-
公开(公告)号:US08544081B2
公开(公告)日:2013-09-24
申请号:US12515449
申请日:2007-11-20
CPC分类号: H04L63/0209 , H04L63/0272 , H04L63/20
摘要: The present invention provides a star-connected network (C1-C4, P1-P8) having a number of peripheral nodes (P1-P8) and a central control arrangement (C1-C4). Each peripheral node has means for restricting communications across the network to the central control arrangement using a respective encrypted connection unless the peripheral node has received explicit authorisation from the control arrangement to set up a direct connection with another peripheral node. The central control arrangement comprises: means for establishing an encrypted connection with each peripheral node; means for exchanging control packets with two or more peripheral nodes using two or more respective encrypted connections in order to set up an authorised connection between two peripheral nodes; a database storing security policy information specifying what connections between peripheral nodes are allowable; and authorisation means for authorising connections which are allowable according to the stored security policy information using the control packet exchanging means.
摘要翻译: 本发明提供了具有多个外围节点(P1-P8)和中央控制装置(C1-C4)的星形连接网络(C1-C4,P1-P8)。 每个外围节点具有用于通过使用相应的加密连接将跨越网络的通信限制到中央控制装置的装置,除非外围节点已经从控制装置接收到建立与另一外围节点的直接连接的显式授权。 中央控制装置包括:用于与每个外围节点建立加密连接的装置; 用于使用两个或多个相应的加密连接与两个或多个外围节点交换控制分组的装置,以便在两个外围节点之间建立授权的连接; 存储指定外围节点之间的连接是允许的安全策略信息的数据库; 以及授权装置,用于根据所存储的安全策略信息,使用控制分组交换装置来授权可允许的连接。
-
公开(公告)号:US07978615B2
公开(公告)日:2011-07-12
申请号:US12278196
申请日:2007-01-31
申请人: Liwen He , Bryan Littlefair
发明人: Liwen He , Bryan Littlefair
IPC分类号: G01R31/08
摘要: Techniques are provided for operating a network where router devices forward received data packets towards a destination node. Each router maintains a routing table, indicating the next hop to choose in respect of different ultimate destinations m accordance with a routing protocol. Periodic communications between neighboring routers are used as confirmation that they are still able to communicate with one another. Each router compares the time since it last communicated in this way with each of its neighbors with a router dead interval and determines that the respective neighboring router, or the currently designated route thereto, has gone down if the comparison indicates that the router dead interval has elapsed without such a communication having been received. Each router performs an adaptive algorithm to modify the or each corresponding router dead interval dynamically in accordance with one or more properties of the network as measured by the router.
摘要翻译: 提供了用于操作网络的技术,其中路由器设备将接收的数据分组转发到目的地节点。 每个路由器维护路由表,指示根据路由协议针对不同最终目的地选择的下一跳。 使用相邻路由器之间的周期性通信作为它们仍然能够彼此通信的确认。 每个路由器比较上一次以这种方式与其每个具有路由器死区间隔的邻居进行通信的时间,并且如果比较指示路由器死区间具有,则确定相应的相邻路由器或其当前指定的路由已经下降 在没有接收到这样的通信的情况下经过。 每个路由器执行自适应算法,以根据由路由器测量的网络的一个或多个属性来动态地修改或每个对应的路由器死区间隔。
-
公开(公告)号:US07593905B2
公开(公告)日:2009-09-22
申请号:US10507112
申请日:2003-03-12
申请人: Liwen He
发明人: Liwen He
IPC分类号: G06N3/12
CPC分类号: G06N3/126 , H04L67/1002
摘要: A method of combinatorial multimodal optimization uses a genetic algorithm to find simultaneous global optimal solutions to combinatorial problems. Each individual within the population is associated not only with a fitness value but with a fitness vector, using which the persistence of all of the best individuals into the next generation can be guaranteed. Phenotype as well as genotype analysis is an integral part of the method.
