公开(公告)号：US09038162B2

公开(公告)日：2015-05-19

申请号：US13532593

申请日：2012-06-25

申请人： Costin Hagiu ,  Elton Saul ,  Rajneesh Mahajan ,  Sergey A. Kuzin ,  Joy Chik ,  John E. Parsons ,  Ashwin Palekar ,  Ara Bernardi

发明人： Costin Hagiu ,  Elton Saul ,  Rajneesh Mahajan ,  Sergey A. Kuzin ,  Joy Chik ,  John E. Parsons ,  Ashwin Palekar ,  Ara Bernardi

IPC分类号： G06F21/00 ,  H04L29/06 ,  G06F21/42 ,  G06F21/60 ,  H04L29/08

CPC分类号： H04L63/0823 ,  G06F21/42 ,  G06F21/606 ,  G06F2221/2107 ,  H04L67/14 ,  H04L67/141

摘要： Implementations of the present invention efficiently establish secure connections between a client and server, at least in part by authenticating the client and server early on in the connection setup phases. A client initiating a connection with a server identifies the secure communication protocols enabled at the client, and identifies these protocols in a connection request it sends to the server. The server processes the message and responds with a communication protocol it deems appropriate for the connection. The client and server then exchange appropriate authentication information, and then establish a connection session that implements the chosen communication protocol, and encrypts messages using the negotiated communication protocol. Additional implementations relate to reestablishing dropped connections behind virtual Internet Protocol addresses, without necessarily having to recommit much connection resource overhead.

摘要翻译： 本发明的实施方式至少部分地通过在连接建立阶段早期认证客户端和服务器来有效地建立客户端和服务器之间的安全连接。 发起与服务器的连接的客户端识别在客户端启用的安全通信协议，并在发送到服务器的连接请求中识别这些协议。 服务器处理消息并使用其认为适合连接的通信协议进行响应。 然后，客户端和服务器交换适当的认证信息，然后建立实现所选通信协议的连接会话，并使用协商的通信协议加密消息。 其他实现涉及在虚拟因特网协议地址之后重新建立丢弃的连接，而不必重新承担大量的连接资源开销。

公开(公告)号：US08438260B2

公开(公告)日：2013-05-07

申请号：US13354611

申请日：2012-01-20

申请人： Robert Wilhelm Schmieder ,  Joy Chik

发明人： Robert Wilhelm Schmieder ,  Joy Chik

IPC分类号： G06F15/173

CPC分类号： H04L67/14 ,  H04L69/32

摘要： A port listening service operating in at system level is assigned to listen on a static port. The static port can index a plurality of unique IDs associated with a plurality of applications operating in a session level. The server application can then provide to a client the unique connection ID, the IP address of the server, and the static port number for a connection. If the client connects by referencing the unique connection ID, the port listening service can forward a corresponding socket for the connection to the appropriate application instance, such that the application still operates in a session level. As such, the port listening service can dispatch connection services for a single static port to multiple different application instances running in a session level.

摘要翻译： 分配在系统级别运行的端口监听服务在静态端口上侦听。 静态端口可以索引与在会话级别中操作的多个应用相关联的多个唯一ID。 然后，服务器应用程序可以向客户端提供唯一的连接ID，服务器的IP地址和连接的静态端口号。 如果客户端通过引用唯一的连接ID进行连接，则端口侦听服务可以将相应的套接字转发到适当的应用程序实例，使得应用程序仍然在会话级别运行。 因此，端口监听服务可以将单个静态端口的连接服务分派到在会话级别运行的多个不同的应用程序实例。

公开(公告)号：US08220042B2

公开(公告)日：2012-07-10

申请号：US11354456

申请日：2006-02-15

申请人： Costin Hagiu ,  Elton Saul ,  Rajneesh Mahajan ,  Sergey A. Kuzin ,  Joy Chik ,  John E. Parsons ,  Ashwin Palekar ,  Ara Bernardi

发明人： Costin Hagiu ,  Elton Saul ,  Rajneesh Mahajan ,  Sergey A. Kuzin ,  Joy Chik ,  John E. Parsons ,  Ashwin Palekar ,  Ara Bernardi

IPC分类号： G06F9/00

CPC分类号： H04L63/0823 ,  G06F21/42 ,  G06F21/606 ,  G06F2221/2107 ,  H04L67/14 ,  H04L67/141

摘要： Implementations of the present invention efficiently establish secure connections between a client and server, at least in part by authenticating the client and server early on in the connection setup phases. A client initiating a connection with a server identifies the secure communication protocols enabled at the client, and identifies these protocols in a connection request it sends to the server. The server processes the message and responds with a communication protocol it deems appropriate for the connection. The client and server then exchange appropriate authentication information, and then establish a connection session that implements the chosen communication protocol, and encrypts messages using the negotiated communication protocol. Additional implementations relate to reestablishing dropped connections behind virtual Internet Protocol addresses, without necessarily having to recommit much connection resource overhead.

