-
公开(公告)号:US06834310B2
公开(公告)日:2004-12-21
申请号:US10082285
申请日:2002-02-26
IPC分类号: G06F1516
CPC分类号: H04L65/403 , H04L45/00 , H04L45/24 , H04L45/28 , H04L61/1511 , H04L61/2007 , H04L61/2076 , H04L61/2092 , H04L61/35 , H04L61/6004 , H04L63/0272 , H04L63/0407 , H04L63/0414 , H04L63/0428 , H04L63/08 , H04L63/10 , H04L63/1458 , H04L63/1466 , H04L63/1491
摘要: A plurality of computer nodes communicate using seemingly random Internet Protocol source and destination addresses. Data packets matching criteria defined by a moving window of valid addresses are accepted for further processing, while those that do not meet the criteria are quickly rejected. Improvements to the basic design include (1) a load balancer that distributes packets across different transmission paths according to transmission path quality; (2) a DNS proxy server that transparently creates a virtual private network in response to a domain name inquiry; (3) a large-to-small link bandwidth management feature that prevents denial-of-service attacks at system chokepoints; (4) a traffic limiter that regulates incoming packets by limiting the rate at which a transmitter can be synchronized with a receiver; and (5) a signaling synchronizer that allows a large number of nodes to communicate with a central node by partitioning the communication function between two separate entities.
摘要翻译: 多个计算机节点使用看似随机的因特网协议源和目的地址进行通信。 由有效地址的移动窗口定义的数据包匹配条件被接受进一步处理,而不符合标准的数据包将被快速拒绝。 对基本设计的改进包括(1)根据传输路径质量在不同传输路径上分发数据包的负载平衡器; (2)响应于域名查询透明地创建虚拟专用网络的DNS代理服务器; (3)一个大到小的链路带宽管理功能,可防止系统阻塞点的拒绝服务攻击; (4)流量限制器,其通过限制发射机与接收机同步的速率来调节输入分组; 和(5)信令同步器,其允许大量节点通过分割两个单独实体之间的通信功能而与中央节点进行通信。
-
32.发明授权Agile network protocol for secure communications with assured system availability 有权用于安全通信的敏捷网络协议,确保系统可用性公开(公告)号:US06502135B1
公开(公告)日:2002-12-31
申请号:US09504783
申请日:2000-02-15
申请人: Edmund Colby Munger , Douglas Charles Schmidt , Robert Dunham Short, III , Victor Larson , Michael Williamson
发明人: Edmund Colby Munger , Douglas Charles Schmidt , Robert Dunham Short, III , Victor Larson , Michael Williamson
IPC分类号: G06F15173
CPC分类号: H04L65/403 , H04L45/00 , H04L45/24 , H04L45/28 , H04L61/1511 , H04L61/2007 , H04L61/2076 , H04L61/2092 , H04L61/35 , H04L61/6004 , H04L63/0272 , H04L63/0407 , H04L63/0414 , H04L63/0428 , H04L63/08 , H04L63/10 , H04L63/1458 , H04L63/1466 , H04L63/1491
摘要: A plurality of computer nodes communicate using seemingly random Internet Protocol source and destination addresses. Data packets matching criteria defined by a moving window of valid addresses are accepted for further processing, while those that do not meet the criteria are quickly rejected. Improvements to the basic design include (1) a load balancer that distributes packets across different transmission paths according to transmission path quality; (2) a DNS proxy server that transparently creates a virtual private network in response to a domain name inquiry; (3) a large-to-small link bandwidth management feature that prevents denial-of-service attacks at system chokepoints; (4) a traffic limiter that regulates incoming packets by limiting the rate at which a transmitter can be synchronized with a receiver; and (5) a signaling synchronizer that allows a large number of nodes to communicate with a central node by partitioning the communication function between two separate entities.
