-
公开(公告)号:US20210400041A1
公开(公告)日:2021-12-23
申请号:US17206305
申请日:2021-03-19
发明人: Emile Delcourt , Harish Somaraddi , Tadhg Pearson
IPC分类号: H04L29/06
摘要: Among other things, this document describes systems, methods, and apparatus for monitoring and protecting a user credential issued by an organization when that credential is used outside that organization's network security perimeter. For example, a reverse proxy server (RPS) receives a client request directed to a content provider's site. The RPS initiates a process that involves parsing the request message and extracting a user credential. The RPS locates a credential policy from the credential owner based on the user credential. The RPS can issue an API request to a credential service that is authoritative for the credential. That credential service may return a directive to the RPS specifying how to handle the client request message. Preferably, the operation is transparent to the content provider whose site was the target of the client's request message. Activity records can be presented in visualizations that enhance security analysts' tactical comprehension at a glance.
-
公开(公告)号:US20210243249A1
公开(公告)日:2021-08-05
申请号:US17165545
申请日:2021-02-02
发明人: Byung K. Choi
摘要: Among other things, this document describes systems, methods and devices for performance testing and dynamic placement of computing tasks in a distributed computing environment. In embodiments, a given client request is forwarded up a hierarchy of nodes, or across tiers in the hierarchy. A particular computing node in the system self-determines to perform a computing task to generate (or help generate) particular content for a response to the client. The computing node injects its identifier into the response indicating that it performed those tasks; the identifier is transmitted to the client with particular content. The client runs code that assesses the performance of the system from the client's perspective, e.g., in servicing the request, and beacons this performance data, along with the aforementioned identifier, to a system intelligence component. The performance information may be used to dynamically place and improve the placement of the computing task(s).
-
公开(公告)号:US11080065B1
公开(公告)日:2021-08-03
申请号:US16374581
申请日:2019-04-03
摘要: A method of generating an optimized executable configuration query engine is disclosed. A set of one or more immutable configuration parameters associated with a configurable service or a configurable application is received. At least a portion of a set of configuration data in a configuration database and at least a portion of the set of one or more immutable configuration parameters are transformed into a set of data and code in a compiler-readable format. An optimized subset of the set of configuration data in the configuration database is selected based at least in part on the set of one or more immutable configuration parameters. An optimized executable configuration query engine is generated based at least in part on the set of one or more immutable configuration parameters, wherein the optimized executable configuration query engine serves configuration data from the selected optimized subset of the set of configuration data.
-
公开(公告)号:US20210227040A1
公开(公告)日:2021-07-22
申请号:US17223098
申请日:2021-04-06
发明人: David C. Carver , Thomas Houman , Andrew F. Champagne , Vladimir Shtokman , Patrick Alexander Deegan , Ramanath Mallikarjuna
摘要: A high-performance distributed ledger and transaction computing network fabric over which large numbers of transactions (involving the transformation, conversion or transfer of information or value) are processed concurrently in a scalable, reliable, secure and efficient manner. In one embodiment, the computing network fabric or “core” is configured to support a distributed blockchain network that organizes data in a manner that allows communication, processing and storage of blocks of the chain to be performed concurrently, with little synchronization, at very high performance and low latency, even when the transactions themselves originate from distant sources. This data organization relies on segmenting a transaction space within autonomous but cooperating computing nodes that are configured as a processing mesh. Each computing node typically is functionally-equivalent to all other nodes in the core. The nodes operate on blocks independently from one another while still maintaining a consistent and logically-complete view of the blockchain as a whole.
-
45.发明申请公开(公告)号:US20210211305A1
公开(公告)日:2021-07-08
申请号:US17209614
申请日:2021-03-23
摘要: A service consumer that utilizes a cloud-based access service provided by a service provider has associated therewith a network that is not capable of being controlled by the service provider. An enterprise connector is supported in this uncontrolled network, preferably as an appliance-based solution. According to this disclosure, the enterprise configures an appliance and then deploys it in the uncontrolled network. To this end, an appliance is required to proceed through a multi-stage approval protocol before it is accepted as a “connector” and is thus enabled for secure communication with the service provider. The multiple stages include a “first contact” (back to the service) stage, an undergoing approval stage, a re-generating identity material stage, and a final approved and configured stage. Unless the appliance passes through these stages, the appliance is not permitted to interact with the service as a connector. As an additional aspect, the service provides various protections for addressing scenarios wherein entities masquerade as approved appliances.
