公开(公告)号：US07574738B2

公开(公告)日：2009-08-11

申请号：US10288574

申请日：2002-11-06

申请人： Olivier Daude ,  Jacques Fieschi ,  Claude Galand ,  Olivier Hericourt ,  Jean-Francois Le Pennec

发明人： Olivier Daude ,  Jacques Fieschi ,  Claude Galand ,  Olivier Hericourt ,  Jean-Francois Le Pennec

IPC分类号： G06F15/16

CPC分类号： H04L12/4641 ,  H04L63/0236 ,  H04L63/0254 ,  H04L63/0263 ,  H04L63/0272 ,  H04L63/0281 ,  H04L63/08 ,  H04L63/0823 ,  H04L63/083 ,  H04L63/0869 ,  H04L63/101 ,  H04L63/20

摘要： A method and system for enabling interconnection of VPNs is disclosed. An interconnection device manages an interconnection process at one or more facilities including, for example, a gateway device. The gateway device has information relating to a plurality of VPNs, and may facilitate interconnection between devices on at least two of the VPNs by determining that one device is in fact a member of a first one of the VPNs, and by forwarding connection parameters of the first VPN to the second VPN on an as-needed basis. In this way, the gateway allows interconnection without the need for a completely centralized decision-making process, and does so independently of the type of device and/or VPN(s) being used. Moreover, the gateway may implement only those VPN parameters needed by both VPNs to communicate with one another with a desired level of security, thereby simplifying the routing and forwarding processes associated with the actual communication occurring via the interconnection. The information related to the plurality of VPNs and their respective member devices may be stored in a mapping table at the gateway, and identification parameters of a device seeking interconnection and/or associated VPN parameters may be verified by the use of digital certificates.

摘要翻译： 公开了一种实现VPN互连的方法和系统。 互连设备管理包括例如网关设备在内的一个或多个设施的互连处理。 网关设备具有与多个VPN相关的信息，并且可以通过确定一个设备实际上是VPN中的第一个的成员，并且通过转发所述VPN中的第一个VPN的连接参数来促进至少两个VPN中的设备之间的互连 第一个VPN到第二个VPN根据需要。 以这种方式，网关允许互连，而不需要完全集中的决策过程，并且独立于正在使用的设备和/或VPN的类型。 此外，网关可以仅实现两个VPN所需的VPN参数，以便以期望的安全级别彼此通信，从而简化与通过互连发生的实际通信相关联的路由和转发过程。 与多个VPN及其各自的成员设备相关的信息可以存储在网关的映射表中，并且可以通过使用数字证书来验证寻求互连和/或相关VPN参数的设备的识别参数。

公开(公告)号：US08260861B1

公开(公告)日：2012-09-04

申请号：US11218063

申请日：2005-08-31

申请人： Aurelien Bruno ,  Nicolas Grisi ,  Didier Giroir ,  Olivier Hericourt ,  Jean-Francois Le Pennec

发明人： Aurelien Bruno ,  Nicolas Grisi ,  Didier Giroir ,  Olivier Hericourt ,  Jean-Francois Le Pennec

IPC分类号： G06F15/16

CPC分类号： H04L51/08

摘要： Described is a system and method for receiving an electronic mail including an attachment file and separating the attachment file from the electronic mail. The attachment is then sent to a remote source and the attachment file is replaced with a substitute file including identifying data for retrieving the attachment file from the remote source. The electronic mail with the substitute file is then forwarded to a receiver.

