-
1.发明授权Automatic proxy registration and discovery in a multi-proxy communication system 有权在多代理通信系统中自动代理注册和发现公开(公告)号:US09154557B2
公开(公告)日:2015-10-06
申请号:US11580739
申请日:2006-10-12
申请人: Etai Lev-Ran , Leonid Vasetsky , Daniel Kaminsky
发明人: Etai Lev-Ran , Leonid Vasetsky , Daniel Kaminsky
CPC分类号: H04L67/16 , G06F17/30194 , H04L29/12169 , H04L61/1576 , H04L67/1002 , H04L67/101 , H04L67/1012 , H04L67/28 , H04L67/288
摘要: One embodiment comprises an apparatus for automatic proxy registration and discovery in a multi-proxy communication system. The apparatus executes a proxy server that is configured to provide optimized connections to remote proxy servers that are communicatively connected to the proxy server over a Wide Area Network (WAN). A file server, which is communicatively connected to the proxy server over a Local Area Network (LAN), is automatically discovered. An association record corresponding to the file server is created, where the association record identifies the file server and the proxy server and indicates that the proxy server is configured to provide the remote proxy servers with optimized connections to the file server. The association record is registered with a centralized database server, where the remote proxy servers are communicatively connected to the centralized database server over the WAN.
摘要翻译: 一个实施例包括用于在多代理通信系统中自动代理注册和发现的装置。 该设备执行代理服务器,该代理服务器被配置为向通过广域网(WAN)通信地连接到代理服务器的远程代理服务器提供优化的连接。 通过局域网(LAN)通信地连接到代理服务器的文件服务器被自动发现。 创建与文件服务器相对应的关联记录,其中关联记录标识文件服务器和代理服务器,并且指示代理服务器被配置为向远程代理服务器提供与文件服务器的优化连接。 关联记录向集中式数据库服务器注册,远程代理服务器通过WAN通信连接到集中式数据库服务器。
-
公开(公告)号:US07711788B2
公开(公告)日:2010-05-04
申请号:US11408260
申请日:2006-04-20
申请人: Etai Lev Ran , Shahar Glixman , Israel Z. Ben Shaul , Vita Bortnikov , Daniel Kaminsky , Danit Ben Kiki , Idan Zach , Israel Cidon
发明人: Etai Lev Ran , Shahar Glixman , Israel Z. Ben Shaul , Vita Bortnikov , Daniel Kaminsky , Danit Ben Kiki , Idan Zach , Israel Cidon
IPC分类号: G06F13/00
CPC分类号: G06F17/30902 , G06F9/546 , G06F17/30171 , G06F17/30235 , H04L29/06 , H04L67/02 , H04L67/06 , H04L67/1095 , H04L67/2814 , H04L67/2823 , H04L67/2828 , H04L67/2842 , H04L67/2876 , H04L67/40 , H04L69/329 , Y10S707/99952
摘要: A method for enabling access to a data resource, which is held on a file server (25) on a first local area network (LAN) (21a), by a client (28) on a second LAN (21b). A proxy receiver (48) on the second LAN (21b) intercepts a request for the data resource submitted by the client (28) and transmits a message via a wide area network (WAN) (29) to a proxy transmitter (52) on the first LAN (21a), requesting the data resource. The proxy transmitter (52) retrieves a replica of the data resource from the file server (25) and conveys the replica of the data resource over the WAN (29) to the proxy receiver (48), which serves the replica of the data resource from the proxy receiver (48) to the client (28) over the second LAN (21b).
摘要翻译: 一种能够访问由第二LAN(21b)上的客户端(28)保存在第一局域网(LAN)(21a)上的文件服务器(25)上的数据资源的方法。 第二LAN(21b)上的代理接收器(48)拦截由客户端(28)提交的数据资源的请求,并经由广域网(WAN)29将消息发送到代理发射机(52)上 第一LAN(21a),请求数据资源。 代理发射器(52)从文件服务器(25)检索数据资源的副本,并将数据资源的副本通过WAN(29)传送到代理接收器(48),代理接收器(48)用于数据资源的副本 通过第二LAN(21b)从代理接收器(48)到客户机(28)。
-
公开(公告)号:US20100061253A1
公开(公告)日:2010-03-11
申请号:US12590677
申请日:2009-11-12
申请人: Daniel Kaminsky , Arivu Ramasamy , Martin Cieslak , Mukund Ingle , Siddharth Vajirkar , Etai Lev Ran
发明人: Daniel Kaminsky , Arivu Ramasamy , Martin Cieslak , Mukund Ingle , Siddharth Vajirkar , Etai Lev Ran
IPC分类号: H04L12/26
CPC分类号: H04L41/12
摘要: In one embodiment, a method for tracing a connection path from a source node to a destination node through a network having one or more transparent proxies includes generating a trace packet at the source node, transmitting the trace packet over the network towards the destination node, and receiving trace response packets in response to transmission of the trace packet. The trace response packets include a packet from the destination node and a packet from each of the transparent proxies in a data path from the source node to the destination node. Each of the packets from the transparent proxies includes an identifier of the transparent proxy transmitting the packet. The method further includes identifying the transparent proxies in the connection path based on information in the trace response packets. An apparatus for tracing a connection path is also disclosed.
