公开(公告)号：US07814483B2

公开(公告)日：2010-10-12

申请号：US10578020

申请日：2003-11-04

申请人： Jun Li ,  Junbiao Zhang ,  Snigdha Verma

发明人： Jun Li ,  Junbiao Zhang ,  Snigdha Verma

IPC分类号： G06F9/445 ,  G06F15/16

CPC分类号： H04L67/2847 ,  H04L67/28 ,  H04L67/325

摘要： Remote site downloading of content to a hotspot occurs by way of a cache server, which, when networked the hotspot, processes download, order proxies received from remote content provider servers or content user mobile devices. The cache server stores content files downloaded over the Internet from the content provider servers according to the proxies, and delivers content files to the appropriate mobile devices when they sign in at the hotspot. For example, a set top box at a hotspot can receive an instant message which includes a data set, including cookies, from a personal data assistant. There after, the set top box can download a movie from a movie vendor web site which has been previously ordered and paid for by a user using the personal data assistant over a cellular network, and then wirelessly transmit the movie to the personal data assistant using Wi-Fi protocol when it arrives at the hotspot and is authenticated.

摘要翻译： 将内容远程站点下载到热点通过缓存服务器进行，​​当缓存服务器联网时，热点处理下载，从远程内容提供商服务器或内容用户移动设备接收的订单代理。 缓存服务器根据代理从内容提供商服务器存储通过因特网下载的内容文件，并且当他们在热点登录时将内容文件传递到适当的移动设备。 例如，热点的机顶盒可以从个人数据助理接收包括包括Cookie的数据集的即时消息。 之后，机顶盒可以从先前由用户使用个人数据助理通过蜂窝网络订购和付费的电影供应商网站下载电影，然后使用以下方式将电影无线地传送到个人数据助理： 当Wi-Fi协议到达热点并被认证时。

公开(公告)号：US07680954B2

公开(公告)日：2010-03-16

申请号：US10592885

申请日：2004-03-16

申请人： Junbiao Zhang

发明人： Junbiao Zhang

IPC分类号： G06F15/16

CPC分类号： H04L29/12132 ,  H04L29/12066 ,  H04L61/1511 ,  H04L61/1552

摘要： There is provided a system for resolving a proxy server name for a web browser request issued by a user device in a network. The user device has a browser configured with the proxy server name. The system includes a Domain Name System (DNS) server and a web server. The DNS server generates a private Internet Protocol (IP) address associated with the user device in response to a non-resolvable DNS query from the user device that specifies the proxy server name, and creates a one-to-one mapping that relates the private IP address to the proxy server name. The web server receives a web browser request from the user device. The web browser request has been redirected to the web server and has an original destination IP address equal to the private IP address. The web server identifies the proxy server name from the private IP address using the one-to-one mapping.

摘要翻译： 提供了一种用于解决由网络中的用户设备发布的web浏览器请求的代理服务器名称的系统。 用户设备具有配置有代理服务器名称的浏览器。 该系统包括域名系统（DNS）服务器和Web服务器。 响应于来自指定代理服务器名称的用户设备的不可解析的DNS查询，DNS服务器生成与用户设备相关联的专用因特网协议（IP）地址，并创建一个一对一的映射， 代理服务器名称的IP地址。 Web服务器从用户设备接收Web浏览器请求。 Web浏览器请求已重定向到Web服务器，并具有等于私有IP地址的原始目标IP地址。 Web服务器使用一对一映射从专用IP地址标识代理服务器名称。

公开(公告)号：US20090210701A1

公开(公告)日：2009-08-20

申请号：US11921424

申请日：2005-06-23

申请人： Junbiao Zhang ,  Kumar Ramaswamy ,  Jeffrey Allen Cooper

发明人： Junbiao Zhang ,  Kumar Ramaswamy ,  Jeffrey Allen Cooper

IPC分类号： H04L9/32 ,  H04L9/08 ,  H04L29/06

CPC分类号： H04L9/0891 ,  H04L9/0825 ,  H04L9/16 ,  H04L63/045 ,  H04L63/068 ,  H04L63/0823 ,  H04N7/163 ,  H04N7/165 ,  H04N7/1675 ,  H04N7/17318 ,  H04N7/17336 ,  H04N21/25816 ,  H04N21/63345 ,  H04N21/63775

摘要： A method for enabling an access device to securely access content from at least a content provider and prevent a cloned access device from accessing such content. During registration of the access device with the content provider, the access device requests from a designated certificate authority a certificate having a public key of the content provider therein. Upon authentication of the certificate, the access device generates a key and uses the public key to exchange the key with the content provider. The key is then used for subsequent secure communications between the access device and the content provider. In this manner, a cloned device does not have access to the key and is unable to download content from the content provider.

