-
公开(公告)号:US20080244264A1
公开(公告)日:2008-10-02
申请号:US12040589
申请日:2008-02-29
IPC分类号: H04L9/32
CPC分类号: H04L9/3268 , H04L63/0823 , H04L2209/80
摘要: To validate a certificate of a service provider apparatus, a service receiving apparatus determines a certificate validation method on based on a combination of the performance of the service receiving apparatus, the performance of a CRL repository apparatus, the performance of a certificate validation apparatus, and the performance of a network, and performs validation of a certificate by the determined method. Furthermore, to validate a certificate of a service provider apparatus, a service receiving apparatus requests a method selection apparatus to validate the certificate, and the method selection apparatus determines a certificate validation method based on a combination of the performance of the method selection apparatus, the performance of the CRL repository apparatus, the performance of the certificate validation apparatus and the performance of the network, validates the certificate by the determined method, and notifies a validation result to the service receiving apparatus.
摘要翻译: 为了验证服务提供商设备的证书,服务接收设备基于服务接收设备的性能,CRL存储库设备的性能,证书验证设备的性能以及证书验证设备的性能,以及 网络的性能,并通过确定的方法执行证书的验证。 此外,为了验证服务提供商装置的证书,服务接收装置请求方法选择装置对证书进行验证,并且方法选择装置基于方法选择装置的性能的组合来确定证书验证方法, CRL存储库装置的性能,证书验证装置的性能和网络的性能,通过确定的方法验证证书,并将验证结果通知给服务接收装置。
-
公开(公告)号:US07337465B2
公开(公告)日:2008-02-26
申请号:US10695944
申请日:2003-10-30
CPC分类号: H04L63/164 , H04L63/104 , H04L63/20 , H04L67/18 , H04L67/24 , H04W4/02
摘要: A peer-to-peer communication apparatus connected to an IP network acquires, from a peer's communication apparatus, presence information including information for judging a communication security environment of the peer's communication apparatus and a security policy to be applied by the peer's communication apparatus to a packet, displays the presence information and security policy information such that a user can judge the prosperity of the security policy information based on the presence information, and processes a data packet to be transmitted to the peer's communication apparatus in accordance with the security policy approved by the user.
摘要翻译: 连接到IP网络的点对点通信装置从对等体的通信装置获取包括用于判断对等体的通信装置的通信安全环境的信息的存在信息和对等体的通信装置应用于的对等体的通信装置的安全策略 分组,显示存在信息和安全策略信息,使得用户可以基于存在信息来判断安全策略信息的繁荣,并且根据由对等体的通信设备通过的安全策略处理要传送到对等体的通信设备的数据分组 用户。
-
公开(公告)号:US20080016335A1
公开(公告)日:2008-01-17
申请号:US11762412
申请日:2007-06-13
申请人: Aya Takahashi , Hisao Sakazaki , Seiichi Susaki , Kazuko Hamaguchi , Katsuyuki Umezawa , Ken Kobayashi , Kazuyoshi Hoshino
发明人: Aya Takahashi , Hisao Sakazaki , Seiichi Susaki , Kazuko Hamaguchi , Katsuyuki Umezawa , Ken Kobayashi , Kazuyoshi Hoshino
IPC分类号: H04L9/32
CPC分类号: H04L9/3263
摘要: Upon issuance of an attribute certificate, an attribute authority apparatus makes a determination policy available. The determination policy includes information designating at least one item to be checked by a service provider apparatus for determination to be made to verify the attribute certificate, and a criterion for the determination. The determination policy may be recorded in the attribute certificate, or released to public, or made available by issuing a determination policy certificate released to public. Information for obtaining the determination policy certificate may be recorded in or outside the attribute certificate and furnished to the service provider apparatus. In order to verify an attribute certificate transmitted from a user terminal, a service provider apparatus obtains the determination policy, and determines whether data in the at least one item designated in the determination policy fulfill the criterion recorded in the determination policy.
摘要翻译: 在发布属性证书时,属性授权装置使得确定策略可用。 确定策略包括指定要由服务提供商设备检查的至少一个项目的信息,以确定要验证属性证书,以及用于确定的标准。 确定政策可以记录在属性证书中,或者发布给公众,或者通过发布给公众的决定政策证书提供。 用于获得确定政策证书的信息可以记录在属性证书内部或外部,并提供给服务提供商设备。 为了验证从用户终端发送的属性证书,服务提供者装置获得确定策略,并且确定在确定策略中指定的至少一个项目中的数据是否满足在确定策略中记录的准则。
-
公开(公告)号:US20050210113A1
公开(公告)日:2005-09-22
申请号:US11079274
申请日:2005-03-15
摘要: Presence information is shared between a plurality of applications, to grasp a change of presence information of a different kind of application. An IM(X) server 3 receives a notification of a change of presence information from a client A1 (S902), and sends a change notification message for notifying the change of the presence information to a presence server 5 (S906). Then, the presence server 5 sends the change notification message received from the IM(X) server 3 to the IM(Y) server 4 (S908). The IM(Y) server 4 sends the change notification message received from the presence server 5 to a client B2 (S910).
