-
公开(公告)号:US20160127333A1
公开(公告)日:2016-05-05
申请号:US14530128
申请日:2014-10-31
申请人: Kapil Sood , Jeffrey B. Shaw , John R. Fastabend
发明人: Kapil Sood , Jeffrey B. Shaw , John R. Fastabend
CPC分类号: H04L63/06 , H04L9/0861 , H04L9/0877 , H04L9/088 , H04L9/0891 , H04L9/3234 , H04L63/0272 , H04L63/0428 , H04L63/20 , H04L2209/80
摘要: Technologies for secure inter-virtual network function communication include a computing device to determine a cryptographic key for secure communication over at least one of an inter-virtual network function (VNF) network, an inter-virtual network function component (VNFC) network, or a VNF-VNFC network based on a security policy of the computing device; and. The computing device securely communicates over at least one of the inter-VNF, inter-VNFC, or VNF-VNFC network based on the determined cryptographic key.
摘要翻译: 用于安全的虚拟网络功能通信的技术包括计算设备,用于通过虚拟网络功能(VNF)网络,虚拟网络功能组件(VNFC)网络或虚拟网络功能组件(VNFC)网络中的至少一个来确定用于安全通信的密码密钥, 基于计算设备的安全策略的VNF-VNFC网络; 和。 计算设备基于所确定的加密密钥,通过VNF,VNFC-VNF-VNFC网络中的至少一个安全地进行通信。
-
公开(公告)号:US08930580B2
公开(公告)日:2015-01-06
申请号:US13472422
申请日:2012-05-15
申请人: Ned Smith , Jesse Walker , Kapil Sood
发明人: Ned Smith , Jesse Walker , Kapil Sood
CPC分类号: H04L63/10 , G06F9/45558 , G06F2009/45587 , H04L63/14
摘要: In a processor based system comprising a plurality of logical machines, selecting a logical machine of the system to serve as a host; the host communicating with a policy decision point (PDP) of a network to provision a data channel interconnecting the processor based system and the network and to provision a logical data channel interconnecting each logical machine of the system to the network.
摘要翻译: 在包括多个逻辑机器的基于处理器的系统中,选择系统的逻辑机器用作主机; 主机与网络的策略决策点(PDP)进行通信,以提供互连基于处理器的系统和网络的数据信道,并且提供将系统的每个逻辑机器互连到网络的逻辑数据信道。
-
53.发明授权公开(公告)号:US08826378B2
公开(公告)日:2014-09-02
申请号:US12655024
申请日:2009-12-22
申请人: David Durham , Ravi Sahita , Karanvir Grewal , Ned Smith , Kapil Sood
发明人: David Durham , Ravi Sahita , Karanvir Grewal , Ned Smith , Kapil Sood
CPC分类号: H04L63/10 , G06F2221/2141 , H04L9/3234 , H04L9/3247 , H04L9/3263 , H04L63/0209 , H04L63/08 , H04L63/20
摘要: Architectures and techniques that allow a firmware agent to operate as a tamper-resistant agent on a host platform that may be used as a trusted policy enforcement point (PEP) on the host platform to enforce policies even when the host operating system is compromised. The PEP may be used to open access control and/or remediation channels on the host platform. The firmware agent may also act as a local policy decision point (PDP) on the host platform in accordance with an authorized enterprise PDP entity by providing policies if a host trust agent is non-responsive and may function as a passive agent when the host trust agent is functional.
-
54.发明授权Method and apparatus for extending transport layer security protocol for power-efficient wireless security processing 有权用于扩展传输层安全协议以实现高效无线安全处理的方法和装置公开(公告)号:US08769257B2
公开(公告)日:2014-07-01
申请号:US12343119
申请日:2008-12-23
申请人: Kapil Sood
发明人: Kapil Sood
IPC分类号: H04L29/06
CPC分类号: H04W12/02 , H04L63/0428 , H04L63/162 , H04L63/166 , H04W92/10 , Y02D70/1262 , Y02D70/142 , Y02D70/146
摘要: Embodiments of the invention relate to apparatus, system and method for security extensions to the IETF Transport Layer Protocol (TLS) and IPsec standards that enable wireless devices to perform power-efficient and streamlined security packet processing. Embodiments of the invention enable a processor to use its existing cryptographic processing engines (e.g., AES-CCM) to perform TLS and IPsec security processing. Packets processed for WLAN and TLS security are processed pipelined, eliminating the multi-loop processing that currently exists, and decreases power consumed to process each packet. In addition, the host/chipset complex is woken up after all security processing has been done in the WNIC.
