公开(公告)号：US4479213A

公开(公告)日：1984-10-23

申请号：US399935

申请日：1982-07-19

申请人： Claude Galand ,  Henri Nussbaumer

发明人： Claude Galand ,  Henri Nussbaumer

IPC分类号： G10L19/02 ,  H03M7/30 ,  H04B1/66 ,  H04B14/04 ,  H04J99/00 ,  H04M11/00 ,  H04M11/06 ,  H04J3/00

CPC分类号： H04M11/062 ,  H04B1/667

摘要： The method allows voice and data information to be concentrated over a reduced number of telephone lines. It consists mainly in processing each voice signal to extract therefrom a so-called analog base band signal and digitally coded characteristic parameters. Said parameters are then multiplexed with pure data and submitted to a modulation operation. The analog signal resulting from the modulation is then added to the base band before being transmitted over a telephone line.

摘要翻译： 该方法允许语音和数据信息集中在减少数量的电话线上。 它主要在于处理每个语音信号以从中提取所谓的模拟基带信号和数字编码的特征参数。 所述参数然后与纯数据复用并提交到调制操作。 然后，在通过电话线传输之前，将由调制产生的模拟信号添加到基带。

公开(公告)号：US07574738B2

公开(公告)日：2009-08-11

申请号：US10288574

申请日：2002-11-06

申请人： Olivier Daude ,  Jacques Fieschi ,  Claude Galand ,  Olivier Hericourt ,  Jean-Francois Le Pennec

发明人： Olivier Daude ,  Jacques Fieschi ,  Claude Galand ,  Olivier Hericourt ,  Jean-Francois Le Pennec

IPC分类号： G06F15/16

CPC分类号： H04L12/4641 ,  H04L63/0236 ,  H04L63/0254 ,  H04L63/0263 ,  H04L63/0272 ,  H04L63/0281 ,  H04L63/08 ,  H04L63/0823 ,  H04L63/083 ,  H04L63/0869 ,  H04L63/101 ,  H04L63/20

摘要： A method and system for enabling interconnection of VPNs is disclosed. An interconnection device manages an interconnection process at one or more facilities including, for example, a gateway device. The gateway device has information relating to a plurality of VPNs, and may facilitate interconnection between devices on at least two of the VPNs by determining that one device is in fact a member of a first one of the VPNs, and by forwarding connection parameters of the first VPN to the second VPN on an as-needed basis. In this way, the gateway allows interconnection without the need for a completely centralized decision-making process, and does so independently of the type of device and/or VPN(s) being used. Moreover, the gateway may implement only those VPN parameters needed by both VPNs to communicate with one another with a desired level of security, thereby simplifying the routing and forwarding processes associated with the actual communication occurring via the interconnection. The information related to the plurality of VPNs and their respective member devices may be stored in a mapping table at the gateway, and identification parameters of a device seeking interconnection and/or associated VPN parameters may be verified by the use of digital certificates.

摘要翻译： 公开了一种实现VPN互连的方法和系统。 互连设备管理包括例如网关设备在内的一个或多个设施的互连处理。 网关设备具有与多个VPN相关的信息，并且可以通过确定一个设备实际上是VPN中的第一个的成员，并且通过转发所述VPN中的第一个VPN的连接参数来促进至少两个VPN中的设备之间的互连 第一个VPN到第二个VPN根据需要。 以这种方式，网关允许互连，而不需要完全集中的决策过程，并且独立于正在使用的设备和/或VPN的类型。 此外，网关可以仅实现两个VPN所需的VPN参数，以便以期望的安全级别彼此通信，从而简化与通过互连发生的实际通信相关联的路由和转发过程。 与多个VPN及其各自的成员设备相关的信息可以存储在网关的映射表中，并且可以通过使用数字证书来验证寻求互连和/或相关VPN参数的设备的识别参数。

公开(公告)号：US07562386B2

公开(公告)日：2009-07-14

申请号：US11703021

申请日：2007-02-06

申请人： Joel Balissat ,  Claude Galand ,  Jean-Francois Le Pennec ,  Jean-Marie Sommerlatt

发明人： Joel Balissat ,  Claude Galand ,  Jean-Francois Le Pennec ,  Jean-Marie Sommerlatt

IPC分类号： G06F15/00

CPC分类号： H04L63/0272 ,  H04L63/065 ,  H04L63/08 ,  H04L63/164

摘要： A method and system for implementing secure communications between a plurality of devices are provided. The method and system generally include the provision of at least one common encryption parameter to each of the plurality of devices, as well as an identification of the plurality of devices to one another. This information can be maintained and shared by interaction of the plurality of devices with a designated server device. In this way, a secure, point-to-point connection between at least two of the plurality of devices can be established.

