公开(公告)号：US08613071B2

公开(公告)日：2013-12-17

申请号：US11489414

申请日：2006-07-18

Applicant: Mark Stuart Day ,  Case Larsen ,  Shashidhar Merugu

Inventor： Mark Stuart Day ,  Case Larsen ,  Shashidhar Merugu

IPC: G06F21/00

CPC classification number: H04L9/0825 ,  H04L9/3263 ,  H04L63/0281 ,  H04L63/0428 ,  H04L63/061 ,  H04L63/0823 ,  H04L63/166 ,  H04L2209/56

Abstract: Transaction accelerators can be configured to terminate secure connections. A server-side accelerator intercepts a secure connection request that is from a client and that is directed to a server. The server-side accelerator responds to the secure connection request in place of the server, thereby establishing a secure connection between the client and the server-side accelerator. Alternatively, the server-side accelerator monitors the establishment of a secure connection between the client and the server. After the secure connection has been established, the server-side accelerator forwards security information to a client-side accelerator, enabling the client-side accelerator to assume control of the secure connection. As a result of this arrangement, the client-side accelerator is able to encrypt and decrypt data on the secure connection and accelerate it in cooperation with the server-side accelerator. In a further embodiment, the accelerated traffic between accelerators is carried across the network via another secure connection.

Abstract translation: 可以将事务加速器配置为终止安全连接。 服务器端加速器拦截来自客户机并且被定向到服务器的安全连接请求。 服务器端加速器代替服务器响应安全连接请求，从而在客户端和服务器端加速器之间建立安全连接。 或者，服务器端加速器监视客户机和服务器之间的安全连接的建立。 建立安全连接后，服务器端加速器将安全信息转发给客户端加速器，使客户端加速器能够控制安全连接。 作为这种安排的结果，客户端加速器能够加密和解密安全连接上的数据，并与服务器端加速器协同加速。 在另一实施例中，加速器之间的加速业务通过另一安全连接跨越网络进行。

公开(公告)号：US07865559B1

公开(公告)日：2011-01-04

申请号：US11931158

申请日：2007-10-31

Applicant: Mark Stuart Day

Inventor： Mark Stuart Day

IPC: G06F15/16

CPC classification number: H04M3/53333 ,  H04M3/5307

Abstract: Presently disclosed are apparatus and methods for coordinating the delivery of messages and/or message notifications among multiple messaging media and message services so that the successful delivery of one copy of a message results in the deletion of other, redundant message copies still in transit to the recipient and the cancellation of any other message waiting notifications still pending. The system may be implemented with a network-connected device (such as but not limited to a server, switch, or router) containing or having connected to it a user interface, a coordination server, and a plurality of message services. Embodiments of the invention thus provide message delivery management that is more user-friendly, computationally- and resource-efficient and more adaptable to changing user preferences and user locations/addresses.

Abstract translation: 目前公开的是用于在多个消息媒体和消息服务之间协调消息和/或消息通知的传递的装置和方法，使得成功传递消息的一个副本导致删除仍在传送到的消息副本 收件人和取消任何其他留言等待通知仍在等待。 系统可以使用包含用户界面，协调服务器和多个消息服务的网络连接设备（例如但不限于服务器，交换机或路由器）来实现。 因此，本发明的实施例提供了更加用户友好，计算和资源有效并且更适应于改变用户偏好和用户位置/地址的消息传递管理。

公开(公告)号：US07814542B1

公开(公告)日：2010-10-12

申请号：US10610171

申请日：2003-06-30

Applicant: Mark Stuart Day

Inventor： Mark Stuart Day

IPC: G06F11/00

CPC classification number: G06F21/552 ,  H04L63/1408

Abstract: In an edge network, message traffic between the edge network and a core network passes through the edge router. A port scanning attack directed to the network as a whole (core network) potentially emanates from within the LAN. The edge router includes a network throttling device which identifies and mitigates harmful transmissions such that they do not propagate to the core network. The network throttling device has a connection daemon to scan transactions and determine deviant or atypical connection attempts. A session database stores a transaction history representing a window of previous connection attempts. A pattern detector examines the history and looks for malicious behavior. Identified deviant patterns cause a throttler enforcer to limit the triggering user by restricting future connection attempts, thus mitigating harmful effects. Usage, therefore, is not prevented, but resilience to deviant practices is provided. Accordingly, virus propagation via port scanning is mitigated to a safe level and false alarms targeting legitimate activity are minimized.

