公开(公告)号：US11792151B2

公开(公告)日：2023-10-17

申请号：US17507548

申请日：2021-10-21

Applicant: VMware, Inc.

Inventor： Tejas Sanjeev Panse ,  Aditi Vutukuri ,  Arnold Koon-Chee Poon ,  Rajiv Mordani ,  Margaret Petrus

IPC: H04L61/10 ,  H04L61/2521 ,  H04L61/5053 ,  H04L61/256

CPC classification number: H04L61/10 ,  H04L61/2521 ,  H04L61/2571 ,  H04L61/5053

Abstract: Some embodiments provide a method for identifying security threats to a datacenter. The method receives flow attribute sets for multiple flows from multiple host computers in the datacenter on which data compute nodes (DCNs) execute. Each flow attribute set indicates at least a source DCN for the flow. The method identifies flow attribute sets that correspond to DCNs responding to name resolution requests. For each DCN of a set of DCNs executing on the host computers, the method determines whether the DCN has sent responses to name resolution requests in a manner that deviates from a historical baseline for the DCN based on the identified flow attribute sets. When a particular DCN has sent responses to name resolution requests in a manner that deviates from a historical baseline for the particular DCN, the method identifies the particular DCN as a security threat to the datacenter.

公开(公告)号：US11757712B1

公开(公告)日：2023-09-12

申请号：US18057196

申请日：2022-11-18

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Ramakrishnan Thanabalan

IPC: G06F15/173 ,  H04L41/0806 ,  H04L61/10

CPC classification number: H04L41/0806 ,  H04L61/10

Abstract: Techniques are provided for configuring management IP addresses to network devices in a data center that have management capabilities. Based on a received request to configure a managed network device in a network, a first connection is established between a management station and a managed switch to which the managed network device is connected. A network identifier of the managed network device is retrieved from the managed switch using the established first connection. Using the retrieved network identifier, a link-local address of the managed network device is derived. A second connection is established between the management station and the managed network device based on the derived link-local address. The management IP addresses of the managed network device are configured using the second connection.

公开(公告)号：US11757652B2

公开(公告)日：2023-09-12

申请号：US17032157

申请日：2020-09-25

Applicant: Wickr Inc.

Inventor： Joël Alwen ,  Thomas Michael Leavy ,  Christopher A. Howell

IPC: H04L29/06 ,  H04L9/32 ,  H04L9/30 ,  H04L61/10 ,  H04L61/3015 ,  H04L9/08

CPC classification number: H04L9/3247 ,  H04L9/088 ,  H04L9/30 ,  H04L61/10 ,  H04L61/3025

Abstract: A decentralized system for securely registering, updating, and/or resolving domain names in a distributed ledger is disclosed. The distributed ledger may comprise a smart contract that includes a look-up table that maps network names to network addresses and/or one or more keys. The smart contract may verify whether any updates and/or changes made to an entry in the look-up table are cryptographically authorized. Additionally, the smart contract may enforce any additional policies implemented by a domain administrator for authenticating changes and/or updates to a domain name entry. The unique combination of storing domain information in a decentralized ledger and validating changes and/or updates to the domain information provides a decentralized root of trust that allows for secure queries of network names (e.g., domain name) for secure cross-entity communications.

公开(公告)号：US20230275867A1

公开(公告)日：2023-08-31

申请号：US17682542

申请日：2022-02-28

Applicant: Charter Communications Operating, LLC

Inventor： Luca Martini ,  Erez Jordan Gottlieb

IPC: H04L61/2503 ,  H04L61/10 ,  H04L101/659 ,  H04L9/40 ,  H04L69/22

CPC classification number: H04L61/2503 ,  H04L61/10 ,  H04L61/6059 ,  H04L63/0892 ,  H04L69/22

Abstract: Methods and systems for providing differentiated network services using Mapping of Address and Port using translation (MAP-T) technology are described. A method includes provisioning a service specific IPv6 network prefix and a service specific basic mapping rule to an access device, the service specific IPv6 network prefix associated with a differentiated network service level, provisioning a service specific mapping rule to a border relay, identifying by the access device service packets associated with the differentiated network service level, translating by the access device the identified service packets to the service specific IPv6 network prefix using the service specific basic mapping rule to generate service specific packets, forwarding the service specific packets to the border relay via a service provider network, translating return packets to service specific return packets using the service specific mapping rule, and forwarding the service specific return packets to the access device.

