-
公开(公告)号:US20210152543A1
公开(公告)日:2021-05-20
申请号:US17127852
申请日:2020-12-18
摘要: Systems and techniques for automatic escalation of trust credentials are described herein. Requestor data may be received that describes workloads of a requestor. A set of trust credentials may be determined by using an escalation prediction model to evaluate the requestor data. The multi-access token may be assembled from the set of trust credentials. The multi-access token may be transmitted to an information provider to fulfill a request of a requestor.
-
公开(公告)号:US20210006972A1
公开(公告)日:2021-01-07
申请号:US17025519
申请日:2020-09-18
摘要: Methods, systems, and use cases for geofence-based edge service control and authentication are discussed, including an orchestration system with memory and at least one processing circuitry coupled to the memory. The processing circuitry is configured to perform operations to obtain, from a plurality of connectivity nodes providing edge services, physical location information, and resource availability information associated with each of the plurality of connectivity nodes. An edge-to-edge location graph (ELG) is generated based on the physical location information and the resource availability information, the ELG indicating a subset of the plurality of connectivity nodes that are available for executing a plurality of services associated with an edge workload. The connectivity nodes are provisioned with the ELG and a workflow execution plan to execute the plurality of services, the workflow execution plan including metadata with a geofence policy. The geofence policy specifies geofence restrictions associated with each of the plurality of services.
-
公开(公告)号:US20200084202A1
公开(公告)日:2020-03-12
申请号:US16683410
申请日:2019-11-14
申请人: Ned M. Smith , John J. Browne , Kapil Sood , Francesc Guim Bernat , Kshitij Arun Doshi , Rajesh Poornachandran , Tarun Viswanathan , Manish Dave
发明人: Ned M. Smith , John J. Browne , Kapil Sood , Francesc Guim Bernat , Kshitij Arun Doshi , Rajesh Poornachandran , Tarun Viswanathan , Manish Dave
摘要: Various approaches for implementing attestation using an attestation token are described. In an edge computing system deployment, an edge computing device includes an attestable feature (e.g., resource, service, entity, property, etc.) which is accessible from use of an attestation token, by the operations of: obtaining a first instance of a token that provides proof of attestation for an accessible feature of the edge computing device, with the token including data to indicate trust level designations for the feature as attested by an attestation provider; receiving, from a prospective user of the feature, a request to use the feature and a second instance of the token, with the second instance of the token originating from the attestation provider; and providing access to the feature based on a verification of the instances of the token, by using the verification to confirm attestation of the trust level designations for the feature.
-
公开(公告)号:US20220224776A1
公开(公告)日:2022-07-14
申请号:US17711742
申请日:2022-04-01
IPC分类号: H04L67/5681 , H04L43/0852 , G06F12/0897 , G06F12/0891
摘要: The present disclosure is related to managing a caching system based on object fetch costs, where the fetch cost are based on the access latency, cache misses, and time to reuse of individual objects. The caching system may be a multi-tiered caching system that includes multiple storage tiers, where an object management system determines whether to retain or evict an object from a cache of a particular storage tier based on the object's fetch cost. Additionally, eviction can include moving objects from a current storage tier to another storage tier based on the current storage tier and fetch costs.
-
公开(公告)号:US20220014466A1
公开(公告)日:2022-01-13
申请号:US17484125
申请日:2021-09-24
IPC分类号: H04L12/747 , H04L29/08 , H04L29/06
摘要: System and techniques for information centric network tunneling are described herein. At an ICN router, a data handle for data—that includes an indication of security metadata—is received. The security metadata is obtained based on the data handle and the data is cached based on the security metadata. An ICN node at an interface of the ICN router is tested for compatibility with the security metadata and a version of the data is transmitted to the ICN node based on the compatibility of the ICN node with the security metadata.
-
公开(公告)号:US20210328783A1
公开(公告)日:2021-10-21
申请号:US17358474
申请日:2021-06-25
IPC分类号: H04L9/08
摘要: System and techniques for decentralized key generation and management are described herein. An information centric network (ICN) node receives a first ICN interest packet for public encryption parameters of an identity based encryption (IBE) key generation center (KGC). Public encryption parameters for the KGC are received in a first ICN data packet in response to the first ICN interest packet. The public encryption parameters are cached and used to respond a second ICN interest packet for the public parameters. A third ICN data packet may be received from the KGC in response to a key generation request. Here, the third data packet includes an indication that the third ICN data packet is part of a one-time session. Then, the third ICN data packet is transmitted without caching the third ICN data packet content based on the indication.