Abstract translation: 在边缘网络中，边缘网络和核心网络之间的消息流量通过边缘路由器。 针对整个网络（核心网络）的端口扫描攻击潜在地从LAN内发出。 边缘路由器包括网络限制装置，其识别和减轻有害传输，使得它们不传播到核心网络。 网络限制设备具有连接守护程序来扫描事务并确定异常或非典型的连接尝试。 会话数据库存储表示先前连接尝试的窗口的事务历史。 模式检测器检查历史并查找恶意行为。 识别的异常模式会导致限制执行者通过限制未来的连接尝试来限制触发用户，从而减轻有害影响。 因此，不能防止使用，但是提供了抵御偏差的做法。 因此，通过端口扫描的病毒传播减轻到一个安全的水平，并且最小化针对合法活动的虚假警报。

公开(公告)号：US07587760B1

公开(公告)日：2009-09-08

申请号：US10899393

申请日：2004-07-26

Applicant: Mark Stuart Day

Inventor： Mark Stuart Day

IPC: G06F11/00 ,  G06F12/16 ,  G06F15/18 ,  G08B23/00

CPC classification number: H04L63/12 ,  H04L63/1458 ,  H04L2463/141 ,  H04L2463/144

Abstract: Conventional countermeasures to Distributed Denial of Service (DDoS) attacks typically focus on practices and rules for organizing a robust, DDoS-resilient network which anticipates proactive cooperation of users. Such measures involve widespread implementation cooperation and may be difficult or problematic to enforce in a large organization. Configurations of the invention employ the attacker's technique preventatively against the attack to identify sources likely to be employed for DDoS attacks. Crawlers scan web sites for identifying pages likely to be exploited as launch pads by DDoS attackers. A scanner device dispatches robots for sending probe messages from the launch pads which emulate an actual attack. Each of the probe messages are sent to a known, predetermined destination for determining identifying characteristics of such a message. The identifying characteristics define a signature of messages emanating from the launch pad. Such probe messages are tagged with an identifying field or label, such as a predetermined address. The signatures are then employed for comparison with other incoming message traffic.

Abstract translation: 分布式拒绝服务（DDoS）攻击的常规对策通常侧重于组织一个强大的DDoS弹性网络的实践和规则，预期用户的主动合作。 这种措施涉及广泛的执行合作，在大型组织中执行可能是困难或有问题的。 本发明的配置使用攻击者的技术防止攻击来识别可能用于DDoS攻击的源。 Crawers扫描网站以识别DDoS攻击者可能被利用为发射台的页面。 扫描仪设备调度机器人，用于发送来自发射台的探测消息，模拟实际的攻击。 每个探测消息被发送到已知的预定目的地，用于确定这种消息的识别特征。 识别特征定义了从发射台发出的消息的签名。 这样的探测消息被标记有识别字段或标签，例如预定的地址。 然后将签名用于与其他传入消息业务进行比较。

公开(公告)号：US07403605B1

公开(公告)日：2008-07-22

申请号：US10862927

申请日：2004-06-08

Applicant: Mark Stuart Day

Inventor： Mark Stuart Day

IPC: H04M1/00 ,  H04M3/42

CPC classification number: H04M1/72513 ,  H04M3/4285 ,  H04M2203/2011 ,  H04M2203/554

Abstract: A system and method provide for transferring remote media from a remote media source to a communication or other end device at a time prior to a hold period, which media is usable as local MOH media during a hold period. A system and method further provide for responding to an initiated hold time by replacing remote MOH media with the local MOH media if remote MOH media is received in conjunction with the hold period.

Abstract translation: 系统和方法提供了在保持时段之前的时间将远程媒体从远程媒体源传送到通信或其他终端设备，哪个媒体在保持期间可用作本地MOH媒体。 如果远程MOH媒体与保持期结合，则系统和方法进一步提供用于通过用本地MOH媒体替换远程MOH媒体来响应发起的保持时间。

公开(公告)号：US07376198B2

公开(公告)日：2008-05-20

申请号：US10659484

申请日：2003-09-10

Applicant: Mark Stuart Day

Inventor： Mark Stuart Day

IPC: H04L27/04 ,  H04N7/10

CPC classification number: H04L12/18 ,  H04L63/12

Abstract: A transmitter device of the content distribution system transmits content portions of a content message to a receiver device using respective multicast channels within a network. In such an arrangement, by using multiple multicast channels for transmission of the content portions forming the content message, the transmitter device limits the ability for an unauthorized user, monitoring a particular multicast channel, to distinguishing the content portions from noise or to retrieve the complete content message from the transmitter device, thereby providing security to the content message. Furthermore, the content distribution system utilizes multicast channels within a network to deliver the content portions to all receiver devices in communication with the network, thereby minimizing the power requirements needed by the transmitter device to deliver the content portions to a receiver device farthest from the transmitter device.

Abstract translation: 内容分发系统的发射机设备使用网络内的各个多播信道将内容消息的内容部分发送到接收机设备。 在这种布置中，通过使用多个多播信道来传输形成内容消息的内容部分，发射机设备限制未授权用户的能力，监视特定多播信道，以区分内容部分与噪声或检索完整的 内容消息，从而为内容消息提供安全性。 此外，内容分发系统利用网络内的多播信道将内容部分传递到与网络通信的所有接收机设备，从而最小化发射机设备所需的功率需求，以将内容部分传送到离发射机最远的接收机设备 设备。

公开(公告)号：US07302270B1

公开(公告)日：2007-11-27

申请号：US10909946

申请日：2004-08-02

Applicant: Mark Stuart Day

Inventor： Mark Stuart Day

IPC: H04Q7/20

CPC classification number: H04L67/24

Abstract: A method, apparatus and computer program product for performing time interval processing and annotation in presence systems includes obtaining presence information attributes relating to a presentity. The presence information for the presentity is modified with presence information attributes to provide annotated presence information for the presentity. The annotated presence information is then forwarded to at least one subscriber.