摘要翻译： 提供了用于实现多个设备之间的安全通信的方法和系统。 该方法和系统通常包括向多个设备中的每一个提供至少一个公共加密参数，以及将多个设备彼此的标识。 可以通过多个设备与指定的服务器设备的交互来维护和共享该信息。 以这种方式，可以建立多个设备中的至少两个之间的安全的点对点连接。

公开(公告)号：US07448081B2

公开(公告)日：2008-11-04

申请号：US11525399

申请日：2006-09-22

申请人： Joel Balissat ,  Claude Galand ,  Jean-Francois Le Pennec ,  Jean-Marie Sommerlatt

发明人： Joel Balissat ,  Claude Galand ,  Jean-Francois Le Pennec ,  Jean-Marie Sommerlatt

IPC分类号： G06F15/00

CPC分类号： H04L63/0209 ,  H04L63/0272 ,  H04L63/0435 ,  H04L63/0464

摘要： A method and system for implementing secure network communications between a first device and a second device, at least one of the devices communicating with the other device via a firewall device, are provided. The method and system may include obtaining an encryption parameter that is shared by the first device, second device and firewall device. A data packet sent by the first device may then be copied within the firewall device, so that decryption of the copy of the data packet within a portion of the firewall device may take place. In particular, the portion of the firewall device in which decryption takes place is defined such that contents of the portion are inaccessible to an operator of the firewall device. Thus, scanning of the decrypted copy of the data packet for compliance with a predetermined criterion may take place within the firewall device, without an operator of the firewall device having access to the contents of the data packet to be transmitted. Thereafter, the original data packet can be forwarded to its originally intended recipient.

摘要翻译： 提供了一种用于在第一设备和第二设备之间实现安全网络通信的方法和系统，至少一个设备经由防火墙设备与另一设备通信。 该方法和系统可以包括获得由第一设备，第二设备和防火墙设备共享的加密参数。 然后可以在防火墙设备内复制由第一设备发送的数据分组，从而可以在防火墙设备的一部分内对数据分组的副本进行解密。 特别地，定义防火墙设备中发生解密的部分，使得该部分的内容对于防火墙设备的操作者是不可访问的。 因此，在防火墙设备内可以进行符合预定标准的数据分组的解密副本的扫描，而防火墙设备的操作者可以访问要发送的数据分组的内容。 此后，可以将原始数据分组转发到其原始的接收者。

公开(公告)号：US07369560B2

公开(公告)日：2008-05-06

申请号：US10852945

申请日：2004-05-25

申请人： Jean-François Le Pennec ,  Aurélien Bruno ,  Claude Galand ,  Didier Giroir

发明人： Jean-François Le Pennec ,  Aurélien Bruno ,  Claude Galand ,  Didier Giroir

IPC分类号： H04L12/28 ,  H04L12/56

CPC分类号： H04L63/0272 ,  H04L12/4641 ,  H04L29/12009 ,  H04L29/12358 ,  H04L29/12481 ,  H04L29/12801 ,  H04L45/50 ,  H04L61/251 ,  H04L61/2557 ,  H04L61/6004 ,  H04L63/101 ,  H04L69/16 ,  H04L69/167

摘要： Certain exemplary embodiments provide a method for converting data packets based upon IPv4 protocol into data packets based upon IPv6 protocol, said method comprising converting any data packet based upon the IPv4 protocol into a data packet based upon the IPv6 protocol before transmitting it to an IP switched network using information provided by an external server, and converting any data packet based upon the IPv6 protocol provided by said IP switched network into a data packet based upon the IPv4 protocol before transmitting it to a first or second workstation.

摘要翻译： 某些示例性实施例提供了一种用于基于IPv6协议将基于IPv4协议的数据分组转换成数据分组的方法，所述方法包括：在将其发送到IP交换机之前，将基于IPv4协议的任何数据分组转换为基于IPv6协议的数据分组 网络使用由外部服务器提供的信息，并且在将其发送到第一或第二工作站之前，将基于所述IP交换网络提供的IPv6协议的任何数据分组转换为基于IPv4协议的数据分组。

