公开(公告)号：US09350801B2

公开(公告)日：2016-05-24

申请号：US13927892

申请日：2013-06-26

Applicant: Amazon Technologies, Inc.

Inventor： Vishal Parakh ,  Diwakar Chakravarthy ,  Antoun Joubran Kanawati ,  Mukul Vijay Karnik

IPC: G06F15/16 ,  H04L29/08

CPC classification number: H04L67/1004 ,  H04L67/1008

Abstract: Processes and systems are disclosed for leasing a consumer system access to a producer system. The consumer system can communicate with a set of leasing agents to obtain the identity of a number of producer systems capable of providing the consumer system with access to a service. Each leasing agent may provide the consumer system with access to a producer system for a period of time. If the consumer system requires further access to a particular producer system, the consumer system can request renewal of the lease from the leasing agent that provided the initial lease of the producer system to the consumer system.

Abstract translation: 公开了用于租用消费者系统访问生产者系统的过程和系统。 消费者系统可以与一组租赁代理进行通信，以获得能够向消费者系统提供对服务的访问的多个生产者系统的身份。 每个租赁代理可以向消费者系统提供对生产者系统的访问一段时间。 如果消费者系统需要对特定生产者系统的进一步访问，则消费者系统可以向提供给生产者系统的初始租赁的租赁代理机构请求对租赁的更新。

公开(公告)号：US20160142302A1

公开(公告)日：2016-05-19

申请号：US14940566

申请日：2015-11-13

Applicant: HITACHI, LTD.

Inventor： Takashige BABA ,  Akihiko TAKASE ,  Kazuma YUMOTO ,  Tatsuhiko MIYATA

IPC: H04L12/713 ,  H04L29/06 ,  H04L29/08

CPC classification number: H04L45/586 ,  H04L12/4633 ,  H04L12/4641 ,  H04L12/5692 ,  H04L45/54 ,  H04L63/08 ,  H04L67/1004 ,  H04L67/42 ,  H04Q1/00 ,  H04Q3/0008 ,  H04Q11/00 ,  H04Q2213/13531 ,  Y10S379/901

Abstract: There is provided a load distribution function that enables an application of a user to be freely allocated to a machine even if an address of a terminal or the application used by the user is duplicated between VPNs for each user. An access detector of a machine allocation device detects a start packet from received communication packets, and determines the type of the start packet and the type of the application used by the terminal. A machine allocation manager determines a machine on which the determined application operates, and operates the machine. A network manager configures a user virtual network on a second virtual network between the determined machine and the machine allocation device.

Abstract translation: 提供了一种负载分布功能，即使用户的地址或用户使用的应用在每个用户的VPN之间复制，也能够将用户的应用自由分配给机器。 机器分配装置的访问检测器从接收到的通信分组检测起始分组，并确定起始分组的类型和终端使用的应用的类型。 机器分配管理器确定确定的应用程序在其上操作的机器，并操作机器。 网络管理器在确定的机器和机器分配设备之间的第二虚拟网络上配置用户虚拟网络。

公开(公告)号：US09336053B2

公开(公告)日：2016-05-10

申请号：US14289756

申请日：2014-05-29

Applicant: International Business Machines Corporation

Inventor： Charles J. Archer ,  Nysal Jan K.A. ,  Sameh S. Sharkawi

IPC: G06F9/46 ,  G06F9/50 ,  H04L12/751 ,  H04L29/08

CPC classification number: G06F9/50 ,  G06F9/5061 ,  G06F9/5066 ,  G06F9/5088 ,  H04L45/02 ,  H04L45/48 ,  H04L67/10 ,  H04L67/1004

Abstract: Constructing a logical tree topology in a parallel computer that includes compute nodes, where each node executes a number of tasks and at least one node executes a number of tasks different from another node includes: identifying a compute node executing a greatest number of tasks; selecting, as a global root, a task from the identified compute node, including assigning the task as a local root of the identified compute node and assigning each of the other tasks of the identified compute node as a child of the local root; selecting, from each of the other compute nodes, one task to be a local root, including assigning each task other than the local root as a child of the local root; and assigning each local root of the other compute nodes to be a child of one of the tasks of the identified compute node other than the global root.