摘要翻译: 多个计算机节点使用看似随机的因特网协议源和目的地址进行通信。 由有效地址的移动窗口定义的数据包匹配条件被接受进一步处理,而不符合标准的数据包将被快速拒绝。 对基本设计的改进包括(1)根据传输路径质量在不同传输路径上分发数据包的负载平衡器; (2)响应于域名查询透明地创建虚拟专用网络的DNS代理服务器; (3)一个大到小的链路带宽管理功能,可防止系统阻塞点的拒绝服务攻击; (4)流量限制器,其通过限制发射机与接收机同步的速率来调节输入分组; 和(5)信令同步器,其允许大量节点通过分割两个单独实体之间的通信功能而与中央节点进行通信。
-
公开(公告)号:US09386000B2
公开(公告)日:2016-07-05
申请号:US13617375
申请日:2012-09-14
IPC分类号: G06F7/04 , H04L29/06 , H04L12/46 , H04L29/12 , H04L12/701 , H04L12/707 , H04L12/703 , G06F21/60 , H04L12/24 , H04L29/08 , G06F17/30
CPC分类号: H04L63/0485 , G06F17/30864 , G06F21/606 , H04L12/4641 , H04L29/12066 , H04L29/12216 , H04L29/12301 , H04L29/1232 , H04L29/12594 , H04L29/12783 , H04L29/12801 , H04L41/00 , H04L45/00 , H04L45/24 , H04L45/28 , H04L61/1511 , H04L61/2007 , H04L61/2076 , H04L61/2092 , H04L61/3015 , H04L61/303 , H04L61/35 , H04L61/6004 , H04L63/0227 , H04L63/0272 , H04L63/04 , H04L63/0407 , H04L63/0421 , H04L63/0428 , H04L63/0435 , H04L63/0478 , H04L63/08 , H04L63/0876 , H04L63/105 , H04L63/1408 , H04L63/1416 , H04L63/1458 , H04L63/1466 , H04L63/164 , H04L63/168 , H04L67/14 , H04L67/141
摘要: A system for and method of establishing a secure communication link is disclosed. The method comprises: (1) generating a Domain Name Service (DNS) request; (2) determining that the DNS request corresponds a first computer configured to communicate securely; (3) sending, based on the determination, a request to establish a secure communication link with the first computer configured to communicate securely, the request including an identifier of a client device used to determine whether the client device is authorized to communicate with the first computer; (4) receiving, in response to the request to establish a secure communication link, a resource used to establish the secure communication link; (5) automatically establishing the secure communication link using the received resource; and (6) communicating securely with the first computer over the established secure communication link.
摘要翻译: 公开了建立安全通信链路的系统和方法。 该方法包括:(1)生成域名服务(DNS)请求; (2)确定DNS请求对应于配置为安全通信的第一计算机; (3)基于该确定发送建立与被配置为安全通信的第一计算机的安全通信链路的请求,所述请求包括客户端设备的标识符,所述客户端设备的标识符用于确定客户端设备是否被授权与第一 电脑; (4)响应于建立安全通信链路的请求,接收用于建立安全通信链路的资源; (5)使用接收到的资源自动建立安全通信链路; 和(6)通过所建立的安全通信链路与第一计算机进行安全通信。
-
公开(公告)号:US08572247B2
公开(公告)日:2013-10-29
申请号:US13049552
申请日:2011-03-16
IPC分类号: G06F15/173
CPC分类号: H04L63/0485 , G06F17/30864 , G06F21/606 , H04L12/4641 , H04L29/12066 , H04L29/12216 , H04L29/12301 , H04L29/1232 , H04L29/12594 , H04L29/12783 , H04L29/12801 , H04L41/00 , H04L45/00 , H04L45/24 , H04L45/28 , H04L61/1511 , H04L61/2007 , H04L61/2076 , H04L61/2092 , H04L61/3015 , H04L61/303 , H04L61/35 , H04L61/6004 , H04L63/0227 , H04L63/0272 , H04L63/04 , H04L63/0407 , H04L63/0421 , H04L63/0428 , H04L63/0435 , H04L63/0478 , H04L63/08 , H04L63/0876 , H04L63/105 , H04L63/1408 , H04L63/1416 , H04L63/1458 , H04L63/1466 , H04L63/164 , H04L63/168 , H04L67/14 , H04L67/141
摘要: A secure domain name service for a computer network is disclosed that includes a portal connected to a computer network, such as the Internet, and a domain name database connected to the computer network through the portal. The portal authenticates a query for a secure computer network address, and the domain name database stores secure computer network addresses for the computer network. Each secure computer network address is based on a non-standard top-level domain name, such as .scom, .sorg, .snet, .snet, .sedu, .smil and .sint.
