within a security policy applied to a trusted computing platform, wherein the fileset to which each of the conflicting rules v and s refers (or “scope”) is determined (step 10). It is then determined (at step 12) if the scope of one of the rules s is a complete subset of the scope of rule r. If so, rule s is applied to the accessed file f (at step 14). If not, the conflict is resolved in another way, for example, by determining the most restrictive of rules r and s (at step 16) and applying the result accordingly (step 18).
    • 一种用于解决应用于可信计算平台的安全策略中的规则冲突的系统和方法,其中确定了冲突规则v和s所指的每个文件集(或“范围”)(步骤10)。 然后确定(在步骤12)如果规则s之一的范围是规则r的范围的完整子集。 如果是,则将规则s应用于所访问的文件f(在步骤14)。 如果不是,则以另一种方式解决冲突,例如,通过确定规则r和s的最严格限制(在步骤16)并相应地应用结果(步骤18)。
    • 4. 发明申请
    • DELEGATION WITHIN A COMPUTING ENVIRONMENT
    • 在计算环境中的代表
    • US20140007197A1
    • 2014-01-02
    • US13537721
    • 2012-06-29
    • Michael John Wray
    • Michael John Wray
    • G06F21/24
    • G06F21/6218
    • In one implementation, a delegation system authenticates, at a first time, a first user relative to a computing environment, and receives, at a second time after the first time, a request for the first user to act within the computing environment as a second user. The delegation system also determines, in response to the request, whether the first user is authorized to act as the second user within the computing environment. The delegation system then receives an action request from the first user, identifies the second user as an effective user for the action request; and provides the action request to the computing environment,
    • 在一个实现中,授权系统在第一时间对第一用户相对于计算环境进行认证,并且在第一时间之后的第二时间接收第一用户在计算环境内作为第二用户的请求 用户。 委托系统还响应于该请求确定第一用户是否被授权在计算环境内充当第二用户。 委托系统然后从第一用户接收动作请求,将第二用户识别为动作请求的有效用户; 并向计算环境提供动作请求,
    • 5. 发明授权
    • Network virtualization
    • 网络虚拟化
    • US08223770B2
    • 2012-07-17
    • US11575382
    • 2005-08-03
    • Michael John WrayChristopher Ian Dalton
    • Michael John WrayChristopher Ian Dalton
    • H04L12/28H04L12/56G06F15/16
    • H04L12/4633
    • A virtual network has virtual machines on physical devices connected to network interfaces each coupled by tunnels (100) through a forwarding network (40), each interface having a forwarding address in an address space of the forwarding network, each network interface having a reconfigurable address mapper (320) for determining a forwarding address for a packet, and encapsulating the packet with its forwarding address so that the forwarding network can deliver the data packet to the remote physical device having that forwarding address. Such encapsulation enables virtual machines on different physical devices to communicate transparently to the underlying forwarding network. Virtual networks can be created to suit their applications yet use or share existing forwarding networks, while protecting the forwarding network from interference by the virtual machines, and maintaining isolation between virtual machines.
    • 虚拟网络在连接到网络接口的物理设备上具有虚拟机,每个网络接口通过转发网络(40)由隧道(100)耦合,每个接口在转发网络的地址空间中具有转发地址,每个网络接口具有可重配置地址 映射器(320),用于确定分组的转发地址,并且用转发地址封装分组,使得转发网络可以将数据分组传送到具有该转发地址的远程物理设备。 这种封装使得不同物理设备上的虚拟机可以透明地通向底层转发网络。 可以创建虚拟网络以适应其应用,同时使用或共享现有的转发网络,同时保护转发网络免受虚拟机的干扰,并保持虚拟机之间的隔离。
    • 6. 发明授权
    • Mapping discovery for virtual network
    • 映射虚拟网络的发现
    • US08274912B2
    • 2012-09-25
    • US11575397
    • 2005-08-03
    • Michael John WrayChristopher Ian Dalton
    • Michael John WrayChristopher Ian Dalton
    • H04L12/28H04L12/56G01R31/08G06F11/00G08C15/00H04J1/16H04J3/14H04L1/00H04L12/26
    • H04L12/4633
    • A virtual network has network interfaces coupled by tunnels (100) through a forwarding network (40), each interface having a forwarding address in an address space of the forwarding network, each network interface having a reconfigurable address mapper (320) for determining a forwarding address for a packet, and encapsulating the packet with its forwarding address so that the forwarding network can forward the data packet transparent to its destination address. The network interface automatically configures the address mapper by sending a discovery request for a given virtual network address over the forwarding network, to prompt a response with an indication of the corresponding forwarding address, and to use the indication in such a response to configure the address mapper. This can ease the administrative burden of setting up and maintaining the address mapper and to ease network reconfiguration according to demand or faults for example.
