利索-全球专利检索

  1. 登录
  2. 注册

搜索结果

60 条记录 (耗时 0.029 秒)

    METHOD AND APPARATUS FOR ASSIGNING NETWORK ADDRESSES BASED ON CONNECTION AUTHENTICATION
    42.
    发明申请
    METHOD AND APPARATUS FOR ASSIGNING NETWORK ADDRESSES BASED ON CONNECTION AUTHENTICATION 有权
    基于连接认证的网络地址分配方法与装置

    公开(公告)号:US20090138619A1

    公开(公告)日:2009-05-28

    申请号:US12362857

    申请日:2009-01-30

    申请人: John M. Schnizlein Ralph Droms

    发明人: John M. Schnizlein Ralph Droms

    IPC分类号: G06F15/16

    CPC分类号: H04L63/083 H04L61/2015 H04L63/0892 H04L63/101

    摘要: Techniques for assigning a network address to a host are based on authentication for a physical connection between the host and an intermediate device. One approach involves receiving first data at the intermediate device from an authentication and authorization server in response to a request for authentication for the physical connection. The first data indicates at least some of authentication and authorization information. A configuration request message from the host is also received at the intermediate device. The configuration request message is for discovering a logical network address for the host. A second message is generated based on the configuration request message and the first data. The second message is sent to a configuration server that provides the logical network address for the host. The configuration server is then able to provide the logical network address based on authorization and authentication information. The logical network address is thus based on the user, as is desirable to determine accounting information for billing purposes, to provide a minimum quality of service (QoS) according to a contract with the user, or to limit access by the user to the Internet and other services.

    摘要翻译: 将网络地址分配给主机的技术基于主机和中间设备之间的物理连接的认证。 一种方法是响应于物理连接的认证请求,从认证和授权服务器在中间设备接收第一数据。 第一数据表示至少一些认证和授权信息。 来自主机的配置请求消息也在中间设备处被接收。 配置请求消息用于发现主机的逻辑网络地址。 基于配置请求消息和第一数据生成第二消息。 第二个消息被发送到为主机提供逻辑网络地址的配置服务器。 配置服务器能够根据授权和认证信息提供逻辑网络地址。 因此,逻辑网络地址基于用户,为了计费目的而确定会计信息是期望的,以根据与用户的合同提供最低服务质量(QoS),或者限制用户对因特网的访问 和其他服务。

    Role aware network security enforcement
    45.
    发明申请
    Role aware network security enforcement 有权
    角色感知网络安全执法

    公开(公告)号:US20070214352A1

    公开(公告)日:2007-09-13

    申请号:US11373727

    申请日:2006-03-10

    申请人: Sean Convery David Oran James Rivers John Schnizlein Ralph Droms Mark Stapp

    发明人: Sean Convery David Oran James Rivers John Schnizlein Ralph Droms Mark Stapp

    IPC分类号: H04L9/00

    CPC分类号: H04L63/0263 H04L29/12301 H04L61/2076 H04L63/0236 H04L63/101 H04L63/102 H04L63/20 H04W12/08

    摘要: Generating a binding between a source address and one or more roles of a user accessing the network and distributing the binding to a filter node. The source address is currently assigned to the device. The binding may be generated by one or more nodes on an ingress path used during authentication of the user. The binding may be distributed to the filter node on demand or without any request from the filter node. Responsive to a determination that the user is associated with a new source address, a new binding is generated to associate a new source address with the one or more roles for the user. The new binding is distributed to the filter node. Another aspect is a method of enforcing a role based security policy at a filter node, using bindings of source addresses to roles.