公开(公告)号：US11734186B2

公开(公告)日：2023-08-22

申请号：US17525832

申请日：2021-11-12

Applicant: PURE STORAGE, INC.

Inventor： John Hayes ,  Par Botes ,  Robert Lee ,  Peter Vajgel

IPC: G06F12/10 ,  H04L41/0806 ,  H04L41/02 ,  H04L61/10 ,  H04L61/5007 ,  G06F9/50 ,  H04L61/103 ,  H04L12/46 ,  G06F3/06 ,  H04L61/5038 ,  H04L101/622

CPC classification number: G06F12/10 ,  G06F9/5077 ,  H04L41/02 ,  H04L41/0806 ,  H04L61/10 ,  G06F3/0662 ,  G06F3/0664 ,  G06F3/0665 ,  H04L12/4641 ,  H04L61/103 ,  H04L61/5007 ,  H04L61/5038 ,  H04L2101/622

Abstract: A method for preserving a media access control (MAC) address of a virtual server is provided. The method includes assigning a physical computing resource to a virtual server, assigning a physical storage memory resource to the virtual server, and assigning a physical network resource to the virtual server. The method includes assigning a virtual MAC address to the virtual server, the virtual MAC address to remain with the virtual server despite reassignment of one or more of the physical computing resource, the physical storage memory resource or the physical network resource, wherein at least one method operation is performed by a processor. A computing and storage system is also provided.

公开(公告)号：US20230252324A1

公开(公告)日：2023-08-10

申请号：US18301811

申请日：2023-04-17

Applicant: Bombora, Inc.

Inventor： Erik G. Matlick ,  Robert James Armstrong ,  Benny Lin ,  Nicholaus Eugene Halecky ,  Will Kurt ,  Nishann Mann ,  Julia Kruk

IPC: G06N5/04 ,  G06N20/00 ,  H04L61/10 ,  H04L61/3015 ,  H04L61/5007

CPC classification number: G06N5/04 ,  G06N20/00 ,  H04L61/10 ,  H04L61/3025 ,  H04L61/5007

Abstract: An IP-to-Domain (IP2D) resolution system predicts which domain is most likely associated with an IP address. The resolution system generates unique source vote features (FSV) from (IP, domain, source) data. The FSV features are used to train a machine learning model that predicts which domain is most likely associated with an IP address. The domain predictions can then be used to more efficiently process events, more accurately calculate consumption scores, and more accurately detect associated company surges.

公开(公告)号：US11700230B1

公开(公告)日：2023-07-11

申请号：US17220666

申请日：2021-04-01

Applicant: VERISIGN, INC.

Inventor： Eric Osterweil ,  Ashvatth Lakshmanan

IPC: H04L61/4511 ,  H04L61/10 ,  H04L61/30

CPC classification number: H04L61/4511 ,  H04L61/10 ,  H04L61/30

Abstract: In one embodiment, a domain name system (DNS) server processes a DNS query based on a policy statement that is attached to the DNS query. Upon receiving the DNS query, the DNS server executes one or more commands specified in the policy statement to generate a query state. The query state controls DNS resolution behavior that the DNS server implements as part of processing the DNS query. The DNS server then performs one or more DNS resolution operations based on DNS query and the query state to generate a response. Advantageously, because the semantics of the policy statement are encapsulated within the policy statement, the policy statement enables a client to unambiguously control DNS resolution behavior. By contrast, conventional DNS resolution guidance mechanisms that rely on DNS servers to infer policies based on client data may not reflect the preferences of the clients.