摘要翻译： 描述了一种用于接收包括附件文件并将附件文件与电子邮件分开的电子邮件的系统和方法。 然后将附件发送到远程源，附件文件将替换为替代文件，包括从远程源检索附件文件的标识数据。 然后将具有替代文件的电子邮件转发给接收者。

公开(公告)号：US06976271B1

公开(公告)日：2005-12-13

申请号：US09665524

申请日：2000-09-19

申请人： Jean-Francois Le Pennec ,  Olivier Hericourt

发明人： Jean-Francois Le Pennec ,  Olivier Hericourt

IPC分类号： G06F11/30 ,  G06F12/14 ,  H04L9/00 ,  H04L9/32

CPC分类号： G06F21/562 ,  G06F21/56 ,  H04L63/0823 ,  H04L63/12 ,  H04L63/145

摘要： A method and system as disclosed for use in a virus-free certificate proxy (107, 801), of retrieving from one or a plurality of virus-free certificate authorities (104, 804) a virus-free certificate (200) certifying that a file is virus-free. The method includes the steps of: receiving (1001) virus-free certificate request for a file; selecting a virus-free certificate authority (104, 804) having authority to generate a virus-free certificate (200) for the file; requesting (1003 . . . 1007) the virus-free certificate to the selected virus-free certificate authority (104, 804); receiving (1003 . . . 1007) from the selected virus-free certificate authority the generated virus-free certificate; sending back (1005) in response to the virus-free certificate request the received virus-free certificate.

摘要翻译： 公开了用于无病毒证书代理（107,801）中的方法和系统，从一个或多个无病毒证书颁发机构（104,804）检索无病毒证书（200），证明该证书 文件是无病毒的。 该方法包括以下步骤：接收（1001）无病毒证书请求文件; 选择具有为文件生成无病毒证书（200）的权限的无病毒证书颁发机构（104,804）; 向所选择的无病毒证书颁发机构（104,804）请求（1003 ... 1007）无病毒证书; 从选定的无病毒认证机构接收（1003 ... 1007）生成的无病毒证书; 发回（1005）回应无病毒证书请求收到的无病毒证书。

公开(公告)号：US06986051B2

公开(公告)日：2006-01-10

申请号：US09753773

申请日：2001-01-02

申请人： Jean-Francois Le Pennec ,  Olivier Hericourt

发明人： Jean-Francois Le Pennec ,  Olivier Hericourt

IPC分类号： H04L9/00 ,  H04L9/32 ,  G06F11/30 ,  G06F12/14

CPC分类号： H04L63/0823 ,  G06F21/562 ,  H04L63/1416 ,  H04L63/145

摘要： The present invention is directed to computer viruses and more particularly to a method and system for use in a virus-free certificate firewall, of controlling and filtering files using a virus-free certificate. An example embodiment of the method comprises the steps of: receiving a file; if a virus-free certificate (200) is required for the file: determining whether the a virus-free certificate is already associated with the file; if a virus-free certificate is already associated with the file: authenticating the associated virus-free certificate, said virus-free certificate comprising a certificate signature; if the virus-free certificate is authenticated, determining whether the file is virus-free or not; if the file is virus-free, forwarding the file with the associated virus-free certificate; if the virus-free certificate is not authenticated or if no virus-free, certificate is associated with the file; determining whether the file is virus-free or not, if the file is virus-free, associating with the file a new virus-free certificate; and forwarding the file with the new virus-free certificate.

摘要翻译： 本发明涉及计算机病毒，更具体地说，涉及一种无病毒证书防火墙中使用无病毒证书来控制和过滤文件的方法和系统。 该方法的示例实施例包括以下步骤：接收文件; 如果文件需要无病毒证书（200）：确定无病毒证书是否已经与文件相关联; 如果无病毒证书已经与文件相关联：认证相关的无病毒证书，则所述无病毒证书包括证书签名; 如果无病毒证书被认证，确定文件是否无病毒; 如果该文件是无病毒的，转发该文件与相关的无病毒证书; 如果无病毒证书未通过身份验证，或者如果没有病毒，证书与该文件相关联; 确定文件是否无病毒，如果该文件是无病毒的，则与该文件相关联的新的无病毒证书; 并使用新的无病毒证书转发文件。