摘要翻译: 在一个实施例中,用于通过具有一个或多个透明代理的网络跟踪从源节点到目的地节点的连接路径的方法包括在源节点处生成跟踪分组,通过网络向目的地节点发送跟踪分组, 以及响应于跟踪包的传输而接收到跟踪响应数据包。 跟踪响应分组包括来自目的地节点的分组和来自源节点到目的地节点的数据路径中的每个透明代理的分组。 来自透明代理的每个分组包括传输分组的透明代理的标识符。 该方法还包括基于跟踪响应分组中的信息来识别连接路径中的透明代理。 还公开了一种用于跟踪连接路径的装置。
-
公开(公告)号:US20070174428A1
公开(公告)日:2007-07-26
申请号:US11408260
申请日:2006-04-20
申请人: Etai Lev Ran , Shahar Glixman , Israel Ben Shaul , Vita Bortnikov , Daniel Kaminsky , Danit Ben Kiki , Idan Zach , Israel Cidon
发明人: Etai Lev Ran , Shahar Glixman , Israel Ben Shaul , Vita Bortnikov , Daniel Kaminsky , Danit Ben Kiki , Idan Zach , Israel Cidon
IPC分类号: G06F15/173
CPC分类号: G06F17/30902 , G06F9/546 , G06F17/30171 , G06F17/30235 , H04L29/06 , H04L67/02 , H04L67/06 , H04L67/1095 , H04L67/2814 , H04L67/2823 , H04L67/2828 , H04L67/2842 , H04L67/2876 , H04L67/40 , H04L69/329 , Y10S707/99952
摘要: A method for enabling access to a data resource, which is held on a file server (25) on a first local area network (LAN) (21a), by a client (28) on a second LAN (21b). A proxy receiver (48) on the second LAN (21b) intercepts a request for the data resource submitted by the client (28) and transmits a message via a wide area network (WAN) (29) to a proxy transmitter (52) on the first LAN (21a), requesting the data resource. The proxy transmitter (52) retrieves a replica of the data resource from the file server (25) and conveys the replica of the data resource over the WAN (29) to the proxy receiver (48), which serves the replica of the data resource from the proxy receiver (48) to the client (28) over the second LAN (21b).
摘要翻译: 一种能够访问由第二LAN(21b)上的客户端(28)保存在第一局域网(LAN)上的文件服务器(25)上的数据资源的方法。 第二LAN(21b)上的代理接收器(48)拦截由客户机(28)提交的数据资源的请求,并经由广域网(WAN)29将消息发送到代理发射机(52) 在第一个LAN(21 a)上,请求数据资源。 代理发射器(52)从文件服务器(25)检索数据资源的副本,并将数据资源的副本通过WAN(29)传送到代理接收器(48),代理接收器(48)用于数据资源的副本 从代理接收器(48)到第二LAN(21b)上的客户机(28)。
-
公开(公告)号:US09547726B2
公开(公告)日:2017-01-17
申请号:US12723756
申请日:2010-03-15
申请人: Etai Lev Ran , Shahar Glixman , Israel Ben Shaul , Vita Bortnikov , Daniel Kaminsky , Danit Ben Kiki , Idan Zach , Israel Cidon
发明人: Etai Lev Ran , Shahar Glixman , Israel Ben Shaul , Vita Bortnikov , Daniel Kaminsky , Danit Ben Kiki , Idan Zach , Israel Cidon
IPC分类号: G06F15/173 , G06F17/30 , G06F9/54 , H04L29/06 , H04L29/08
CPC分类号: G06F17/30902 , G06F9/546 , G06F17/30171 , G06F17/30235 , H04L29/06 , H04L67/02 , H04L67/06 , H04L67/1095 , H04L67/2814 , H04L67/2823 , H04L67/2828 , H04L67/2842 , H04L67/2876 , H04L67/40 , H04L69/329 , Y10S707/99952
摘要: A method for enabling access to a data resource, which is held on a file server (25) on a first local area network (LAN) (21a), by a client (28) on a second LAN (21b). A proxy receiver (48) on the second LAN (21b) intercepts a request for the data resource submitted by the client (28) and transmits a message via a wide area network (WAN) (29) to a proxy transmitter (52) on the first LAN (21a), requesting the data resource. The proxy transmitter (52) retrieves a replica of the data resource from the file server (25) and conveys the replica of the data resource over the WAN (29) to the proxy receiver (48), which serves the replica of the data resource from the proxy receiver (48) to the client (28) over the second LAN (21b).