-
公开(公告)号:US20210203709A1
公开(公告)日:2021-07-01
申请号:US16821176
申请日:2020-03-17
发明人: Michael Archer
摘要: This disclosure provides embedding a messaging channel directly into a media stream, where messages delivered via the embedded messaging channel are the extracted at a client media player. An advantage of embedding a message is that it can be done in a single ingest point and then passes transparently through a CDN architecture, effectively achieving message replication using the native CDN media delivery infrastructure.
-
公开(公告)号:US20210203697A1
公开(公告)日:2021-07-01
申请号:US17181861
申请日:2021-02-22
发明人: Mangesh Kasbekar
摘要: This disclosure provides for a network element (in the middle) to inject enrichments into SSL connections, and for taking them out. This network element is sometimes referred to herein as a “middle box.” In the context of layered software architecture, this solution preferably is implemented by a library that operates below the SSL layer and above the TCP sockets layer at the two endpoints of the SSL connection. Preferably, the SSL enrichments are implemented as SSL/TLS records.
-
公开(公告)号:US20210194775A1
公开(公告)日:2021-06-24
申请号:US17195281
申请日:2021-03-08
摘要: An analysis system automates IP address structure discovery by deep analysis of sample IPv6 addresses using a set of computational methods, namely, information-theoretic analysis, machine learning, and statistical modeling. The system receives a sample set of IP addresses, computes entropies, discovers and mines address segments, builds a network model of address segment inter-dependencies, and provides a graphical display with various plots and tools to enable a network analyst to navigate and explore the exposed IPv6 address structure. The structural information is then applied as input to applications that include: (a) identifying homogeneous groups of client addresses, e.g., to assist in mapping clients to content in a CDN; (b) supporting network situational awareness efforts, e.g., in cyber defense; (c) selecting candidate targets for active measurements, e.g., traceroutes campaigns, vulnerability assessments, or reachability surveys; and (d) remotely assessing a network's addressing plan and address assignment policy.
-
49.发明申请公开(公告)号:US20210182895A1
公开(公告)日:2021-06-17
申请号:US16872695
申请日:2020-05-12
摘要: A set of transaction handling computing elements comprise a network core that receive and process transaction requests into an append-only immutable chain of data blocks, wherein a data block is a collection of transactions, and wherein an Unspent Transaction Output (UTXO) data structure supporting the immutable chain of data blocks is an output from a finalized transaction. Typically, the UTXO data structure consists essentially of an address and a value. In this approach, at least one UTXO data structure is configured to include information either in addition to or in lieu of the address and value, thereby defining a Transaction Output (TXO). A TXO may have a variety of types, and one type includes an attribute that encodes data. In response to receipt of a request to process a transaction, the set of transaction handling computing elements are executed to process the transaction into a block using at least the information in the TXO.
-
公开(公告)号:US11038854B2
公开(公告)日:2021-06-15
申请号:US15588907
申请日:2017-05-08
发明人: Charles E. Gero , Jeremy N. Shapiro , Dana J. Burd
摘要: An Internet infrastructure delivery platform (e.g., operated by a service provider) provides an RSA proxy “service” as an enhancement to the SSL protocol that off-loads the decryption of the encrypted pre-master secret (ePMS) to an external server. Using this service, instead of decrypting the ePMS “locally,” the SSL server proxies (forwards) the ePMS to an RSA proxy server component and receives, in response, the decrypted pre-master secret. In this manner, the decryption key does not need to be stored in association with the SSL server.
-
-
-
-
-
-
-
-
-
搜索结果
965 条记录 (耗时 0.045 秒)