-
35.发明申请AGILE NETWORK PROTOCOL FOR SECURE COMMUNICATIONS WITH ASSURED SYSTEM AVAILABILITY 审中-公开用于安全通信的AGILE网络协议,具有确保的系统可用性公开(公告)号:US20130019091A1
公开(公告)日:2013-01-17
申请号:US13615436
申请日:2012-09-13
申请人: Edmund Colby Munger , Douglas Charles Schmidt , Robert Dunham Short, III , Victor Larson , Michael Williamson
发明人: Edmund Colby Munger , Douglas Charles Schmidt , Robert Dunham Short, III , Victor Larson , Michael Williamson
IPC分类号: H04L29/06
CPC分类号: H04L65/403 , H04L45/00 , H04L45/24 , H04L45/28 , H04L61/1511 , H04L61/2007 , H04L61/2076 , H04L61/2092 , H04L61/35 , H04L61/6004 , H04L63/0272 , H04L63/0407 , H04L63/0414 , H04L63/0428 , H04L63/08 , H04L63/10 , H04L63/1458 , H04L63/1466 , H04L63/1491
摘要: A plurality of computer nodes communicate using seemingly random Internet Protocol source and destination addresses. Data packets matching criteria defined by a moving window of valid addresses are accepted for further processing, while those that do not meet the criteria are quickly rejected. Improvements to the basic design include (1) a load balancer that distributes packets across different transmission paths according to transmission path quality; (2) a DNS proxy server that transparently creates a virtual private network in response to a domain name inquiry; (3) a large-to-small link bandwidth management feature that prevents denial-of-service attacks at system chokepoints; (4) a traffic limiter that regulates incoming packets by limiting the rate at which a transmitter can be synchronized with a receiver; and (5) a signaling synchronizer that allows a large number of nodes to communicate with a central node by partitioning the communication function between two separate entities.
摘要翻译: 多个计算机节点使用看似随机的因特网协议源和目的地址进行通信。 由有效地址的移动窗口定义的数据包匹配条件被接受进一步处理,而不符合标准的数据包将被快速拒绝。 对基本设计的改进包括(1)根据传输路径质量在不同传输路径上分发数据包的负载平衡器; (2)响应于域名查询透明地创建虚拟专用网络的DNS代理服务器; (3)一个大到小的链路带宽管理功能,可防止系统阻塞点的拒绝服务攻击; (4)流量限制器,其通过限制发射机与接收机同步的速率来调节输入分组; 和(5)信令同步器,其允许大量节点通过分割两个单独实体之间的通信功能而与中央节点进行通信。
-
36.发明申请公开(公告)号:US20130014227A1
公开(公告)日:2013-01-10
申请号:US13617446
申请日:2012-09-14
IPC分类号: G06F21/00
CPC分类号: H04L63/0485 , G06F17/30864 , G06F21/606 , H04L12/4641 , H04L29/12066 , H04L29/12216 , H04L29/12301 , H04L29/1232 , H04L29/12594 , H04L29/12783 , H04L29/12801 , H04L41/00 , H04L45/00 , H04L45/24 , H04L45/28 , H04L61/1511 , H04L61/2007 , H04L61/2076 , H04L61/2092 , H04L61/3015 , H04L61/303 , H04L61/35 , H04L61/6004 , H04L63/0227 , H04L63/0272 , H04L63/04 , H04L63/0407 , H04L63/0421 , H04L63/0428 , H04L63/0435 , H04L63/0478 , H04L63/08 , H04L63/0876 , H04L63/105 , H04L63/1408 , H04L63/1416 , H04L63/1458 , H04L63/1466 , H04L63/164 , H04L63/168 , H04L67/14 , H04L67/141
摘要: A method of establishing a secure communication link comprises: (a) receiving a request that (i) includes an identifier of a client and (ii) was sent in response to a determination that a DNS request from the client corresponds to a first computer configured to communicate securely; (b) comparing the received client identifier to at least one stored client identifier; (c) determining, based on the comparison, whether the client is authorized to communicate with the first computer; (d) generating a resource used to establish the secure communication link between the client and the first computer; (e) generating a message in response to determining that the client is not authorized to communicate with the first computer; and (f) in response to determining that the client is authorized to communicate with the first computer, making the resource available to the client to automatically establish the secure communication link.