-
公开(公告)号:US20210011765A1
公开(公告)日:2021-01-14
申请号:US17028809
申请日:2020-09-22
摘要: Systems and techniques for adaptive limited-duration edge resource management are described herein. Available capacity may be calculated for a resource for a node of the edge computing network based on workloads executing on the node. Available set-aside resources may be determined based on the available capacity. A service request may be received from an application executing on the edge computing node. A priority category may be determined for the service request. Set-aside resources from the available set-aside resources may be assigned to a workload associated with the service request based on the priority category.
-
公开(公告)号:US20190158300A1
公开(公告)日:2019-05-23
申请号:US16235894
申请日:2018-12-28
申请人: Dario Sabella , Ned M. Smith , Neal Oliver , Kshitij Arun Doshi , Suraj Prabhakaran , Miltiadis Filippou , Francesc Guim Bernat
发明人: Dario Sabella , Ned M. Smith , Neal Oliver , Kshitij Arun Doshi , Suraj Prabhakaran , Miltiadis Filippou , Francesc Guim Bernat
摘要: An architecture to allow Multi-Access Edge Computing (MEC) billing and charge tracking, is disclosed. In an example, a tracking process, such as is performed by an edge computing apparatus, includes: receiving a computational processing request for a service operated with computing resources of the edge computing apparatus from a connected edge device within the first access network, wherein the computational processing request includes an identification of the connected edge device; identifying a processing device, within the first access network, for performing the computational processing request; and storing the identification of the connected edge device, a processing device identification, and data describing the computational processes completed by the processing device in association with the computational processing request.
-
39.
公开(公告)号:US20190141610A1
公开(公告)日:2019-05-09
申请号:US16235685
申请日:2018-12-28
申请人: Dario Sabella , Ned M. Smith , Neal Oliver , Kshitij Arun Doshi , Suraj Prabhakaran , Francesc Guim Bernat , Miltiadis Filippou
发明人: Dario Sabella , Ned M. Smith , Neal Oliver , Kshitij Arun Doshi , Suraj Prabhakaran , Francesc Guim Bernat , Miltiadis Filippou
摘要: Various systems and methods for enhancing a distributed computing environment with multiple edge hosts and user devices, including in multi-access edge computing (MEC) network platforms and settings, are described herein. A device of a lifecycle management (LCM) proxy apparatus obtains a request, from a device application, for an application multiple context of an application. The application multiple context for the application is determined. The request from the device application for the application multiple context for the application is authorized. A device application identifier based on the request is added to the application multiple context. A created response for the device application based on the authorization of the request is transmitted to the device application. The response includes an identifier of the application multiple context.
-
公开(公告)号:US20190141536A1
公开(公告)日:2019-05-09
申请号:US16235420
申请日:2018-12-28
申请人: Alexander Bachmutsky , Dario Sabella , Francesc Guim Bernat , John J. Browne , Kapil Sood , Kshitij Arun Doshi , Mats Gustav Agerstam , Ned M. Smith , Rajesh Poornachandran , Tarun Viswanathan
发明人: Alexander Bachmutsky , Dario Sabella , Francesc Guim Bernat , John J. Browne , Kapil Sood , Kshitij Arun Doshi , Mats Gustav Agerstam , Ned M. Smith , Rajesh Poornachandran , Tarun Viswanathan
摘要: A service coordinating entity device includes communications circuitry to communicate with a first access network, processing circuitry, and a memory device. The processing circuitry is to perform operations to, in response to a request for establishing a connection with a user equipment (UE) in a second access network, retrieve a first Trusted Level Agreement (TLA) including trust attributes associated with the first access network. One or more exchanges of the trust attributes of the first TLA and trust attributes of a second TLA associated with the second access network are performed using a computing service executing on the service coordinating entity. A common TLA with trust attributes associated with communications between the first and second access networks is generated based on the exchanges. Data traffic is routed from the first access network to the UE in the second access network based on the trust attributes of the common TLA.
-
-
-
-
-
-
-
-
-