摘要翻译： 本发明的实施方式至少部分地通过在连接建立阶段早期认证客户端和服务器来有效地建立客户端和服务器之间的安全连接。 发起与服务器的连接的客户端识别在客户端启用的安全通信协议，并在发送到服务器的连接请求中识别这些协议。 服务器处理消息并使用其认为适合连接的通信协议进行响应。 然后，客户端和服务器交换适当的认证信息，然后建立实现所选通信协议的连接会话，并使用协商的通信协议加密消息。 其他实现涉及在虚拟因特网协议地址之后重新建立丢弃的连接，而不必重新承担大量的连接资源开销。

公开(公告)号：US20120158822A1

公开(公告)日：2012-06-21

申请号：US12970660

申请日：2010-12-16

申请人： Chung Lang Dai ,  Vladimir Stoyanov ,  Joy Chik ,  Ahmed Tolba

发明人： Chung Lang Dai ,  Vladimir Stoyanov ,  Joy Chik ,  Ahmed Tolba

IPC分类号： G06F15/173

CPC分类号： G06F9/54 ,  G06F9/4413

摘要： The present disclosure provides systems and method for redirecting control of a client side connected USB device from the client to the server in a remote system. Specifically, the present disclosure creates a simulated USB device at the server. The simulated USB device is treated as a proxy for a redirected USB device at the client. The client side redirected USB device is not treated as the USB device but, rather, acts as a pass through to facilitate communication between requesting applications and the client connected device. The simulated USB device allows an application to send requests for a local device to the simulated USB device at the server. The simulated USB device then processes the requests and forwards the requests to the local device connected to the client.

摘要翻译： 本公开提供了用于将客户端连接的USB设备的控制从客户端重定向到远程系统中的服务器的系统和方法。 具体地，本公开在服务器处创建模拟的USB设备。 模拟USB设备被视为客户端上重定向USB设备的代理。 客户端重定向的USB设备不被视为USB设备，而是作为通过，以促进请求的应用程序和客户端连接的设备之间的通信。 模拟USB设备允许应用程序向服务器上的模拟USB设备发送本地设备的请求。 仿真的USB设备然后处理请求并将请求转发到连接到客户端的本地设备。

公开(公告)号：US20110018883A1

公开(公告)日：2011-01-27

申请号：US12510105

申请日：2009-07-27

申请人： Sriram Sampath ,  Joy Chik ,  Costin Hagiu ,  Huei Chung Wang ,  Mahesh Lotlikar ,  Vladimir K. Stoyanov

发明人： Sriram Sampath ,  Joy Chik ,  Costin Hagiu ,  Huei Chung Wang ,  Mahesh Lotlikar ,  Vladimir K. Stoyanov

IPC分类号： G06T15/00 ,  G06F9/455

CPC分类号： G06F9/45533 ,  G06F9/452 ,  G06T15/005 ,  G06T2200/16

摘要： High Fidelity remoting can be enabled by loading a hybrid remote session in a computer system. The hybrid remote session can include components loaded in a console session and components loaded in a remote session.

摘要翻译： 可以通过在计算机系统中加载混合远程会话来启用高保真远程处理。 混合远程会话可以包括加载在控制台会话中的组件和加载在远程会话中的组件。

公开(公告)号：US07685633B2

公开(公告)日：2010-03-23

申请号：US11326992

申请日：2006-01-05

申请人： Ido Ben-Shachar ,  Ashwin Palekar ,  David C. Steere ,  Joy Chik ,  Tudor A. Baraboi ,  Meher P. Malakapalli

发明人： Ido Ben-Shachar ,  Ashwin Palekar ,  David C. Steere ,  Joy Chik ,  Tudor A. Baraboi ,  Meher P. Malakapalli