公开(公告)号：US07320034B2

公开(公告)日：2008-01-15

申请号：US09811038

申请日：2001-03-16

申请人： Aline Fichou ,  Jacques Fieschi ,  Claude Galand ,  Jean-Francois Le Pennec

发明人： Aline Fichou ,  Jacques Fieschi ,  Claude Galand ,  Jean-Francois Le Pennec

IPC分类号： G06F15/16

CPC分类号： H04L47/822 ,  H04L45/10 ,  H04L47/18 ,  H04L47/24 ,  H04L47/70 ,  H04L47/724 ,  H04L47/781 ,  H04L47/805 ,  H04L47/808

摘要： A method and system for reserving a virtual connection from a source workstation to a destination workstation. Packets of data are transmitted over a network between an ingress node of the source workstation and an egress node of the destination workstation. In accordance with the method of the present invention, a reservation request is delivered from the source workstation to a reservation server. The reservation server includes a user database for storing the identification of each user allowed to access to the reservation server and also stores the rights of each user. The reservation server further includes a network database for storing the information describing a network capacity required to set up the virtual connection. A verification is then performed to determine whether or not the reservation request may be validated in view of user information within said source workstation. A second verification is performed to determine whether or not the capacity of said network is sufficient to meet the requirements of the reservation request. In response to the capacity of the network being sufficient to meet the requirements of the reservation request, a virtual connection is established from the ingress node to the egress node.

摘要翻译： 一种用于将虚拟连接从源工作站预留到目标工作站的方法和系统。 数据包通过源工作站的入口节点和目标工作站的出口节点之间的网络传输。 根据本发明的方法，将预留请求从源工作站传送到预约服务器。 预约服务器包括用于存储允许访问预约服务器的每个用户的标识的用户数据库，并且还存储每个用户的权限。 预约服务器还包括网络数据库，用于存储描述建立虚拟连接所需的网络容量的信息。 然后执行验证以确定预留请求是否可以根据所述源工作站内的用户信息而被验证。 执行第二验证以确定所述网络的容量是否足以满足预留请求的要求。 响应于网络的容量足以满足预留请求的要求，建立从入口节点到出口节点的虚拟连接。

公开(公告)号：US20070016947A1

公开(公告)日：2007-01-18

申请号：US11525399

申请日：2006-09-22

申请人： Joel Balissat ,  Claude Galand ,  Jean-Francois Le Pennec ,  Jean-Marie Sommerlatt

发明人： Joel Balissat ,  Claude Galand ,  Jean-Francois Le Pennec ,  Jean-Marie Sommerlatt

IPC分类号： G06F15/16

CPC分类号： H04L63/0209 ,  H04L63/0272 ,  H04L63/0435 ,  H04L63/0464

摘要： A method and system for implementing secure network communications between a first device and a second device, at least one of the devices communicating with the other device via a firewall device, are provided. The method and system may include obtaining an encryption parameter that is shared by the first device, second device and firewall device. A data packet sent by the first device may then be copied within the firewall device, so that decryption of the copy of the data packet within a portion of the firewall device may take place. In particular, the portion of the firewall device in which decryption takes place is defined such that contents of the portion are inaccessible to an operator of the firewall device. Thus, scanning of the decrypted copy of the data packet for compliance with a predetermined criterion may take place within the firewall device, without an operator of the firewall device having access to the contents of the data packet to be transmitted. Thereafter, the original data packet can be forwarded to its originally intended recipient.

公开(公告)号：US20050041660A1

公开(公告)日：2005-02-24

申请号：US10886956

申请日：2004-07-08

申请人： Jean-Francois Pennec ,  Claude Galand

发明人： Jean-Francois Pennec ,  Claude Galand

IPC分类号： H03M7/30 ,  H04L29/06 ,  H04L12/28

CPC分类号： H04L69/04 ,  H03M7/3066 ,  H04L29/06 ,  H04L69/22

摘要： Header compression system for compressing the header of the data packets of a flow transmitted from an ingress node to an egress node through a data transmission network comprising template creating means, in both ingress node and egress node, adapted for creating the same compression template from a predetermined number of uncompressed data packets at the beginning of the flow respectively transmitted by the ingress node and received by the egress node, and header compression means, in the ingress node, adapted for compressing the header of each packet following the predetermined number of uncompressed data packets before transmitting it through the data transmission network, the compression being achieved by using the compression template.