公开(公告)号：US06892303B2

公开(公告)日：2005-05-10

申请号：US09728989

申请日：2000-12-04

申请人： Jean-Francois Le Pennec ,  Olivier Hericourt

发明人： Jean-Francois Le Pennec ,  Olivier Hericourt

IPC分类号： G01N33/00 ,  G06F21/00 ,  G06F21/56 ,  G06F21/64 ,  G06F11/30 ,  G06F12/14

CPC分类号： G06F21/566 ,  G01N33/0034 ,  G06F21/00 ,  G06F21/645

摘要： The present invention relates to computer viruses and more particularly to a method and system for caching anti-virus file certificates. Each anti-virus certificate associated with a file comprises a file signature. The file signature is generated by a virus-free certificate authority, which avoids the system, which receives the file to check this file for all existing viruses. The virus-free certificate authority validates the file against all known viruses, using one or several anti-virus checkers. In case of new viruses, only the virus-free certificate authority is changed and the only process performed by the system receiving the file is to verify the file against the file signature included in the virus-free certificate, and to filter the file according predetermined rules. The present invention drastically simplifies the computing resources for detecting viruses on network devices such as IP Routers and Firewalls.

摘要翻译： 本发明涉及计算机病毒，更具体地说，涉及用于缓存反病毒文件证书的方法和系统。 与文件相关联的每个防病毒证书包括文件签名。 文件签名是由无病毒的证书颁发机构生成的，它避免了系统，该系统收到该文件以检查此文件是否存在所有现有的病毒。 无病毒证书颁发机构使用一个或多个防病毒检查程序对所有已知病毒验证文件。 在新病毒的情况下，只有无病毒的证书颁发机构被更改，接收文件的系统执行的唯一过程是根据无病毒证书中包含的文件签名来验证文件，并根据预定的过滤文件 规则。 本发明大大简化了用于检测诸如IP路由器和防火墙的网络设备上的病毒的计算资源。

公开(公告)号：US08370487B2

公开(公告)日：2013-02-05

申请号：US13396455

申请日：2012-02-14

申请人： Olivier Daude ,  Olivier Hericourt

发明人： Olivier Daude ,  Olivier Hericourt

IPC分类号： G06F15/177

CPC分类号： H04L41/5096 ,  H04L29/12009 ,  H04L41/5012 ,  H04L61/00 ,  H04L67/1002 ,  H04L67/1008 ,  H04L67/1012 ,  H04L67/1029 ,  H04L2029/06054

摘要： A system and computer program product for monitoring and optimizing performance and availability of a Dynamic Host Configuration Protocol (DHCP) service are provided by one or a plurality of DHCP servers in an Internet Protocol (IP) network comprising one or a plurality of IP subnetworks. The system implemented in hardware, comprises a computer infrastructure operable to define one or a plurality of groups of subnetworks, each group of subnetworks comprising one or a plurality of subnetworks. The computer infrastructure is further operable to retrieve information related to resources, in particular IP addresses, allocated within a DHCP server to each group of subnetworks. The computer infrastructure is further operable to transfer the information to a DHCP service monitoring system, the DHCP service monitoring system comprising means for retrieving the information from the one or a plurality of DHCP servers and means for aggregating the information for each group of subnetworks.

摘要翻译： 用于监视和优化动态主机配置协议（DHCP）服务的性能和可用性的系统和计算机程序产品由包括一个或多个IP子网的因特网协议（IP）网络中的一个或多个DHCP服务器提供。 以硬件实现的系统包括可操作地定义一个或多个子网组的计算机基础设施，每组子网包括一个或多个子网络。 计算机基础设施还可操作以从每个子网络组获取与DHCP服务器内分配的资源相关的信息，特别是IP地址。 计算机基础设施还可操作以将信息传送到DHCP服务监控系统，该DHCP服务监控系统包括用于从一个或多个DHCP服务器检索信息的装置以及用于聚合每组子网络的信息的装置。