    摘要翻译: 在源地址和访问网络的用户的一个或多个角色之间生成绑定,并将绑定分发到过滤器节点。 源地址当前分配给设备。 绑定可以由用户认证期间使用的入口路径上的一个或多个节点生成。 绑定可以根据需要分配到过滤节点,也可以不经过过滤器节点的任何请求。 响应于确定用户与新的源地址相关联,生成新的绑定以将新的源地址与用户的一个或多个角色相关联。 新的绑定被分发到过滤器节点。 另一方面是在过滤器节点上使用源地址绑定到角色来实施基于角色的安全策略的方法。

    Neighbor discovery in cable networks
    46.
    发明申请
    Neighbor discovery in cable networks 有权
    有线网络中的邻居发现

    公开(公告)号:US20050265261A1

    公开(公告)日:2005-12-01

    申请号:US11026641

    申请日:2004-12-30

    申请人: Ralph Droms Madhu Sudan

    发明人: Ralph Droms Madhu Sudan

    IPC分类号: H04L12/28

    CPC分类号: H04L12/2801

    摘要: A network device has a communications link to allow the device to communicate with customer devices and a processor. The processor is to receive neighbor discovery messages from requesting customer devices, examine the neighbor discovery messages to determine if the neighbor discovery message should be forwarded to other of the customer devices, and respond to the requesting customer devices.

    摘要翻译: 网络设备具有通信链路以允许设备与客户设备和处理器进行通信。 处理器将从请求客户设备接收邻居发现消息,检查邻居发现消息以确定邻居发现消息是否应转发给其他客户设备,并响应请求的客户设备。

    Isolation approach for network users associated with elevated risk
    47.
    发明申请
    Isolation approach for network users associated with elevated risk 有权
    与风险升高相关的网络用户的隔离方法

    公开(公告)号:US20050204162A1

    公开(公告)日:2005-09-15

    申请号:US10797773

    申请日:2004-03-09

    申请人: Mark Rayes Michael Cheung Ralph Droms Petre Dini

    发明人: Mark Rayes Michael Cheung Ralph Droms Petre Dini

    IPC分类号: H04L9/00

    CPC分类号: H04L63/1433 H04L61/103 H04L61/2015 H04L61/2061 H04L63/101 H04L63/1408

    摘要: An isolation approach for network users associated with elevated risk is disclosed for protecting networks. In one approach a method comprises the computer-implemented steps of determining a user identifier associated with a network device that has caused a security event in a network; causing the network device to receive a network address that is selected from a subset of addresses within a specified pool associated with suspected malicious network users; and configuring one or more security restrictions with respect to the selected network address.

    摘要翻译: 为了保护网络,披露了与提高风险相关联的网络用户的隔离方法。 在一种方法中,一种方法包括计算机实现的步骤:确定与已经在网络中引起安全事件的网络设备相关联的用户标识符; 使得网络设备接收从与可疑恶意网络用户相关联的指定池内的地址子集中选择的网络地址; 以及针对所选择的网络地址配置一个或多个安全限制。

    Automated network device provisioning using dynamic host configuration protocol
    48.
    发明授权
    Automated network device provisioning using dynamic host configuration protocol 有权
    使用动态主机配置协议的自动网络设备配置

    公开(公告)号:US08918531B2

    公开(公告)日:2014-12-23

    申请号:US12437404

    申请日:2009-05-07

    申请人: Rajiv Asati Ralph Droms Vijay Bollapragada

    发明人: Rajiv Asati Ralph Droms Vijay Bollapragada

    IPC分类号: G06F15/16 H04L12/715 H04L12/24 H04L12/46 H04L29/12

    CPC分类号: H04L41/0823 H04L12/4641 H04L41/0806 H04L41/0816 H04L41/0886 H04L45/04 H04L61/2015

    摘要: In an embodiment, an electronic digital data packet router performs receiving a DHCP initiation message on a particular interface among a plurality of network interfaces,; modifying the DHCP initiation message by adding a particular DHCP option that signals a DHCP server to provide router configuration data, resulting in a modified DHCP initiation message; relaying the modified DHCP initiation message to the DHCP server; receiving, from the DHCP server, a DHCPOFFER message that comprises the particular DHCP option containing configuration data; configuring the router using the configuration data; relaying the DHCPOFFER message without the particular DHCP option on the particular interface toward another data packet router.