摘要翻译： 一种用于使得访问设备能够从至少内容提供商安全地访问内容并防止克隆的访问设备访问这样的内容的方法。 在访问设备与内容提供商的注册期间，访问设备从指定的证书颁发机构请求具有内容提供商的公开密钥的证书。 在认证证书时，访问设备生成密钥并使用公共密钥与内容提供商交换密钥。 密钥随后用于接入设备和内容提供商之间的后续安全通信。 以这种方式，克隆的设备不能访问密钥，并且不能从内容提供商下载内容。

公开(公告)号：US20090113536A1

公开(公告)日：2009-04-30

申请号：US11922442

申请日：2005-06-23

申请人： Junbiao Zhang ,  Kumar Ramaswamy ,  Jeffrey Allen Cooper

发明人： Junbiao Zhang ,  Kumar Ramaswamy ,  Jeffrey Allen Cooper

IPC分类号： G06F1/00 ,  H04L29/06

CPC分类号： H04L63/102 ,  G06F21/10 ,  G06F21/16 ,  G06F2221/0786 ,  H04L67/28 ,  H04L69/329 ,  H04L2463/101

摘要： A method for enabling access to digital rights managed (DRM) content from a server to a portable playback device using a device that functions as a proxy for enabling communication between the server and the portable playback device. The method provides for establishing a connection with a device capable of operating as a gateway device for passing data between the portable playback device and the server, requesting that the device establish a connection with the server and operate as a proxy for enabling data exchange between the portable playback device and the server, sending to the server, upon establishing the connection with the server via the device operating as a proxy, data indicating DRM solutions supported by the portable playback device, and a list comprising requested DRM content to be downloaded to the portable playback device, and receiving from the server, via the device operating as a proxy, the requested DRM content and DRM rules associated with the received content.

摘要翻译： 一种用于使用作为用于实现服务器与便携式再现设备之间的通信的代理的设备的服务器到便携式回放设备来访问数字版权管理（DRM）内容的方法。 该方法提供建立与能够作为网关设备操作的设备的连接，用于在便携式再现设备和服务器之间传递数据，请求设备与服务器建立连接并作为代理进行操作，以实现数据交换 便携式播放装置和服务器，在通过作为代理操作的装置建立与服务器的连接之后发送到服务器，指示由便携式播放装置支持的DRM解决方案的数据，以及包括要下载到 便携式播放设备，以及经由作为代理操作的设备从服务器接收与所接收的内容相关联的所请求的DRM内容和DRM规则。

公开(公告)号：US20090113024A1

公开(公告)日：2009-04-30

申请号：US11922762

申请日：2005-06-22

申请人： Snigdha Verma ,  Jun Li ,  Junbiao Zhang

发明人： Snigdha Verma ,  Jun Li ,  Junbiao Zhang

IPC分类号： G06F15/16 ,  G06F15/173

CPC分类号： H04L65/4084 ,  H04L29/06027 ,  H04L67/06 ,  H04L67/1002 ,  H04L67/2842 ,  H04L67/289 ,  H04L67/325 ,  H04L67/327 ,  H04L69/329

摘要： The downloading of content to a requesting client (A1, A2 and A3) through content distribution network consisting of edge servers occurs upon receiving a content request, a content server responses with a request-routing message that includes source data identifying the content and path data identifying a path through the network to a source of such content. Having the path information in request-routing message enables a requesting client to make the request to a particular edge server, which in turn can register the downloading request and access the content from an appropriate location, thereby obviating the frequent communication between the content server and edge servers on the path.