IPC分类号： G06F15/16

CPC分类号： H04L63/029 ,  H04L63/0227 ,  H04L63/08 ,  H04L63/102

摘要： Implementations of the present invention relate to a communication framework that is readily adaptable to a wide variety of resources intended to be accessible through a firewall. In general, a communication framework at a gateway server can provide a specific connection to a requested resource in accordance with a wide range of resource and/or network access policies. In one instance, a client requests a connection to a specific resource behind a firewall. The communication framework authenticates the connection, and quarantines the connection until determining, for example, that the client is using an appropriate resource features. If appropriately authenticated, the communication framework can pass control of the connection to an appropriately identified protocol plug-in processor, which facilitates a direct connection to the requested resource at an application layer of a communication stack.

摘要翻译： 本发明的实现涉及一种易于适应旨在通过防火墙访问的各种资源的通信框架。 通常，网关服务器处的通信框架可以根据广泛的资源和/或网络访问策略提供与请求的资源的特定连接。 在一种情况下，客户端请求与防火墙后面的特定资源的连接。 通信框架认证连接，并隔离连接，直到确定客户端正在使用适当的资源特征。 如果适当地认证，则通信框架可以将连接的控制传递到适当识别的协议插件处理器，这有助于在通信栈的应用层处直接连接到所请求的资源。

公开(公告)号：US07580038B2

公开(公告)日：2009-08-25

申请号：US11275624

申请日：2006-01-19

申请人： Joy Chik ,  John E. Parsons ,  Brian M Tallman

发明人： Joy Chik ,  John E. Parsons ,  Brian M Tallman

IPC分类号： G06T11/00 ,  G06F17/00 ,  G06F13/00

CPC分类号： G06F17/214 ,  G06T11/203 ,  G09G5/225

摘要： A method and system of operating a remote terminal by a terminal server caches representation data of glyphs to be displayed on the remote terminal to reduce the amount of glyph data that have to be transmitted to the remote terminal through a network connection. The glyph caching is performed on a level of text fragments each of which includes a plurality of glyphs. The remote terminal stores a fragment cache for caching fragments and glyph caches for caching individual glyphs. Each entry in the fragment cache contains data indicating where the glyph data for the glyphs of the fragment are stored in the glyph caches. When the terminal server receives a request to display a text fragment on the remote terminal, it checks whether that fragment is cached at the remote terminal. If so, the terminal server sends a fragment index to the client identifying the entry in the fragment cache for that fragment. The terminal client retrieves the information in the fragment cache entry and then retrieves the glyph data for the glyphs of the fragment from the glyph cache, and displays them on the remote terminal. A tuning device uses a counter mode encryption cipher to encrypt counters associated with media content in order to protect the media content when it is sent to requesting device or controller. The encrypted counters are decrypted in order to consume the media content. The controller may send particular direction to the tuning device as to how the media content, encrypted counters, and other associated data are sent to the controller.

摘要翻译： 由终端服务器操作远程终端的方法和系统缓存要在远程终端上显示的字形的表示数据，以减少必须通过网络连接发送到远程终端的字形数据量。 字形缓存在文本片段的级别上执行，每个文本片段包括多个字形。 远程终端存储缓存用于缓存单个字形的片段和字形缓存的片段缓存。 片段缓存中的每个条目都包含指示片段的字形的字形数据存储在字形缓存中的位置的数据。 当终端服务器收到在远程终端上显示文本片段的请求时，它检查该片段是否在远端终端缓存。 如果是这样，终端服务器向客户端发送一个片段索引，标识该片段的片段高速缓存中的条目。 终端客户端检索片段缓存条目中的信息，然后从字形缓存检索片段的字形的字形数据，并将其显示在远程终端上。 调谐设备使用计数器模式加密密码来加密与媒体内容相关联的计数器，以便在发送到请求设备或控制器时保护媒体内容。 加密的计数器被解密以便消耗媒体内容。 控制器可以向调谐设备发送关于如何将媒体内容，加密的计数器和其他相关联的数据发送到控制器的特定方向。