摘要翻译: 本发明的实施例涉及使IETF传输层协议(TLS)和IPsec标准的安全扩展的装置,系统和方法,其使得无线设备能够执行功率高效且简化的安全分组处理。 本发明的实施例使得处理器能够使用其现有的加密处理引擎(例如,AES-CCM)来执行TLS和IPsec安全处理。 为WLAN和TLS安全处理的数据包进行流水线处理,消除了当前存在的多循环处理,并减少了处理每个数据包的功耗。 此外,在WNIC完成所有安全处理之后,主机/芯片组复合体被唤醒。
-
55.发明授权公开(公告)号:US08453197B2
公开(公告)日:2013-05-28
申请号:US11518005
申请日:2006-09-07
申请人: Tsung-Yuan Charles Tai , Kapil Sood
发明人: Tsung-Yuan Charles Tai , Kapil Sood
IPC分类号: G06F17/00
CPC分类号: G06F21/57 , G06F8/61 , G06F9/45545 , G06F9/45558 , G06F9/5077 , G06F21/53 , G06F2009/45587
摘要: A method, apparatus and system enable a temporary partition on a host to be isolated. More specifically, a temporary partition may be initialized in a partitioned host, assigned its own security policy and given the necessary resources to complete a task. Thereafter, the temporary partition may be dismantled. Since the temporary partition is isolated from the remaining partitions on the host, the temporary partition may be allowed to run a “weaker” security policy than the rest of the partitions because the isolation of the temporary partition ensures that the security of the remaining partitions may remain uncompromised.
摘要翻译: 方法,装置和系统使主机上的临时分区能够被隔离。 更具体地说,可以在分配的主机中初始化临时分区,分配其自己的安全策略并给出必要的资源来完成任务。 此后,可以拆除临时隔离物。 由于临时分区与主机上的剩余分区隔离,因此临时分区可能会比其他分区运行“较弱”的安全策略,因为临时分区的隔离可确保其余分区的安全性 保持不妥协
-
公开(公告)号:US08369254B2
公开(公告)日:2013-02-05
申请号:US11823607
申请日:2007-06-28
申请人: Kapil Sood , Christian Maciocco
发明人: Kapil Sood , Christian Maciocco
IPC分类号: G08C17/00
CPC分类号: H04L12/66 , H04W52/0229 , H04W52/0235 , H04W52/028 , H04W68/025 , Y02D70/00 , Y02D70/142 , Y02D70/146 , Y02D70/23
摘要: An intelligent network interface apparatus to provide always-on, always-connected processing for call signals is described. One embodiment of the apparatus includes logic to selectively handle incoming call signals even when a computer to which the apparatus is operably connected is unavailable (e.g., asleep). The apparatus may also include logic for selectively waking up a sleeping computer upon determining that incoming call signals indicate that a communication with the computer is desired. The incoming call signals may be associated with a voice over internet protocol (VoIP) communication.
-
57.发明授权Method and apparatus for supporting a virtual private network architecture on a partitioned platform 有权用于在分区平台上支持虚拟专用网络架构的方法和装置公开(公告)号:US08281387B2
公开(公告)日:2012-10-02
申请号:US11479609
申请日:2006-06-30
申请人: Ajay Gupta , Jeong Yoon , Jesse Walker , Kapil Sood , Karanvir Grewal , Hormuzd M. Khosravi
发明人: Ajay Gupta , Jeong Yoon , Jesse Walker , Kapil Sood , Karanvir Grewal , Hormuzd M. Khosravi
IPC分类号: G06F9/00
CPC分类号: H04L63/0272 , G06F21/562
摘要: A computer system includes a service partition, not directly accessible to a user, having a security agent to inspect data entering and exiting the computer system on a virtual private network (VPN) tunnel, and a service partition VPN unit to communicate with a VPN gateway. The computer system also includes a user partition, accessible to a user, having a user partition VPN unit to initiate construction of the VPN tunnel with the VPN gateway. Other embodiments are described and claimed.