摘要翻译： 通过由边缘服务器组成的内容分发网络将内容下载到请求客户端（A1，A2和A3），在接收到内容请求时发生内容服务器响应，请求路由消息包括标识内容和路径数据的源数据 识别通过网络到这样的内容的源的路径。 在请求路由消息中具有路径信息使得请求客户端能够向特定边缘服务器发出请求，该特定边缘服务器又可以注册下载请求并从适当位置访问该内容，从而避免了内容服务器与 路径上的边缘服务器。

公开(公告)号：US20080037486A1

公开(公告)日：2008-02-14

申请号：US11596949

申请日：2005-05-10

申请人： Olivier Gerling ,  Junbiao Zhang ,  Kumar Ramaswamy

发明人： Olivier Gerling ,  Junbiao Zhang ,  Kumar Ramaswamy

IPC分类号： H04L29/06 ,  H04L12/56

CPC分类号： H04W12/06 ,  H04L63/0272 ,  H04L63/0464 ,  H04L63/0823 ,  H04W4/06

摘要： A portable communications device advantageously can access an enterprise network through a Virtual Private Network link without the need for a VPN client. To accomplish communications, the portable communications device establishes a communication link with a wireless access point using one or several well-known secure wireless protocols. The wireless access point establishes a communication link with the enterprise network through the VPN and bridges the connections to afford an end-to-end link between the portable computing device and the enterprise network.

摘要翻译： 便携式通信设备有利地可以通过虚拟专用网络链路访问企业网络，而不需要VPN客户端。 为了完成通信，便携式通信设备使用一个或几个众所周知的安全无线协议与无线接入点建立通信链路。 无线接入点通过VPN建立与企业网络的通信链路，并桥接连接以提供便携式计算设备与企业网络之间的端到端链路。

公开(公告)号：US20070291694A1

公开(公告)日：2007-12-20

申请号：US11660837

申请日：2004-09-03

申请人： Junbiao Zhang

发明人： Junbiao Zhang

IPC分类号： H04L12/20

CPC分类号： H04L67/14 ,  H04W12/06 ,  H04W36/0033 ,  H04W36/18

摘要： There is provided, in a source device, a method for handing off a media session from the source device to a target device in a network. The target device is informed of an impending handoff of the media session. Session state information is transmitted to the target device in preparation for the handoff. The source device is authenticated with respect to a router that is common to both the source device and the target device, prior to the handoff. The conducting of the media session on the source device is ceased in place of the target device, subsequent to the handoff.

摘要翻译： 在源设备中提供了用于将媒体会话从源设备切换到网络中的目标设备的方法。 目标设备被通知即将进行的媒体会话切换。 会话状态信息被传送到目标设备以准备切换。 在切换之前，源设备相对于源设备和目标设备都是通用的路由器进行认证。 在切换之后，在源设备上进行媒体会话的停止代替目标设备。

公开(公告)号：US20070113269A1

公开(公告)日：2007-05-17

申请号：US10566393

申请日：2004-07-29

申请人： Junbiao Zhang

发明人： Junbiao Zhang

IPC分类号： G06F17/30

CPC分类号： H04L63/123 ,  H04L63/08 ,  H04L63/0876 ,  H04L63/0892 ,  H04L63/10 ,  H04L63/168 ,  H04W12/06 ,  H04W12/08 ,  H04W12/10

摘要： A mechanism to improve the security and access control over a network, such as a wireless local area network (“WLAN”), that takes advantage of web browser interactions without requiring explicit separate communication session between a hot spot network and a service provider network. The method comprises receiving a request to access the WLAN from a mobile terminal (MT)/client disposed within a coverage area of the WLAN. The access point (AP) of the network associates a session ID and randomized number with an identifier associated with the MT and stores data mapping the session ID to the identifier of the MT and randomized number. The local server transmits an authentication request in the form of a web page, which includes the session ID and randomized number, to the MT. The AP receives from the MT a digitally signed authentication message, a parameter list containing user credential information, session ID, and randomized number concerning the MT, the authentication message being digitally signed using the session ID and randomized number together with the parameter list. The AP correlates the session ID and parameter list received from the MT and, using the stored mapping data, generates a local digital signature for comparison with the received digitally signed authentication message for controlling access of the MT to the WLAN.