公开(公告)号：US11695583B2

公开(公告)日：2023-07-04

申请号：US17464806

申请日：2021-09-02

Applicant: ORACLE INTERNATIONAL CORPORATION

Inventor： Bjørn Dag Johnsen ,  Line Holen ,  Dag Georg Moxnes

IPC: H04L41/14 ,  H04L41/0853 ,  H04L41/0893 ,  H04L49/356 ,  H04L12/18 ,  H04L41/00 ,  H04L45/48 ,  G06F16/22 ,  H04L61/103 ,  H04L61/5069 ,  H04L45/16 ,  H04L47/36 ,  H04L49/15 ,  G06F9/455 ,  H04L45/021 ,  H04L67/10 ,  H04L49/201 ,  H04L61/10 ,  H04L69/18 ,  H04L101/668 ,  H04L101/622 ,  H04L49/00

CPC classification number: H04L12/185 ,  G06F9/45558 ,  G06F16/2255 ,  H04L12/1886 ,  H04L41/0853 ,  H04L41/0893 ,  H04L41/14 ,  H04L41/30 ,  H04L45/021 ,  H04L45/16 ,  H04L45/48 ,  H04L47/36 ,  H04L49/15 ,  H04L49/201 ,  H04L49/356 ,  H04L49/357 ,  H04L49/358 ,  H04L61/10 ,  H04L61/103 ,  H04L61/5069 ,  H04L67/10 ,  H04L69/18 ,  G06F2009/4557 ,  G06F2009/45595 ,  H04L49/30 ,  H04L2101/622 ,  H04L2101/668

Abstract: Systems and methods for InfiniBand fabric optimizations to minimize SA access and startup failover times. A system can comprise one or more microprocessors, a first subnet, the first subnet comprising a plurality of switches, a plurality of host channel adapters, a plurality of hosts, and a subnet manager, the subnet manager running on one of the one or more switches and the plurality of host channel adapters. The subnet manager can be configured to determine that the plurality of hosts and the plurality of switches support a same set of capabilities. On such determination, the subnet manager can configure an SMA flag, the flag indicating that a condition can be set for each of the host channel adapter ports.

公开(公告)号：US20230179670A1

公开(公告)日：2023-06-08

申请号：US17965528

申请日：2022-10-13

Applicant: LIFE IN MOBILE INNOVATIONS, INC.

Inventor： JOHN W. LIM ,  JOHN M. PACKES

IPC: H04L67/52 ,  G06F16/955 ,  H04W4/14 ,  H04W4/021 ,  G06Q30/0241 ,  G06Q30/0207 ,  H04W4/02 ,  H04L61/10 ,  H04W12/63 ,  H04L51/222 ,  H04L67/563

CPC classification number: H04L67/52 ,  G06F16/9554 ,  G06F16/9558 ,  G06Q30/0207 ,  G06Q30/0277 ,  H04L51/222 ,  H04L61/10 ,  H04L67/563 ,  H04W4/02 ,  H04W4/14 ,  H04W4/021 ,  H04W12/63

Abstract: QR codes or the like are used in hardlink applications, by which different users may receive different information in response to a user’s interaction with a touchpoint. The content delivered to a particular user in response to a hardlink code or a presented hyperlink may be dependent on the time of the scan, the geographic location of the user, a weather condition at the geographical location, personal information associated with the user, a number of previous scans of the code by prior individuals, and any combination of the these or other variables, which may be determined by an originator of the QR code or other party. User devices may be re-directed to alternate content or network addresses based on one or more programmed conditions.

公开(公告)号：US20230164109A1

公开(公告)日：2023-05-25

申请号：US17534904

申请日：2021-11-24

Applicant: Oracle International Corporation

Inventor： Jay Rajput ,  Amarnath Jayaramachar ,  Virendra Singh

IPC: H04L61/4511 ,  H04L41/50 ,  H04L61/10 ,  H04L41/5054 ,  H04L61/5076

CPC classification number: H04L61/1511 ,  H04L41/5058 ,  H04L61/10 ,  H04L41/5054 ,  H04L61/2076

Abstract: A method for automatic domain name system (DNS) configuration for 5G core (5GC) network functions (NFs) includes, at an NF repository function (NRF) including at least one processor, receiving a message concerning a 5GC network function. The method further includes determining a first DNS resource record parameter for the 5GC NF. The method further includes determining a second DNS resource record parameter for the 5GC NF. The method further includes automatically configuring a DNS with a mapping between the first and second DNS resource record parameters for the 5GC NF.