公开(公告)号：US20160119382A1

公开(公告)日：2016-04-28

申请号：US14987076

申请日：2016-01-04

Applicant: A10 Networks, Inc.

Inventor： Lee Chen ,  Dennis Oshiba ,  John Chiong

IPC: H04L29/06

CPC classification number: H04L63/0263 ,  G06F21/00 ,  G06F21/44 ,  H04L12/66 ,  H04L51/04 ,  H04L63/02 ,  H04L63/0227 ,  H04L63/0236 ,  H04L63/0245 ,  H04L63/0254 ,  H04L63/029 ,  H04L63/0407 ,  H04L63/08 ,  H04L63/10 ,  H04L63/102 ,  H04L63/105 ,  H04L63/164 ,  H04L63/168 ,  H04L63/20 ,  H04L63/30 ,  H04L65/1026 ,  H04L67/10 ,  H04L67/1004 ,  H04L67/104 ,  H04L67/141 ,  H04L67/22 ,  H04L67/306 ,  H04L67/42 ,  H04L69/28 ,  H04L69/329 ,  H04M1/72547 ,  H04W12/00

Abstract: Applying a security policy to an application session, includes: recognizing the application session between a network and an application via a security gateway; determining by the security gateway a user identity of the application session using information about the application session; obtaining by the security gateway the security policy comprising network parameters mapped to the user identity; and applying the security policy to the application session by the security gateway. The user identity may be a network user identity or an application user identity recognized from packets of the application session. The security policy may comprise a network traffic policy mapped and/or a document access policy mapped to the user identity, where the network traffic policy is applied to the application session. The security gateway may further generate a security report concerning the application of the security policy to the application session.

Abstract translation: 将安全策略应用于应用程序会话包括：通过安全网关识别网络和应用程序之间的应用程序会话; 使用关于应用会话的信息由安全网关确定应用会话的用户身份; 由安全网关获取包括映射到用户身份的网络参数的安全策略; 并将安全策略应用于安全网关的应用会话。 用户身份可以是从应用会话的分组识别的网络用户身份或应用用户身份。 安全策略可以包括被映射的网络流量策略和/或映射到用户身份的文档访问策略，其中将网络流量策略应用于应用会话。 安全网关还可以生成关于安全策略应用于应用会话的安全报告。

公开(公告)号：US20160119279A1

公开(公告)日：2016-04-28

申请号：US14924121

申请日：2015-10-27

Applicant: Level 3 Communications, LLC

Inventor： Joel C. Maslak ,  Joseph C. Lawrence

IPC: H04L29/12 ,  H04L29/08

CPC classification number: H04L67/18 ,  H04L61/1511 ,  H04L61/609 ,  H04L67/1004

Abstract: Aspects of the present disclosure involve a CDN utilizing a Direct Server Return (DSR) request command to create a tunnel from one content server to another content server of the CDN. Through the DSR tunnel, a request for content may be served from a content server that is more advantageous for the CDN for any number of reasons, such as from a content server that is logically closer to the content server. In determining when a DSR tunnel is created to provide the content, the CDN may access a database storing various information concerning the CDN, such as the location of egress gateways of the CDN in relation to one or more content servers, connecting network location information, the capabilities of one or more content servers, and/or load information of available content servers.