-
37.发明申请SYSTEM AND METHOD EMPLOYING AN AGILE NETWORK PROTOCOL FOR SECURE COMMUNICATIONS USING SECURE DOMAIN NAMES 有权使用安全通信使用安全域名的“协作网络协议”的系统和方法公开(公告)号:US20130014226A1
公开(公告)日:2013-01-10
申请号:US13617375
申请日:2012-09-14
IPC分类号: G06F21/20
CPC分类号: H04L63/0485 , G06F17/30864 , G06F21/606 , H04L12/4641 , H04L29/12066 , H04L29/12216 , H04L29/12301 , H04L29/1232 , H04L29/12594 , H04L29/12783 , H04L29/12801 , H04L41/00 , H04L45/00 , H04L45/24 , H04L45/28 , H04L61/1511 , H04L61/2007 , H04L61/2076 , H04L61/2092 , H04L61/3015 , H04L61/303 , H04L61/35 , H04L61/6004 , H04L63/0227 , H04L63/0272 , H04L63/04 , H04L63/0407 , H04L63/0421 , H04L63/0428 , H04L63/0435 , H04L63/0478 , H04L63/08 , H04L63/0876 , H04L63/105 , H04L63/1408 , H04L63/1416 , H04L63/1458 , H04L63/1466 , H04L63/164 , H04L63/168 , H04L67/14 , H04L67/141
摘要: A system for and method of establishing a secure communication link is disclosed. The method comprises: (1) generating a Domain Name Service (DNS) request; (2) determining that the DNS request corresponds a first computer configured to communicate securely; (3) sending, based on the determination, a request to establish a secure communication link with the first computer configured to communicate securely, the request including an identifier of a client device used to determine whether the client device is authorized to communicate with the first computer; (4) receiving, in response to the request to establish a secure communication link, a resource used to establish the secure communication link; (5) automatically establishing the secure communication link using the received resource; and (6) communicating securely with the first computer over the established secure communication link.
摘要翻译: 公开了建立安全通信链路的系统和方法。 该方法包括:(1)生成域名服务(DNS)请求; (2)确定DNS请求对应于配置为安全通信的第一计算机; (3)基于该确定发送建立与被配置为安全通信的第一计算机的安全通信链路的请求,所述请求包括客户端设备的标识符,所述客户端设备的标识符用于确定客户端设备是否被授权与第一 电脑; (4)响应于建立安全通信链路的请求,接收用于建立安全通信链路的资源; (5)使用接收到的资源自动建立安全通信链路; 和(6)通过所建立的安全通信链路与第一计算机进行安全通信。
-
公开(公告)号:US07945654B2
公开(公告)日:2011-05-17
申请号:US11840508
申请日:2007-08-17
IPC分类号: G06F15/173
CPC分类号: H04L63/0485 , G06F17/30864 , G06F21/606 , H04L12/4641 , H04L29/12066 , H04L29/12216 , H04L29/12301 , H04L29/1232 , H04L29/12594 , H04L29/12783 , H04L29/12801 , H04L41/00 , H04L45/00 , H04L45/24 , H04L45/28 , H04L61/1511 , H04L61/2007 , H04L61/2076 , H04L61/2092 , H04L61/3015 , H04L61/303 , H04L61/35 , H04L61/6004 , H04L63/0227 , H04L63/0272 , H04L63/04 , H04L63/0407 , H04L63/0421 , H04L63/0428 , H04L63/0435 , H04L63/0478 , H04L63/08 , H04L63/0876 , H04L63/105 , H04L63/1408 , H04L63/1416 , H04L63/1458 , H04L63/1466 , H04L63/164 , H04L63/168 , H04L67/14 , H04L67/141
摘要: A secure domain name service for a computer network is disclosed that includes a portal connected to a computer network, such as the Internet, and a domain name database connected to the computer network through the portal. The portal authenticates a query for a secure computer network address, and the domain name database stores secure computer network addresses for the computer network. Each secure computer network address is based on a non-standard top-level domain name, such as .scom, .sorg, .snet, .snet, .sedu, .smil and .sint.