摘要翻译: 一种能够访问由第二LAN(21b)上的客户端(28)保存在第一局域网(LAN)(21a)上的文件服务器(25)上的数据资源的方法。 第二LAN(21b)上的代理接收器(48)拦截由客户端(28)提交的数据资源的请求,并经由广域网(WAN)29将消息发送到代理发射机(52)上 第一LAN(21a),请求数据资源。 代理发射器(52)从文件服务器(25)检索数据资源的副本,并将数据资源的副本通过WAN(29)传送到代理接收器(48),代理接收器(48)用于数据资源的副本 通过第二LAN(21b)从代理接收器(48)到客户机(28)。
-
公开(公告)号:US20120233453A1
公开(公告)日:2012-09-13
申请号:US13480715
申请日:2012-05-25
申请人: Etai Lev Ran , Ajit Sanzgiri
发明人: Etai Lev Ran , Ajit Sanzgiri
IPC分类号: H04L9/00
CPC分类号: H04L63/0428 , H04L63/061 , H04L63/166
摘要: In one embodiment, a method for providing secure communications using a proxy is provided. The proxy negotiates with a client and a server to determine a session key to use with communications between the client and the proxy and between the proxy and the server. Encrypted data may then be received from the client at the proxy. The proxy can decrypt the encrypted data for processing using the session key. In one embodiment, the decrypted data is not altered. The proxy then sends the encrypted data that was received from the client to the server without re-encrypting the data that was decrypted. Because the proxy did not alter the data in its processing of the decrypted data and the same session key is used between communications for the proxy and the server, the encrypted data stream that was received from the client can be forwarded to the server.
摘要翻译: 在一个实施例中,提供了一种使用代理提供安全通信的方法。 代理与客户端和服务器协商,以确定与客户端和代理之间以及代理和服务器之间的通信一起使用的会话密钥。 然后可以从代理处从客户端接收加密的数据。 代理可以使用会话密钥解密加密数据进行处理。 在一个实施例中,解密的数据不被改变。 然后,代理将从客户端接收的加密数据发送到服务器,而不重新加密被解密的数据。 因为代理在处理解密数据时没有改变数据,并且在代理和服务器的通信之间使用相同的会话密钥,所以从客户端接收的加密数据流可以被转发到服务器。
-
公开(公告)号:US08190875B2
公开(公告)日:2012-05-29
申请号:US11728001
申请日:2007-03-22
申请人: Etai Lev Ran , Ajit Sanzgiri
发明人: Etai Lev Ran , Ajit Sanzgiri
CPC分类号: H04L63/0428 , H04L63/061 , H04L63/166
摘要: In one embodiment, a method for providing secure communications using a proxy is provided. The proxy negotiates with a client and a server to determine a session key to use with communications between the client and the proxy and between the proxy and the server. Encrypted data may then be received from the client at the proxy. The proxy can decrypt the encrypted data for processing using the session key. In one embodiment, the decrypted data is not altered. The proxy then sends the encrypted data that was received from the client to the server without re-encrypting the data that was decrypted. Because the proxy did not alter the data in its processing of the decrypted data and the same session key is used between communications for the proxy and the server, the encrypted data stream that was received from the client can be forwarded to the server.
摘要翻译: 在一个实施例中,提供了一种使用代理提供安全通信的方法。 代理与客户端和服务器协商,以确定与客户端和代理之间以及代理和服务器之间的通信一起使用的会话密钥。 然后可以从代理处从客户端接收加密的数据。 代理可以使用会话密钥解密加密数据进行处理。 在一个实施例中,解密的数据不被改变。 然后,代理将从客户端接收的加密数据发送到服务器,而不重新加密被解密的数据。 因为代理在处理解密数据时没有改变数据,并且在代理和服务器的通信之间使用相同的会话密钥,所以从客户端接收的加密数据流可以被转发到服务器。
-
8.发明授权Techniques for balancing throughput and compression in a network communication system 有权在网络通信系统中平衡吞吐量和压缩的技术公开(公告)号:US07843823B2
公开(公告)日:2010-11-30
申请号:US11495072
申请日:2006-07-28
IPC分类号: H04L1/00
CPC分类号: H04L69/04
摘要: A method and apparatus is disclosed for balancing throughput and compression in a network communication system. A message is received. A first compression mechanism is applied to the message to generate a first compressed message, where applying the first compression mechanism comprises gathering compression information. Based on the compression information, a compression metric associated with the first compressed message is computed. The compression metric is compared to a threshold value. A second compression mechanism is applied to the first compressed message to generate a second compressed message only when the compression metric does not exceed the threshold value. The second compressed message is then transmitted.