公开(公告)号：US06892235B1

公开(公告)日：2005-05-10

申请号：US09515780

申请日：2000-02-29

申请人： Olivier Daude ,  Andrew Forth ,  Olivier Hericourt

发明人： Olivier Daude ,  Andrew Forth ,  Olivier Hericourt

IPC分类号： G06F13/00 ,  G06F15/177 ,  G06F17/30 ,  H04L12/24 ,  H04L12/26 ,  H04L12/28 ,  H04L29/06 ,  H04L29/08 ,  G06F15/173

CPC分类号： H04L67/1002 ,  H04L12/2856 ,  H04L41/083 ,  H04L41/0879 ,  H04L41/0886 ,  H04L43/00 ,  H04L43/0817 ,  H04L43/0852 ,  H04L43/12 ,  H04L63/0218 ,  H04L63/0281 ,  H04L67/1008 ,  H04L67/1021 ,  H04L67/1023 ,  H04L67/1029 ,  H04L67/1036

摘要： The present invention relies on dynamic autoproxy configuration and more particularly to a method and system for selecting a Proxy/Socks Server according to some response time and availability criteria. It rests on a dynamic autoproxy mechanism using availability and response time probes. It relies on probes retrieving well known HTML pages through each Proxy/Socks Server, measuring associated response time, detecting Proxy/Socks failures and degradation of response time. It also uses a CGI (Common Gateway Interface) program for dynamically creating autoproxy code (in a preferred embodiment Javascript code) on an autoproxy URL (Universal resource locator) system for selecting said Proxy/Socks Server.

摘要翻译： 本发明依赖于动态自动配置，更具体地说，涉及根据一些响应时间和可用性标准来选择代理/袜子服务器的方法和系统。 它依赖于使用可用性和响应时间探测器的动态自动机制机制。 它依赖于通过每个代理/袜子服务器检索熟悉的HTML页面的测量，测量相关的响应时间，检测代理/袜子故障和响应时间的退化。 它还使用CGI（通用网关接口）程序在自动代理URL（通用资源定位器）系统上动态地创建自动代码（在优选实施例中的Javascript代码），用于选择所述代理/服务器。

公开(公告)号：US07231660B1

公开(公告)日：2007-06-12

申请号：US09696518

申请日：2000-10-25

申请人： Olivier Daude ,  Olivier Hericourt

发明人： Olivier Daude ,  Olivier Hericourt

IPC分类号： G06F7/04 ,  G06F15/177

CPC分类号： H04L63/1441 ,  H04L61/2015

摘要： A method and system for preventing unauthorized dynamic host configuration servers from responding to client configuration requests in an Internet Protocol (IP) network. In accordance with the method of the present invention multiple network clients are simulated within a server checker client. At least one unauthorized dynamic host configuration server is then detected utilizing the server checker client within said IP network. Upon detection of an unauthorized dynamic host configuration server, configuration requests are delivered from the server checker client to the detected unauthorized dynamic configuration server such that the unauthorized dynamic host configuration server is unable to respond to configuration requests from actual network clients.

摘要翻译： 一种用于防止未经授权的动态主机配置服务器响应因特网协议（IP）网络中的客户端配置请求的方法和系统。 根据本发明的方法，在服务器检查客户端内模拟多个网络客户端。 然后使用所述IP网络内的服务器检查客户端来检测至少一个未授权的动态主机配置服务器。 在检测到未经授权的动态主机配置服务器时，将配置请求从服务器检查客户端传送到检测到的未经授权的动态配置服务器，使得未授权的动态主机配置服务器不能响应来自实际网络客户端的配置请求。

公开(公告)号：US20120144033A1

公开(公告)日：2012-06-07

申请号：US13396455

申请日：2012-02-14

申请人： Olivier Daude ,  Olivier Hericourt

发明人： Olivier Daude ,  Olivier Hericourt

IPC分类号： G06F15/173

CPC分类号： H04L41/5096 ,  H04L29/12009 ,  H04L41/5012 ,  H04L61/00 ,  H04L67/1002 ,  H04L67/1008 ,  H04L67/1012 ,  H04L67/1029 ,  H04L2029/06054