摘要翻译: 存在信息在多个应用之间共享,以掌握不同种类的应用的存在信息的改变。 IM(X)服务器3接收来自客户端A 1的存在信息的更改的通知(S902),并且向存在服务器5发送用于通知存在信息的改变的改变通知消息(S106)。 然后,存在服务器5将从IM(X)服务器3接收到的改变通知消息发送到IM(Y)服务器4(S908)。 IM(Y)服务器4将从呈现服务器5接收到的改变通知消息发送给客户端B 2(S 910)。
-
公开(公告)号:US20050185577A1
公开(公告)日:2005-08-25
申请号:US11115125
申请日:2005-04-27
CPC分类号: H04J14/0295 , H04J14/0227 , H04J14/0241 , H04J14/0278 , H04J14/0283 , H04J14/029 , H04J14/0294 , H04J14/0297 , H04L43/00 , H04L43/0829 , H04L43/0847 , H04L43/10 , H04L43/16
摘要: In an IP packet communication apparatus, an operation and maintenance function capable of monitoring a transmission path is provided to a layer used to process a packet, which corresponds to an upper layer of an optical network. As one method for applying the operation and maintenance function to the packet layer, in the case of IP over PPP over WDM, an operation/maintenance frame is defined to a PPP frame so as to realize the operation/maintenance function of a PPP connection. In the case that a plurality of connections are multiplexed on the same transmission path, a maintenance frame is conducted in order to operate/manage these connections by being grouped, so that a fault occurring in the optical network is monitored. As another method for applying the operation and maintenance function to the packet layer, an operation/maintenance frame is defined to an IP packet so as to realize an operation and maintenance function of an IP flow. Also, since a plurality of flows are multiplexed on the same transmission path, a management packet is defined to operate/manage these flows to be grouped, so that a fault occurring the in the optical network is monitored.
摘要翻译: 在IP分组通信装置中,向用于处理对应于光网络的上层的分组的层提供能够监视传输路径的操作和维护功能。 作为对分组层应用操作和维护功能的一种方法,在通过WDM通过PPP的IP的情况下,将操作/维护帧定义为PPP帧,以实现PPP连接的操作/维护功能。 在多个连接被复用在同一传输路径上的情况下,进行维护帧以通过分组来操作/管理这些连接,从而监视在光网络中发生的故障。 作为对分组层应用操作和维护功能的另一种方法,将IP分组定义为操作/维护帧,以实现IP流的操作和维护功能。 此外,由于多个流在同一传输路径上多路复用,所以管理分组被定义为对这些流进行分组操作/管理,从而监视在光网络中发生的故障。
-
公开(公告)号:US20130212257A1
公开(公告)日:2013-08-15
申请号:US13634779
申请日:2012-02-14
IPC分类号: H04L12/26
CPC分类号: H04L43/00 , H04L41/0631 , H04L41/065
摘要: To analyze the cause if an event occurred to a plurality of monitoring targets. A monitoring computer 101 includes a general rule storing part 136 configured to store a general rule, wherein the general rule previously associates a first event which can occur in any of the plurality of monitoring targets and a second event which can cause the first event, an correlation rule generating part 129 configured to generate an correlation rule, wherein the correlation rule is created based on the general rule and configuration information, and in the case where a predetermined number or more of events corresponding to the second events are detected, the correlation rule indicates that an event corresponding to the first event will occur, and an analyzing part 125 configured to analyze a cause of an event indicated by the event information based on received event information and the correlation rule.
摘要翻译: 分析多个监控对象发生事件的原因。 监视计算机101包括被配置为存储一般规则的一般规则存储部分136,其中所述通用规则先前关联可以在多个监视目标中的任何一个中发生的第一事件和可以导致第一事件的第二事件, 相关规则生成部129,其被配置为生成相关规则,其中,基于一般规则和配置信息创建所述相关规则,并且在检测到与所述第二事件相对应的事件的预定数量或更多个的情况下,所述相关规则 指示将发生与第一事件相对应的事件,分析部分125被配置为基于接收的事件信息和相关规则来分析由事件信息指示的事件的原因。
-
57.发明授权Information service communication network system and session management server 失效信息服务通信网络系统和会话管理服务器公开(公告)号:US08271667B2
公开(公告)日:2012-09-18
申请号:US11086430
申请日:2005-03-23
IPC分类号: G06F15/16 , G06F15/177 , G06F15/173 , H04L12/16
CPC分类号: H04L63/083 , H04L29/06027 , H04L65/1006 , H04L65/403 , H04L67/14 , H04M15/57 , H04M15/8228 , H04M2215/208 , H04M2215/7833
摘要: A session management server, which is provided with a service determination table having a plurality of entries each indicating a service identifier in association with possible particular items of information which may be extracted from a session setup request packet, receives a session setup request packet issued from a client to a particular application server and determines whether the client terminal is authorized to receive an information service by referring to the determination table, in place of the particular application server. When the determination results in success, the session setup request packet is forwarded to the particular application server.