公开(公告)号：US20070220168A1

公开(公告)日：2007-09-20

申请号：US11375961

申请日：2006-03-15

申请人： John Parsons ,  Joy Chik ,  Nadim Abdo ,  Robert Schmieder

发明人： John Parsons ,  Joy Chik ,  Nadim Abdo ,  Robert Schmieder

IPC分类号： G06F15/16

CPC分类号： H03M7/30 ,  G06F9/542 ,  G06F2209/545

摘要： Embodiments provide for efficient encoding and rendering of remote graphic displays by applying one or more of the following: (1) field encoding for identifying fields of a graphics set such that commonalities of various fields across different graphics languages are identified; (2) resource caching, which treats heterogeneous resources in a homogeneous way when it comes to storing them; (3) determining the type of encoding for remoting items within a graphics set based upon the types of compression mechanisms supported by a remote device; (4) improving responsiveness by rendering with partially sent resources; (5) a mechanism for determining what portions (if any) of a graphics set should be sent to a remote device and in what order; and (6) use of dedicated resources already on a remote device in order to eliminate the transfer of a resource between a local device and the remote device when rendering such resource.

摘要翻译： 实施例通过应用以下一个或多个来提供对远程图形显示的有效编码和渲染：（1）用于识别图形集的字段的字段编码，以便识别跨越不同图形语言的各种字段的共同点; （2）资源缓存，它在存储它们时以均匀的方式处理异构资源; （3）基于由远程设备支持的压缩机制的类型，确定用于远程处理图形集内的项目的编码类型; （4）通过部分派发资源提高响应能力; （5）用于确定图形组的哪些部分（如果有的话）应该被发送到远程设备并以什么顺序的机制; 和（6）使用已经在远程设备上的专用资源，以便在渲染此类资源时消除本地设备与远程设备之间的资源传输。

公开(公告)号：US20070046980A1

公开(公告)日：2007-03-01

申请号：US11419594

申请日：2006-05-22

申请人： Paul Coleman ,  Wilhelm Schmieder ,  John Parsons ,  Nadim Abdo ,  Joy Chik

发明人： Paul Coleman ,  Wilhelm Schmieder ,  John Parsons ,  Nadim Abdo ,  Joy Chik

IPC分类号： G06F3/12

CPC分类号： H04L67/2804 ,  G06F17/30017 ,  G06F17/30244 ,  H04L67/2823 ,  H04L67/2895 ,  H04L67/303

摘要： A server computer provides objects such as bitmaps representing graphics image for processing by a client computer or device. The object may be of any arbitrary size or format, and is converted to a data structure that can be received by the client computer. Synchronized metadata may be included in the data structure, where such metadata data is used by an application in the client computer or device.

摘要翻译： 服务器计算机提供诸如表示用于由客户端计算机或设备处理的图形图像的位图的对象。 该对象可以是任意的大小或格式，并且被转换成可由客户端计算机接收的数据结构。 同步元数据可以包括在数据结构中，其中这样的元数据数据由客户端计算机或设备中的应用使用。

公开(公告)号：US20060195899A1

公开(公告)日：2006-08-31

申请号：US11326992

申请日：2006-01-05

申请人： Ido Ben-Shachar ,  Ashwin Palekar ,  David Steere ,  Joy Chik ,  Tudor Baraboi ,  Meher Malakapalli

发明人： Ido Ben-Shachar ,  Ashwin Palekar ,  David Steere ,  Joy Chik ,  Tudor Baraboi ,  Meher Malakapalli

IPC分类号： G06F15/16

CPC分类号： H04L63/029 ,  H04L63/0227 ,  H04L63/08 ,  H04L63/102

摘要： Implementations of the present invention relate to a communication framework that is readily adaptable to a wide variety of resources intended to be accessible through a firewall. In general, a communication framework at a gateway server can provide a specific connection to a requested resource in accordance with a wide range of resource and/or network access policies. In one instance, a client requests a connection to a specific resource behind a firewall. The communication framework authenticates the connection, and quarantines the connection until determining, for example, that the client is using an appropriate resource features. If appropriately authenticated, the communication framework can pass control of the connection to an appropriately identified protocol plug-in processor, which facilitates a direct connection to the requested resource at an application layer of a communication stack.

摘要翻译： 本发明的实现涉及一种易于适应旨在通过防火墙访问的各种资源的通信框架。 通常，网关服务器处的通信框架可以根据广泛的资源和/或网络访问策略提供与请求的资源的特定连接。 在一种情况下，客户端请求与防火墙后面的特定资源的连接。 通信框架认证连接，并隔离连接，直到确定客户端正在使用适当的资源特征。 如果适当地认证，则通信框架可以将连接的控制传递到适当识别的协议插件处理器，这有助于在通信栈的应用层处直接连接到所请求的资源。