Abstract translation: 用于在存在系统中执行时间间隔处理和注释的方法，装置和计算机程序产品包括获得与存在体相关的存在信息属性。 用存在信息属性修改呈现体的呈现信息，以提供呈现体的注释存在信息。 然后将注释的呈现信息转发到至少一个订户。

公开(公告)号：US08380825B2

公开(公告)日：2013-02-19

申请号：US12825296

申请日：2010-06-28

Applicant: Kand Ly ,  Maksim Ioffe ,  Alfred Landrum ,  Mark Stuart Day

Inventor： Kand Ly ,  Maksim Ioffe ,  Alfred Landrum ,  Mark Stuart Day

IPC: G06F15/177

CPC classification number: H04L69/16 ,  H04L67/1002 ,  H04L67/1023 ,  H04L67/28 ,  H04L67/2876 ,  H04L67/288 ,  H04L69/163

Abstract: Network devices include proxies and where multiple proxies are present on a network, they can probe to determine the existence of other proxies. Where more than two proxies are present and thus different proxy pairings are possible, the proxies are programmed to determine which proxies should form a proxy pair. Marked probe packets are used by proxies to discover each other and probing is done such a connection can be eventually formed even if some probe packets fail due to the marking. Asymmetric routing can be detected and proxies configured for connection forwarding as necessary.

Abstract translation: 网络设备包括代理，网络中存在多个代理，它们可以探测以确定其他代理的存在。 如果存在两个以上的代理，因此不同的代理配对是可能的，则代理被编程以确定哪些代理应当形成代理对。 代理使用标记的探测数据包来发现对方，并且探测完成，即使某些探测包由于标记失败，也可能最终形成这样的连接。 可以检测到非对称路由，并根据需要配置代理连接转发。

公开(公告)号：US07756913B1

公开(公告)日：2010-07-13

申请号：US10909663

申请日：2004-08-02

Applicant: Mark Stuart Day

Inventor： Mark Stuart Day

IPC: G06F17/20 ,  G06F15/16

CPC classification number: H04L67/306 ,  H04L67/2842 ,  H04L67/36

Abstract: A GUI and CDN server device provide user modifiable selections of preferences for delivery treatment, and map the user selections to technical operational parameters in the CDN servers for effecting the requested delivery treatment. Users typically find it beneficial to interact with a file (content) entity in terms of the user visible delivery treatment. The server device provides the ability to define the delivery treatment according to the manner in which the user finds most beneficial. However, the CDN operational parameters for effecting such delivery are not readily available or understood by a typical user. Using the GUI, the CDN server identifies a content entity, and receives at least one user selection variable indicative of delivery treatment of the identified content entity. A correlator maps the received user selections to operational parameters according a set of rules, and a delivery engine effects delivery of the content entity according to the mapped operational parameters to provide delivery results according to the preferred delivery treatment.

Abstract translation: GUI和CDN服务器设备提供用户可修改的用于递送治疗的偏好选择，并将用户选择映射到CDN服务器中的技术操作参数，以实现所请求的递送处理。 用户通常认为在用户可见的传递处理方面与文件（内容）实体进行交互是有益的。 服务器设备提供根据用户最有利的方式定义传送处理的能力。 然而，用于实现这种传送的CDN操作参数不是一般用户容易获得或理解的。 使用GUI，CDN服务器识别内容实体，并且接收指示所识别的内容实体的递送处理的至少一个用户选择变量。 相关器根据一组规则将接收到的用户选择映射到操作参数，并且传递引擎根据映射的操作参数来影响内容实体的传递，以根据优选的传递处理来提供传送结果。

公开(公告)号：US07305069B1

公开(公告)日：2007-12-04

申请号：US10894931

申请日：2004-07-20

Applicant: Mark Stuart Day

Inventor： Mark Stuart Day

IPC: H04M11/06

CPC classification number: H04M3/53333 ,  H04M3/5307

Abstract: Presently disclosed are apparatus and methods for coordinating the delivery of messages and/or message notifications among multiple messaging media and message services so that the successful delivery of one copy of a message results in the deletion of other, redundant message copies still in transit to the recipient and the cancellation of any other message waiting notifications still pending. The system may be implemented with a network-connected device (such as but not limited to a server, switch, or router) containing or having connected to it a user interface, a coordination server, and a plurality of message services. Embodiments of the invention thus provide message delivery management that is more user-friendly, computationally- and resource-efficient and more adaptable to changing user preferences and user locations/addresses.

Abstract translation: 目前公开的是用于在多个消息媒体和消息服务之间协调消息和/或消息通知的传递的装置和方法，使得成功传递消息的一个副本导致删除仍在传送到的消息副本 收件人和取消任何其他留言等待通知仍在等待。 系统可以使用包含用户界面，协调服务器和多个消息服务的网络连接设备（例如但不限于服务器，交换机或路由器）来实现。 因此，本发明的实施例提供了更加用户友好，计算和资源有效并且更适应于改变用户偏好和用户位置/地址的消息传递管理。