-
39.发明授权公开(公告)号:US09374346B2
公开(公告)日:2016-06-21
申请号:US13615528
申请日:2012-09-13
IPC分类号: G06F15/16 , H04L29/06 , H04L12/46 , H04L29/12 , H04L12/701 , H04L12/707 , H04L12/703 , G06F21/60 , H04L12/24 , H04L29/08 , G06F17/30
CPC分类号: H04L63/0485 , G06F17/30864 , G06F21/606 , H04L12/4641 , H04L29/12066 , H04L29/12216 , H04L29/12301 , H04L29/1232 , H04L29/12594 , H04L29/12783 , H04L29/12801 , H04L41/00 , H04L45/00 , H04L45/24 , H04L45/28 , H04L61/1511 , H04L61/2007 , H04L61/2076 , H04L61/2092 , H04L61/3015 , H04L61/303 , H04L61/35 , H04L61/6004 , H04L63/0227 , H04L63/0272 , H04L63/04 , H04L63/0407 , H04L63/0421 , H04L63/0428 , H04L63/0435 , H04L63/0478 , H04L63/08 , H04L63/0876 , H04L63/105 , H04L63/1408 , H04L63/1416 , H04L63/1458 , H04L63/1466 , H04L63/164 , H04L63/168 , H04L67/14 , H04L67/141
摘要: A network device comprises a storage device storing an application program for a secure communications service, and at least one processor configured to execute the application program for the secure communications service so as to enable the network device to send a request to look up a network address of a second device based on an identifier associated with the second device, receive an indication that the second device is available for the secure communications service, the indication including the requested network address and provisioning information for a secure communication link, connect to the second device over the secure communication link, using the received network address of the second device and the provisioning information for the secure communication link, and communicate at least one of video data and audio data with the second device using the secure communications service via the secure communication link.
摘要翻译: 网络设备包括存储用于安全通信服务的应用程序的存储设备,以及配置为执行安全通信服务的应用程序的至少一个处理器,以使得网络设备能够发送查询网络地址的请求 基于与第二设备相关联的标识符接收第二设备可用于安全通信服务的指示,包括所请求的网络地址和用于安全通信链路的供应信息的指示连接到第二设备 通过所述安全通信链路,使用所接收的所述第二设备的网络地址和所述安全通信链路的供应信息,并且经由所述安全通信链路使用所述安全通信服务与所述第二设备通信视频数据和音频数据中的至少一个 。
-
40.发明授权Method for establishing secure communication link between computers of virtual private network 有权在虚拟专用网计算机之间建立安全通信链路的方法公开(公告)号:US09094399B2
公开(公告)日:2015-07-28
申请号:US13181041
申请日:2011-07-12
IPC分类号: G06F15/16 , H04L29/06 , H04L12/701 , H04L12/707 , H04L12/703 , H04L29/12
CPC分类号: H04L63/0876 , H04L29/12047 , H04L29/12216 , H04L29/12301 , H04L29/1232 , H04L29/12783 , H04L29/12801 , H04L45/00 , H04L45/24 , H04L45/28 , H04L61/15 , H04L61/2007 , H04L61/2076 , H04L61/2092 , H04L61/35 , H04L61/6004 , H04L63/0227 , H04L63/0272 , H04L63/0281 , H04L63/029 , H04L63/0414 , H04L63/0421 , H04L63/0428 , H04L63/061 , H04L63/10 , H04L63/1458 , H04L63/1491 , H04L63/18
摘要: A technique is disclosed for establishing a secure communication link between a first computer and a second computer over a computer network. Initially, a secure communication mode of communication is enabled at a first computer without a user entering any cryptographic information for establishing the secure communication mode of communication. Then, a secure communication link is established between the first computer and a second computer over a computer network based on the enabled secure communication mode of communication. The secure communication link is a virtual private network communication link over the computer network in which one or more data values that vary according to a pseudo-random sequence are inserted into each data packet.
摘要翻译: 公开了一种通过计算机网络在第一计算机和第二计算机之间建立安全通信链路的技术。 最初,在第一计算机上启用安全通信通信模式,而无需用户输入用于建立安全通信通信模式的任何密码信息。 然后,基于启用的安全通信通信模式,通过计算机网络在第一计算机和第二计算机之间建立安全通信链路。 安全通信链路是计算机网络上的虚拟专用网络通信链路,其中根据伪随机序列变化的一个或多个数据值被插入到每个数据分组中。
-
-
-
-
-
-
-
-
-
搜索结果
59 条记录 (耗时 0.069 秒)