摘要翻译: 计算机系统包括不能直接访问用户的服务分区,具有用于检查在虚拟专用网(VPN)隧道上进入和退出计算机系统的数据的安全代理以及与VPN网关通信的服务分区VPN单元 。 计算机系统还包括用户可访问的用户分区,具有用户分区VPN单元以启动与VPN网关的VPN隧道的构建。 描述和要求保护其他实施例。
-
58.发明授权公开(公告)号:US08274908B2
公开(公告)日:2012-09-25
申请号:US12460838
申请日:2009-07-24
申请人: Chih-Fan Hsin , Kapil Sood
发明人: Chih-Fan Hsin , Kapil Sood
摘要: Apparatuses, methods, systems, and computer program products to process QoS packets of wireless traffic without explicit control negotiations are disclosed. An embodiment may comprise a mobile computing device with wireless communications capabilities. The mobile computing device may be a client that associates or connects with an access point or communicates another client device, such as a peripheral device with wireless capabilities. The mobile computing device may monitor wireless packet traffic being transmitted from the mobile computing device. For example, the mobile computing device may monitor the packets being transmitted from a video streaming application to the peripheral device, which may comprise an LCD monitor that has wireless communications capabilities. The mobile computing device may mark the packets of the video stream as QoS packets even though the video streaming application may not do so, and place the marked packets in a QoS queue for priority processing.
摘要翻译: 公开了在没有明确的控制协商的情况下处理无线流量的QoS分组的装置,方法,系统和计算机程序产品。 实施例可以包括具有无线通信能力的移动计算设备。 移动计算设备可以是与接入点相关联或连接或传送另一客户端设备(例如具有无线能力的外围设备)的客户端。 移动计算设备可以监视从移动计算设备发送的无线分组业务。 例如,移动计算设备可以监视从视频流应用发送到外围设备的分组,其可以包括具有无线通信能力的LCD监视器。 移动计算设备可以将视频流的分组标记为QoS分组,即使视频流应用可能不这样做,并且将标记的分组置于QoS队列中以进行优先处理。
-
公开(公告)号:US20120226825A1
公开(公告)日:2012-09-06
申请号:US13472422
申请日:2012-05-15
申请人: Ned Smith , Jesse Walker , Kapil Sood
发明人: Ned Smith , Jesse Walker , Kapil Sood
IPC分类号: G06F15/16
CPC分类号: H04L63/10 , G06F9/45558 , G06F2009/45587 , H04L63/14
摘要: In a processor based system comprising a plurality of logical machines, selecting a logical machine of the system to serve as a host; the host communicating with a policy decision point (PDP) of a network to provision a data channel interconnecting the processor based system and the network and to provision a logical data channel interconnecting each logical machine of the system to the network.
摘要翻译: 在包括多个逻辑机器的基于处理器的系统中,选择系统的逻辑机器用作主机; 主机与网络的策略决策点(PDP)进行通信,以提供互连基于处理器的系统和网络的数据信道,并且提供将系统的每个逻辑机器互连到网络的逻辑数据信道。
-
公开(公告)号:US08180923B2
公开(公告)日:2012-05-15
申请号:US11290408
申请日:2005-11-29
申请人: Ned Smith , Jesse Walker , Kapil Sood
发明人: Ned Smith , Jesse Walker , Kapil Sood
IPC分类号: G06F15/16
CPC分类号: H04L63/10 , G06F9/45558 , G06F2009/45587 , H04L63/14
摘要: In a processor based system comprising a plurality of logical machines, selecting a logical machine of the system to serve as a host; the host communicating with a policy decision point (PDP) of a network to provision a data channel interconnecting the processor based system and the network and to provision a logical data channel interconnecting each logical machine of the system to the network.
摘要翻译: 在包括多个逻辑机器的基于处理器的系统中,选择系统的逻辑机器用作主机; 主机与网络的策略决策点(PDP)进行通信,以提供互连基于处理器的系统和网络的数据信道,并且提供将系统的每个逻辑机器互连到网络的逻辑数据信道。
-
-
-
-
-
-
-
-
-
搜索结果
133 条记录 (耗时 0.018 秒)