摘要翻译: 公开了一种用于平衡网络通信系统中的吞吐量和压缩的方法和装置。 收到一条消息。 第一压缩机制被应用于消息以生成第一压缩消息,其中应用第一压缩机制包括收集压缩信息。 基于压缩信息,计算与第一压缩消息相关联的压缩度量。 将压缩度量与阈值进行比较。 仅当压缩度量不超过阈值时,第二压缩机制被应用于第一压缩消息以产生第二压缩消息。 然后发送第二个压缩消息。
-
公开(公告)号:US07639625B2
公开(公告)日:2009-12-29
申请号:US11713138
申请日:2007-03-02
申请人: Daniel Kaminsky , Arivu Ramasamy , Martin Cieslak , Mukund Ingle , Siddharth Vajirkar , Etai Lev Ran
发明人: Daniel Kaminsky , Arivu Ramasamy , Martin Cieslak , Mukund Ingle , Siddharth Vajirkar , Etai Lev Ran
IPC分类号: H04L12/26
CPC分类号: H04L41/12
摘要: In one embodiment, a method for tracing a connection path from a source node to a destination node through a network having one or more transparent proxies includes generating a trace packet at the source node, transmitting the trace packet over the network towards the destination node, and receiving trace response packets in response to transmission of the trace packet. The trace response packets include a packet from the destination node and a packet from each of the transparent proxies in a data path from the source node to the destination node. Each of the packets from the transparent proxies includes an identifier of the transparent proxy transmitting the packet. The method further includes identifying the transparent proxies in the connection path based on information in the trace response packets. An apparatus for tracing a connection path is also disclosed.
摘要翻译: 在一个实施例中,用于通过具有一个或多个透明代理的网络跟踪从源节点到目的地节点的连接路径的方法包括在源节点处生成跟踪分组,通过网络向目的地节点发送跟踪分组, 以及响应于跟踪包的传输而接收到跟踪响应数据包。 跟踪响应分组包括来自目的地节点的分组和来自源节点到目的地节点的数据路径中的每个透明代理的分组。 来自透明代理的每个分组包括传输分组的透明代理的标识符。 该方法还包括基于跟踪响应分组中的信息来识别连接路径中的透明代理。 还公开了一种用于跟踪连接路径的装置。
-
10.发明授权公开(公告)号:US07506102B2
公开(公告)日:2009-03-17
申请号:US11392317
申请日:2006-03-28
申请人: Etai Lev-Ran , Daniel Kaminsky
发明人: Etai Lev-Ran , Daniel Kaminsky
CPC分类号: G06F12/1458 , H04L63/10 , Y10S707/99939
摘要: A method and apparatus is disclosed for local access authorization of cached resources. A first request to perform an operation on a first object that is stored in a cache is received. An entity identifier associated with the entity that sent the first request, an operation identifier associated with the operation, and an Access Control List (ACL) associated with the first object are determined based on the first request. A record that includes at least the operation identifier, the ACL, and an authorization indicator is accessed. The authorization indicator indicates whether the entity has previously successfully performed the operation on any object in the cache that is associated with the ACL. Based on the authorization indicator included in the record, a determination is made whether to authorize the entity to perform the operation on the first object.
摘要翻译: 公开了用于缓存资源的本地访问授权的方法和装置。 接收对存储在高速缓存中的第一对象执行操作的第一请求。 基于第一请求确定与发送第一请求的实体相关联的实体标识符,与操作相关联的操作标识符以及与第一对象相关联的访问控制列表(ACL)。 至少包含操作标识符,ACL和授权指示符的记录被访问。 授权指示符指示该实体是否先前成功执行了与ACL关联的缓存中的任何对象的操作。 基于记录中包含的授权指示符,确定是否授权实体对第一对象执行操作。
-
-
-
-
-
-
-
-
-
搜索结果
27 条记录 (耗时 0.027 秒)