    • 虚拟网络具有通过转发网络(40)通过隧道(100)耦合的网络接口,每个接口在转发网络的地址空间中具有转发地址,每个网络接口具有用于确定转发的可重配置地址映射器(320) 地址,并以转发地址封装数据包,使转发网络可以将数据包转发到目的地址。 网络接口通过在转发网络上发送针对给定虚拟网络地址的发现请求来自动配置地址映射器,以通过指示相应的转发地址来提示响应,并且使用该响应中的指示来配置地址 映射器 这可以减轻设置和维护地址映射器的管理负担,并根据需要或故障来简化网络重新配置。
    • 7. 发明授权
    • Security attributes in trusted computing systems
    • 可信计算系统中的安全属性
    • US07600261B2
    • 2009-10-06
    • US10810308
    • 2004-03-26
    • Michael John Wray
    • Michael John Wray
    • H04L9/00
    • G06F21/57G06F21/6218
    • A system comprising a trusted computing platform including one or more logically protected computing environments, each of which is associated with at least one service or process supported by said system, the system being arranged to load onto said trusted computing platform a predetermined security policy including one or more security rules for controlling the operation of each of said logically protected computing environments, the security rules for at least one of said logically protected computing environments including an execution control rule which defines the security attributes to be applied to a service or process associated with said logically protected computing environment when said service or process is started.
    • 一种包括可信计算平台的系统,包括一个或多个逻辑上受保护的计算环境,每个环境与所述系统支持的至少一个服务或过程相关联,所述系统被布置为将预定的安全策略加载到所述可信计算平台上,包括一个 或更多的用于控制每个所述逻辑保护的计算环境的操作的安全规则,所述逻辑保护的计算环境中的至少一个的安全规则包括执行控制规则,所述执行控制规则定义要应用于与 当所述服务或过程开始时,所述逻辑保护的计算环境。
    • 8. 发明授权
    • Security policy in trusted computing systems
    • 可信计算系统中的安全策略
    • US08612755B2
    • 2013-12-17
    • US10811305
    • 2004-03-29
    • Michael John WrayRichard B Stock
    • Michael John WrayRichard B Stock
    • H04L9/32
    • G06F21/53G06F21/57
    • A trusted computing platform includes one or more first logically protected computer environments (or “compartments”) associated with initialization of the system, and one or more second logically protected computing environments (or “compartments”). The one or each second compartment is associated with at least one service or process supported by the said system. The trusted computing platform is loaded with a predetermined security policy including one or more security rules for controlling the operation of each of the compartments such that the security rules relating to the one or each first compartment is loaded onto the trusted computing platform when the system is initialized. The one or more security rules relating to the one or at least one of the second compartments are only loaded onto the trusted computing platform if one or more services or processes associated therewith are enabled.
    • 可信计算平台包括与系统的初始化相关联的一个或多个第一逻辑上受保护的计算机环境(或“隔间”)以及一个或多个第二逻辑保护计算环境(或“隔间”)。 一个或每个第二隔室与由所述系统支持的至少一个服务或过程相关联。 可信计算平台被加载有预定的安全策略,其包括用于控制每个隔间的操作的一个或多个安全规则,使得当系统是系统时将与一个或每个第一隔间相关的安全规则加载到可信计算平台上 初始化 如果与其相关联的一个或多个服务或过程被启用,则与第二隔间中的一个或至少一个相关的一个或多个安全规则仅被加载到可信计算平台上。
    • 9. 发明申请
    • Mapping Discovery for Virtual Network
    • 映射虚拟网络发现
    • US20080225875A1
    • 2008-09-18
    • US11575397
    • 2005-08-03
    • Michael John WrayChristopher Ian Dalton
    • Michael John WrayChristopher Ian Dalton
    • H04L12/28
    • H04L12/4633
    • A virtual network has network interfaces coupled by tunnels (100) through a forwarding network (40), each interface having a forwarding address in an address space of the forwarding network, each network interface having a reconfigurable address mapper (320) for determining a forwarding address for a packet, and encapsulating the packet with its forwarding address so that the forwarding network can forward the data packet transparent to its destination address. The network interface automatically configures the address mapper by sending a discovery request for a given virtual network address over the forwarding network, to prompt a response with an indication of the corresponding forwarding address, and to use the indication in such a response to configure the address mapper. This can ease the administrative burden of setting up and maintaining the address mapper and to ease network reconfiguration according to demand or faults for example.
    • 虚拟网络具有通过转发网络(40)通过隧道(100)耦合的网络接口,每个接口在转发网络的地址空间中具有转发地址,每个网络接口具有用于确定转发的可重配置地址映射器(320) 地址,并以转发地址封装数据包,使转发网络可以将数据包转发到目的地址。 网络接口通过在转发网络上发送针对给定虚拟网络地址的发现请求来自动配置地址映射器,以通过指示相应的转发地址来提示响应,并且使用该响应中的指示来配置地址 映射器 这可以减轻设置和维护地址映射器的管理负担,并根据需要或故障来简化网络重新配置。