    摘要翻译: 在一个实施例中,电子数字数据包路由器在多个网络接口之间的特定接口上执行DHCP发起消息; 通过添加特定的DHCP选项来修改DHCP启动消息,该选项指示DHCP服务器提供路由器配置数据,导致修改的DHCP启动消息; 将修改的DHCP启动消息中继到DHCP服务器; 从DHCP服务器接收包含包含配置数据的特定DHCP选项的DHCPOFFER消息; 使用配置数据配置路由器; 将特定接口上没有特定DHCP选项的DHCPOFFER消息中继到另一个数据包路由器。

    DYNAMICALLY DETERMINING HOSTNAMES OF NETWORK DEVICES
    49.
    发明申请
    DYNAMICALLY DETERMINING HOSTNAMES OF NETWORK DEVICES 有权
    动态确定网络设备的主机

    公开(公告)号:US20120314624A1

    公开(公告)日:2012-12-13

    申请号:US13155358

    申请日:2011-06-07

    申请人: Rajiv Asati Ralph Droms

    发明人: Rajiv Asati Ralph Droms

    IPC分类号: H04L12/28

    CPC分类号: H04L61/1511 H04L41/0883 H04L61/2015 H04L61/2076 H04L61/2092

    摘要: Techniques are disclosed for dynamically determining or learning hostnames. According to embodiments described herein, a solicitation message is received at a first network device. Based on the solicitation message, a hostname is determined for a second network device that sent the solicitation message. A first network address is also determined for the second network device that sent the solicitation message. A mapping between the hostname and the first network address is stored at the first network device.

    摘要翻译: 公开了用于动态地确定或学习主机名的技术。 根据本文描述的实施例,在第一网络设备处接收到请求消息。 基于请求消息,为发送请求消息的第二网络设备确定主机名。 还为发送请求消息的第二网络设备确定第一网络地址。 主机名和第一个网络地址之间的映射存储在第一个网络设备上。

    Method and apparatus for assigning network addresses based on connection authentication
    50.
    发明授权
    Method and apparatus for assigning network addresses based on connection authentication 有权
    基于连接认证分配网络地址的方法和装置

    公开(公告)号:US07886149B2

    公开(公告)日:2011-02-08

    申请号:US12362857

    申请日:2009-01-30

    申请人: John M. Schnizlein Ralph Droms

    发明人: John M. Schnizlein Ralph Droms

    IPC分类号: H04L9/32 H04L29/06 G06F17/00 G06F15/16 G06F15/177 G06F15/173

    CPC分类号: H04L63/083 H04L61/2015 H04L63/0892 H04L63/101

    摘要: Techniques for assigning a network address to a host are based on authentication for a physical connection between the host and an intermediate device. One approach involves receiving first data at the intermediate device from an authentication and authorization server in response to a request for authentication for the physical connection. The first data indicates at least some of authentication and authorization information. A configuration request message from the host is also received at the intermediate device. The configuration request message is for discovering a logical network address for the host. A second message is generated based on the configuration request message and the first data. The second message is sent to a configuration server that provides the logical network address for the host. The configuration server is then able to provide the logical network address based on authorization and authentication information.

    摘要翻译: 将网络地址分配给主机的技术基于主机和中间设备之间的物理连接的认证。 一种方法是响应于物理连接的认证请求,从认证和授权服务器在中间设备接收第一数据。 第一数据表示至少一些认证和授权信息。 来自主机的配置请求消息也在中间设备处被接收。 配置请求消息用于发现主机的逻辑网络地址。 基于配置请求消息和第一数据生成第二消息。 第二个消息被发送到为主机提供逻辑网络地址的配置服务器。 配置服务器能够根据授权和认证信息提供逻辑网络地址。