Abstract translation: 本公开的方面涉及使用直接服务器返回（DSR）请求命令的CDN来创建从一个内容服务器到CDN的另一内容服务器的隧道。 通过DSR隧道，可以从内容服务器向内容服务器提供对于CDN更有利的任何数量的原因，例如从逻辑上更靠近内容服务器的内容服务器。 在确定何时创建DSR隧道以提供内容时，CDN可以访问存储有关CDN的各种信息的数据库，诸如CDN的出口网关相对于一个或多个内容服务器的位置，连接网络位置信息， 一个或多个内容服务器的功能，和/或可用内容服务器的加载信息。

公开(公告)号：US20160094408A1

公开(公告)日：2016-03-31

申请号：US14868050

申请日：2015-09-28

Applicant: ORACLE INTERNATIONAL CORPORATION

Inventor： SRINIVASA SEGU

IPC: H04L12/24 ,  H04L29/08 ,  H04L29/06

CPC classification number: H04L41/0843 ,  H04L41/0893 ,  H04L41/12 ,  H04L67/1004 ,  H04L67/327

Abstract: In accordance with an embodiment, described herein is a system and method for supporting Enterprise Java Bean (EJB) and other application types in a multitenant application server environment. The system includes an application server domain with a plurality of partitions, an EJB application, and a plurality of partition-aware server components that interact with the EJB container. The EJB application includes partition-specific code deployed as a separate instance to each partition, and shareable resources across two or more partitions. The system can additionally delegate resource-heavy processing functions of each EJB application to one or more of the server components. At runtime, the system receives a request for an EJB application in a particular partition, and creates an object to hold information of the particular partition. The server components, when invoked by the EJB container, obtains the partition information and execute in a context of the particular partition.

Abstract translation: 根据一个实施例，这里描述的是用于在多租户应用服务器环境中支持企业Java Bean（EJB）和其他应用类型的系统和方法。 该系统包括具有多个分区的应用服务器域，EJB应用以及与EJB容器交互的多个分区感知服务器组件。 EJB应用程序包括部署为每个分区的单独实例的分区特定代码，以及跨两个或多个分区的可共享资源。 该系统还可以将每个EJB应用程序的资源繁重的处理功能委托给一个或多个服务器组件。 在运行时，系统在特定分区中接收到EJB应用程序的请求，并创建一个对象来保存特定分区的信息。 服务器组件在由EJB容器调用时获取分区信息并在特定分区的上下文中执行。

公开(公告)号：US09282142B1

公开(公告)日：2016-03-08

申请号：US13174213

申请日：2011-06-30

Applicant: David Wareing Barker, Jr. ,  Daniel J. Fregeau ,  Todd Michael Lauinger

Inventor： David Wareing Barker, Jr. ,  Daniel J. Fregeau ,  Todd Michael Lauinger

IPC: G06F15/173 ,  H04L29/08

CPC classification number: H04L67/10 ,  G06F9/45558 ,  G06F2009/4557 ,  H04L12/4625 ,  H04L12/4633 ,  H04L67/1004

Abstract: This disclosure relates to a system for operating virtual datacenters. The disclosure describes a system in which virtual datacenters may be self contained logical units. These units may contain workloads comprising one or more virtual machines. This can allow for enhanced portability to a variety of hosting environments, and may allow the virtual datacenters to be transferred between environments. Virtual datacenters may be in communication with a gateway server prior to transfer, and may maintain this communication following the transfer.

Abstract translation: 本公开涉及用于操作虚拟数据中心的系统。 本公开描述了虚拟数据中心可以是自包含逻辑单元的系统。 这些单元可以包含包括一个或多个虚拟机的工作负载。 这可以允许增强对各种托管环境的便携性，并且可以允许虚拟数据中心在环境之间传送。 在传输之前，虚拟数据中心可以与网关服务器通信，并且可以在传输之后保持该通信。

公开(公告)号：US09276907B1

公开(公告)日：2016-03-01

申请号：US14947844

申请日：2015-11-20

Applicant: Fortinet, Inc.