摘要翻译： 标题压缩系统，用于压缩通过数据传输网络从入口节点传送到出口节点的流的数据分组的报头，包括模板创建装置，在入口节点和出口节点中适于从一个 在入口节点分别由入口节点发送并由出口节点接收的流的开始处的预定数量的未压缩数据分组和头部压缩装置，适用于压缩预定数量的未压缩数据之后的每个分组的报头 数据包在通过数据传输网络传输之前，通过使用压缩模板来实现压缩。

公开(公告)号：US06687228B1

公开(公告)日：2004-02-03

申请号：US09438054

申请日：1999-11-10

申请人： Aline Fichou ,  Claude Galand

发明人： Aline Fichou ,  Claude Galand

IPC分类号： H04J116

CPC分类号： H04L12/5601 ,  H04L2012/5634

摘要： The present invention relates to a method and system of sharing among a plurality of virtual channel connections the bandwidth of a bandwidth adjustable virtual path connection established between a source node and a destination node within a packet or cell switching network comprising a plurality of nodes interconnected with transmission links, said virtual channel connections comprising bandwidth adjustable reserved virtual channel connections with minimum bandwidth reservation and/or reserved virtual channel connections and/or non reserved virtual channel connections with minimum bandwidth reservation or/and totally non reserved connections without minimum bandwidth reservation. When the source node receives a notification indicating a new bandwidth to allocate to the bandwidth adjustable virtual path connection, and when this new bandwidth is lower than the sum of the current reserved bandwidth of virtual channel connections, the current reserved bandwidth of each bandwidth adjustable virtual channel connection is reduced by applying a ratio to the part of the current bandwidth reserved above the minimum reservation. The ratio is, in a preferred embodiment, proportional to the difference between the sum of the reserved bandwidth of all virtual channel connections and the new available bandwidth allocated to the bandwidth adjustable virtual path connection, and inversely proportional to the sum of the bandwidth reserved above the minimum reservation for the bandwidth adjustable virtual channel connections.

摘要翻译： 本发明涉及一种在多个虚拟通道连接之间共享带宽可调节的虚拟路径连接的带宽的方法和系统，该带宽是在分组或小区交换网络内的源节点与目的地节点之间建立的，包括多个节点， 传输链路，所述虚拟信道连接包括具有最小带宽预留和/或预留虚拟信道连接的带宽可调保留虚拟信道连接和/或具有最小带宽预留或/或完全非保留连接的非保留虚拟信道连接，而没有最小带宽预留。 当源节点接收到指示分配给带宽可调虚拟路径连接的新带宽的通知，并且当该新带宽低于虚拟信道连接的当前保留带宽的总和时，每个带宽的当前保留带宽可调节虚拟 通过将比例应用到在最小保留上保留的当前带宽的一部分来减少通道连接。 在优选实施例中，该比例与所有虚拟信道连接的保留带宽和分配给带宽可调节虚拟路径连接的新可用带宽之和之间的差成比例，并且与上述保留的带宽之和成反比 带宽可调虚拟通道连接的最小预留。

公开(公告)号：US06424624B1

公开(公告)日：2002-07-23

申请号：US09167786

申请日：1998-10-07

申请人： Claude Galand ,  Pierre-Andre Foriel ,  Aline Fichou ,  Marcus Enger

发明人： Claude Galand ,  Pierre-Andre Foriel ,  Aline Fichou ,  Marcus Enger

IPC分类号： G06F1110

CPC分类号： H04L12/5601 ,  H04L2012/5631 ,  H04L2012/5636 ,  H04L2012/5637 ,  H04L2012/5651

摘要： This system is made to perform congestion detection and flow control in high speed digital packet switching network (22) carrying discardable and non-discardable traffic. Forward traffic received at a destination system over a first connection from a source system is monitored. If a congestion-indicating bit is detected in a received packet, a backward congestion indicator is set in packets flowing from the destination system to the source system over a second connection. The source system integrates the number of backward congestion indicators received over successive periods of time using a count-up, count-down counter. Specific congestion control actions are taken at the source system as a function of the counter state at the end of each of the successive periods of time. The congestion control actions may include increasing or decreasing the bandwidth allocated to discardable traffic intended to be delivered over the first connection.

摘要翻译： 该系统用于在承载可丢弃和不可丢弃业务的高速数字分组交换网络（22）中执行拥塞检测和流量控制。 监视从源系统通过第一连接在目的地系统处接收到的业务。 如果在接收到的分组中检测到拥塞指示比特，则通过第二连接从目的地系统流向源系统的分组中设置反向拥塞指示符。 源系统使用递增递减计数器将连续时间段内接收到的反向拥塞指标数量进行整合。 作为在每个连续时间段结束时的计数器状态的函数，在源系统处采取具体的拥塞控制动作。 拥塞控制动作可以包括增加或减少分配给旨在通过第一连接传递的可丢弃业务的带宽。