摘要翻译： 一种改善网络（例如无线局域网（WLAN））的安全性和访问控制的机制，其利用Web浏览器交互而不需要在热点网络和服务提供商网络之间的明确的单独的通信会话。 该方法包括从设置在WLAN的覆盖区域内的移动终端（MT）/客户端接收接入WLAN的请求。 网络的接入点（AP）将会话ID和随机化号码与与MT相关联的标识符相关联，并将将会话ID映射到MT的标识符和随机数的数据。 本地服务器将包括会话ID和随机数的网页形式的认证请求发送到MT。 AP从MT接收到数字签名的认证消息，包含用户凭证信息，会话ID和关于MT的随机数的参数列表，认证消息使用会话ID和随机数与参数列表进行数字签名。 AP将从MT接收到的会话ID和参数列表相关联，并且使用存储的映射数据生成本地数字签名，用于与接收到的数字签名的认证消息进行比较，以控制对WLAN的MT的接入。

公开(公告)号：US20070025302A1

公开(公告)日：2007-02-01

申请号：US10553648

申请日：2004-03-08

申请人： Junbiao Zhang ,  Kumar Ramaswamy

发明人： Junbiao Zhang ,  Kumar Ramaswamy

IPC分类号： H04Q7/24

CPC分类号： H04W12/08 ,  H04L12/2856 ,  H04L63/08 ,  H04L63/0884 ,  H04L63/104 ,  H04W12/06 ,  H04W40/02 ,  H04W74/00 ,  H04W84/12 ,  H04W88/08 ,  H04W88/16

摘要： A wireless Local Area Network (LAN 11) capable of providing “enterprise guest” hosting includes at least one an e-open wireless LAN access point (15) that provides access to both guests and local users. Upon receipt of a request for access, the access point forwards the request to an authentication proxy. The authentication proxy then authenticates the party requesting access in accordance with that party's status (that is, whether the party is a local user or guest). Upon successful authentication, the network routes the traffic from a local user differently as compared to that for a guest. For example traffic from guests goes to gateway for receipt in an external network such as the Internet, whereas traffic from the local user goes to a local network, e.g., a corporate intranet. In this way, the Wireless LAN 11, after ascertaining the status of the party requesting access, can limit guest traffic according to the guest access policy.

摘要翻译： 能够提供“企业访客”托管的无线局域网（LAN 11）包括提供对客人和本地用户的访问的至少一个电子开放无线LAN接入点（15）。 在接收到访问请求时，接入点将请求转发给认证代理。 然后，认证代理根据该方的状态（即，该方是否是本地用户或来宾）认证请求访问的一方。 在成功认证后，网络与来自本地用户的流量相比，路由不同。 例如，来自客户的流量进入网关以在外部网络（例如因特网）中接收，而来自本地用户的流量到达本地网络，例如公司内部网。 以这种方式，无线LAN 11在确定请求访问的一方的状态之后，可以根据访客访问策略来限制访客流量。

公开(公告)号：US20060174288A1

公开(公告)日：2006-08-03

申请号：US10564253

申请日：2003-07-14

申请人： Guillaume Bichot ,  Kumar Ramaswamy ,  Junbiao Zhang ,  Charles Wang

发明人： Guillaume Bichot ,  Kumar Ramaswamy ,  Junbiao Zhang ,  Charles Wang

IPC分类号： H04N7/18

CPC分类号： H04W72/005 ,  H04L12/1859 ,  H04N7/163 ,  H04N21/2381 ,  H04N21/26616 ,  H04N21/2665 ,  H04N21/4126 ,  H04N21/43615 ,  H04N21/4363 ,  H04N21/43637 ,  H04N21/4381 ,  H04N21/4402 ,  H04N21/4622 ,  H04W84/12

摘要： A wireless Local Area Network provides data service through a data LAN and also provides video broadcast service through a video LAN. A wireless LAN subscriber accesses the video LAN through one of a plurality of Video Access Points (VAPs) that broadcast multiple video programs on a channel having a frequency different than the frequency over which the subscriber accesses the data LAN. Each VAP maintains the video channel in a one-way broadcast-only mode to prevent a wireless LAN subscriber from seeking to uplink information on that channel. In this way, the wireless LAN can employ a common protocol for both data and video transmission, and deliver the video streams at the maximum permissible downlink transmission rate.

摘要翻译： 无线局域网通过数据LAN提供数据服务，并通过视频LAN提供视频广播服务。 无线LAN用户通过在具有与用户访问数据LAN的频率不同的频率的信道上广播多个视频节目的多个视频接入点（VAP）中的一个接入视频LAN。 每个VAP以单向广播模式维护视频频道，以防止无线LAN用户寻求该频道上的上行链路信息。 以这种方式，无线LAN可以采用用于数据和视频传输的公共协议，并且以最大允许的下行链路传输速率传送视频流。