Inventor： Joe Mihelich ,  Son Pham ,  Jun Li

IPC: H04L29/06 ,  G06F21/00 ,  H04L29/08

CPC classification number: H04L63/0236 ,  G06F17/30589 ,  G06F17/30952 ,  H04L45/74 ,  H04L47/125 ,  H04L47/196 ,  H04L47/726 ,  H04L49/354 ,  H04L61/2007 ,  H04L63/02 ,  H04L63/0218 ,  H04L63/0227 ,  H04L63/0272 ,  H04L63/029 ,  H04L63/1408 ,  H04L63/1458 ,  H04L67/1002 ,  H04L67/1004 ,  H04L67/1027 ,  H04L67/142

Abstract: Methods and systems for balancing load among firewall security devices (FSDs) are provided. According to one embodiment, session data, including session entries representing previously established traffic sessions from a particular source to a particular destination and forming an association between the previously established session and a particular FSD, is maintained for each port of a session-aware switching device. When a TCP SYN packet is received, the switching device: (i) reduces its vulnerability to a DoS attack by foregoing installation of a forward session entry for the forward traffic session within the session data until a processed TCP SYN/ACK packet associated with the corresponding reverse traffic session is received; (ii) selects an FSD to associate with the forward traffic session and a corresponding reverse traffic session by performing a load balancing function on the TCP SYN packet; and (iii) causes the TCP SYN packet to be processed by the selected FSD.

Abstract translation: 提供了在防火墙安全设备（FSD）之间平衡负载的方法和系统。 根据一个实施例，维持会话数据，包括表示从特定源到特定目的地的先前建立的业务会话并且形成先前建立的会话与特定FSD之间的关联的会话条目，用于会话感知交换设备的每个端口 。 当接收到TCP SYN分组时，交换设备：（i）通过前面安排会话数据内的前向业务会话的前向会话条目来减少其对DoS攻击的脆弱性，直到与该SYN数据包相关联的处理的TCP SYN / ACK分组 接收相应的反向业务会话; （ii）通过在TCP SYN分组上执行负载均衡功能，选择与前向流量会话关联的FSD和相应的反向流量会话; 和（iii）使所述TCP SYN分组由所选择的FSD进行处理。

公开(公告)号：US09263046B2

公开(公告)日：2016-02-16

申请号：US13854862

申请日：2013-04-01

Applicant: nVoq Incorporated

Inventor： Richard Beach ,  Christopher Butler ,  Jon Ford ,  Brian Marquette ,  Christopher Omland

IPC: G10L15/30 ,  G10L15/26 ,  H04L29/08

CPC classification number: G10L15/26 ,  G10L15/30 ,  H04L67/1004 ,  H04L67/1027 ,  H04L67/28 ,  H04L67/2842 ,  H04L67/306

Abstract: A distributed dictation/transcription system is provided. The system provides a dictation manager having a data port to receive and transmit audio signals. The dictation manager includes a dictation server selector to a dictation server to transcribe the audio based on whether the dictation server already has a user profile uploaded.

Abstract translation: 提供分布式听写/转录系统。 该系统提供了具有用于接收和发送音频信号的数据端口的听写管理器。 听写管理器包括听写服务器选择器到听写服务器，以基于听写服务器是否已经上传了用户简档来转录音频。

公开(公告)号：US09253144B2

公开(公告)日：2016-02-02

申请号：US13334112

申请日：2011-12-22

Applicant: David A. Christenson ,  James Venuto

Inventor： David A. Christenson ,  James Venuto

IPC: H04L29/06 ,  H04L29/12 ,  H04L29/08

CPC classification number: H04L61/2015 ,  H04L29/06047 ,  H04L61/20 ,  H04L61/2061 ,  H04L67/1004 ,  H04L67/1008 ,  H04L67/1023 ,  H04L67/1036

Abstract: Techniques are described for load balancing between DHCP servers at a DHCP client. Embodiments receive load information from each of two or more DHCP servers. Here, the load information describes a current workload of the respective DHCP server from which the load information is received. One of the two or more DHCP servers is then selected at the DHCP client based on the received load information. Additionally, embodiments accept an IP address offer from the selected DHCP server.