摘要： A system and computer program product for monitoring and optimizing performance and availability of a Dynamic Host Configuration Protocol (DHCP) service are provided by one or a plurality of DHCP servers in an Internet Protocol (IP) network comprising one or a plurality of IP subnetworks. The system implemented in hardware, comprises a computer infrastructure operable to define one or a plurality of groups of subnetworks, each group of subnetworks comprising one or a plurality of subnetworks. The computer infrastructure is further operable to retrieve information related to resources, in particular IP addresses, allocated within a DHCP server to each group of subnetworks. The computer infrastructure is further operable to transfer the information to a DHCP service monitoring system, the DHCP service monitoring system comprising means for retrieving the information from the one or a plurality of DHCP servers and means for aggregating the information for each group of subnetworks.

摘要翻译： 用于监视和优化动态主机配置协议（DHCP）服务的性能和可用性的系统和计算机程序产品由包括一个或多个IP子网的因特网协议（IP）网络中的一个或多个DHCP服务器提供。 以硬件实现的系统包括可操作地定义一个或多个子网组的计算机基础设施，每组子网包括一个或多个子网络。 计算机基础设施还可操作以从每个子网络组获取与DHCP服务器内分配的资源相关的信息，特别是IP地址。 计算机基础设施还可操作以将信息传送到DHCP服务监控系统，该DHCP服务监控系统包括用于从一个或多个DHCP服务器检索信息的装置以及用于聚合每组子网络的信息的装置。

公开(公告)号：US08161136B2

公开(公告)日：2012-04-17

申请号：US11696756

申请日：2007-04-05

申请人： Olivier Daude ,  Olivier Hericourt

发明人： Olivier Daude ,  Olivier Hericourt

IPC分类号： G06F15/177

CPC分类号： H04L41/5096 ,  H04L29/12009 ,  H04L41/5012 ,  H04L61/00 ,  H04L67/1002 ,  H04L67/1008 ,  H04L67/1012 ,  H04L67/1029 ,  H04L2029/06054

摘要： A method and system for monitoring and optimizing performance and availability of a Dynamic Host Configuration Protocol (DHCP) service provided by one or a plurality of DHCP servers (602) in an Internet Protocol (IP) network comprising one or a plurality of IP subnetworks. The method comprises in a DHCP server (602) defining one or a plurality of groups of subnetworks, a group of subnetworks comprising one or a plurality of subnetworks; retrieving information related to resources, in particular IP addresses, allocated within said DHCP server to each group of subnetworks; transferring said information to a DHCP service monitoring system (600). The method comprises in a DHCP service monitoring system (403) retrieving (501 to 505) from one or a plurality of DHCP servers (401), information related to resources, in particular IP addresses, allocated within each DHCP server (401) to groups of subnetworks, each group of subnetworks comprising one or a pluarlity of subnetworks and aggregating (506 to 511) the information for each group of subnetworks.

摘要翻译： 一种用于监视和优化由包括一个或多个IP子网络的因特网协议（IP）网络中的一个或多个DHCP服务器（602）提供的动态主机配置协议（DHCP）服务的性能和可用性的方法和系统。 该方法包括定义一个或多个子网组的DHCP服务器（602），包括一个或多个子网络的一组子网络; 将与所述DHCP服务器内分配的资源相关的信息特别是IP地址检索到每组子网络; 将所述信息传送到DHCP服务监视系统（600）。 该方法包括在DHCP服务监视系统（403）中从一个或多个DHCP服务器（401）检索（501至505）与在每个DHCP服务器（401）内分配的资源（特别是IP地址）相关的信息 的子网络，每组子网络包括一个或多个子网络，并且聚合（506至511）每个子网络组的信息。