摘要翻译: 会话管理服务器提供有具有多个条目的服务确定表,每个条目指示与可能从会话建立请求包中提取的可能的特定信息项相关联的服务标识符,接收从 客户端到特定应用服务器,并且通过参考确定表来确定客户终端是否被授权接收信息服务,代替该特定应用服务器。 当确定结果成功时,会话建立请求分组被转发到特定应用服务器。
-
公开(公告)号:US07984494B2
公开(公告)日:2011-07-19
申请号:US11490189
申请日:2006-07-21
CPC分类号: H04L29/125 , H04L9/0841 , H04L9/0891 , H04L61/2564 , H04L63/0428 , H04L63/164 , H04L2209/76
摘要: Provided is a computer system including: a first computer; a second computer including a second processor and a second memory; and a communication controller for controlling communication between the first and second computers, in which: upon reception of a packet from the first computer, the communication controller translates address information of the received packet to transfer the packet to the second computer; the second memory stores SA candidate information as SA information in which a part of the address information is unknown; and the second processor decrypts the packet encrypted by the first computer by using the SA candidate information upon reception of the encrypted packet from the first computer, and creates SA information based on the SA candidate information used for the decryption and the address information of the encrypted packet upon successful decryption of the encrypted packet.
摘要翻译: 提供一种计算机系统,包括:第一计算机; 包括第二处理器和第二存储器的第二计算机; 以及通信控制器,用于控制第一和第二计算机之间的通信,其中:在从第一计算机接收到分组时,通信控制器翻译所接收分组的地址信息以将分组传送到第二计算机; 第二存储器将SA候选信息存储为其中一部分地址信息未知的SA信息; 并且第二处理器在从第一计算机接收到加密分组时通过使用SA候选信息来解密由第一计算机加密的分组,并且基于用于解密的SA候选信息和加密的地址信息来创建SA信息 成功解密加密分组后的分组。
-
59.发明授权VPN composing method, interwork router, packet communication method, data communication apparatus, and packet relaying apparatus 有权VPN组合方法,互通路由器,分组通信方法,数据通信装置和分组中继装置公开(公告)号:US07983281B2
公开(公告)日:2011-07-19
申请号:US11828729
申请日:2007-07-26
IPC分类号: H04L12/46
CPC分类号: H04L45/50 , H04L12/2856 , H04L12/2874 , H04L12/4633 , H04L12/4641
摘要: A method serves to compose a VPN (Virtual Private Network) over a plurality of networks, each of which is managed by a different Internet Service Provider (ISP). When a packet with a first capsule header used for composing a VPN in a first ISP network is transmitted to a second ISP network, a route for outputting the packet to the second ISP network is determined based on the information both in the capsule header and in the IP header. In addition, a second capsule header used for composing a VPN in the second ISP network is determined based on the above information.
摘要翻译: 一种方法用于在多个网络中组成VPN(虚拟专用网络),每个网络由不同的因特网服务提供商(ISP)管理。 当将具有用于组合第一ISP网络中的VPN的第一胶囊头的分组发送到第二ISP网络时,基于胶囊头部和第二ISP网络中的信息来确定用于将分组输出到第二ISP网络的路由 IP头。 此外,基于上述信息确定用于构成第二ISP网络中的VPN的第二胶囊报头。
-
公开(公告)号:US07346670B2
公开(公告)日:2008-03-18
申请号:US10351382
申请日:2003-01-27
IPC分类号: G06F15/16 , G06F15/177 , G06F7/00
CPC分类号: H04L41/0803 , G06F11/2094 , G06F11/2097 , H04L12/4641 , H04L63/0272 , H04L63/083 , H04L67/1097 , H04L69/08
摘要: A secure storage system for securely accessing a storage device on a network and improving volume management scalability, consisting of a client having a VPN capability; a storage device in an SAN; a management apparatus having a means for managing a storage capacity and a logical volume allocated to the storage device; a converter for converting a protocol used in the SAN to a protocol used in a LAN/MAN/WAN and vice versa; and a conversion apparatus having the VPN capability. A VPN is provided between the client and the conversion apparatus. The conversion apparatus is provided with a mapping between the VPN and an access range of the storage device. A VPN-ID is used for identifying the VPN. An address in the logical volume is used for the access range of the storage device.
摘要翻译: 一种用于安全地访问网络上的存储设备并提高卷管理可扩展性的安全存储系统,由具有VPN能力的客户端组成; SAN中的存储设备; 具有管理存储容量的装置和分配给所述存储装置的逻辑卷的管理装置; 用于将SAN中使用的协议转换为LAN / MAN / WAN中使用的协议的转换器,反之亦然; 以及具有VPN能力的转换装置。 在客户端和转换设备之间提供VPN。 转换装置具有VPN与存储装置的访问范围之间的映射。 VPN-ID用于标识VPN。 逻辑卷中的地址用于存储设备的访问范围。
-
-
-
-
-
-
-
-
-
搜索结果
60 条记录 (耗时 0.028 秒)