摘要翻译: 组合多模态优化的方法使用遗传算法来寻找组合问题的同时全局最优解。 人口中的每个人不仅与适应度值相关联,而且与健身向量相关联,使用该向量可以保证所有最佳个体持续到下一代。 表型以及基因型分析是该方法的组成部分。
-
公开(公告)号:US08959334B2
公开(公告)日:2015-02-17
申请号:US12515458
申请日:2007-11-20
IPC分类号: H04L29/06
CPC分类号: H04L63/0209 , H04L63/0272 , H04L63/20
摘要: The present invention provides a star-connected network (C1-C4, P1-P8) having a number of peripheral nodes (P1-P8) and a central control arrangement (C1-C4). Each peripheral node has means for restricting communications across the network to the central control arrangement using a respective encrypted connection unless the peripheral node has received explicit authorization from the control arrangement to set up a direct connection with another peripheral node. The central control arrangement comprises: means for establishing an encrypted connection with each peripheral node; means for exchanging control packets with two or more peripheral nodes using two or more respective encrypted connections in order to set up an authorized connection between two peripheral nodes; a database storing security policy information specifying what connections between peripheral nodes are allowable; and authorization means for authorizing connections which are allowable according to the stored security policy information using the control packet exchanging means.
摘要翻译: 本发明提供了具有多个外围节点(P1-P8)和中央控制装置(C1-C4)的星形连接网络(C1-C4,P1-P8)。 每个外围节点具有用于通过使用相应的加密连接将跨越网络的通信限制到中央控制装置的装置,除非外围节点已经从控制装置接收到建立与另一外围节点的直接连接的显式授权。 中央控制装置包括:用于与每个外围节点建立加密连接的装置; 用于使用两个或多个相应的加密连接与两个或多个外围节点交换控制分组的装置,以便在两个外围节点之间建立授权的连接; 存储指定外围节点之间的连接是允许的安全策略信息的数据库; 以及授权装置,用于根据所存储的安全策略信息,使用控制分组交换装置来授权可允许的连接。
-
公开(公告)号:US20090034542A1
公开(公告)日:2009-02-05
申请号:US12278203
申请日:2007-01-31
申请人: Liwen He
发明人: Liwen He
IPC分类号: H04L12/56
CPC分类号: H04L45/028 , H04L45/26 , H04L45/52
摘要: An Internet Protocol router device (10) for use in a data network comprising a plurality of nodes (10, 20, 30), wherein packets of data are sent from one node in the network to another on a hop by hop basis. The router includes: a data store (14) for storing a routing table indicating the next hop destination for a received packet on the basis of the ultimate destination specified by the received packet; a digital processor (13) operable to maintain the routing table on the basis of communications received from neighbouring router devices (20, 30) within the network; and a timer (15) for timing the length of time elapsed since last receiving a communication, or a communication of a type which is one of a subset of the possible types of communication, from each of one or more of the router device's neighbours; wherein the data store (14) is further operable to store in respect of each of said one or more of the router device's neighbours a router dead interval; and the digital processor (13) is further operable to compare said length of time elapsed with the corresponding router dead interval in respect of each of said one or more of the router device's neighbours and to ascertain that the corresponding router device is no longer operating correctly if the comparison indicates that a length of time equal to or greater than the router dead interval has elapsed without receiving a said communication, or a said communication of a type which is one of a subset of the possible types of communication, from said neighbouring router device; the router device being characterised in that the digital processor (13) is further operable to dynamically vary the or each router dead interval in accordance with one or more properties of the network.
摘要翻译: 一种用于在包括多个节点(10,20,30)的数据网络中使用的因特网协议路由器设备(10),其中数据分组以网络向一个节点逐跳发送。 该路由器包括:数据存储器(14),用于基于由接收到的分组指定的最终目的地存储指示接收分组的下一跳目的地的路由表; 数字处理器(13),其可操作以基于从所述网络内的相邻路由器设备(20,30)接收的通信来维护所述路由表; 以及定时器(15),用于定时从上一次接收到通信所经过的时间长度,或者从路由器设备的邻居中的一个或多个中的每一个中定义作为可能通信类型的子集之一的类型的通信; 其中所述数据存储器(14)还可操作以相对于所述一个或多个路由器设备的邻居中的每一个存储路由器死区间; 并且所述数字处理器(13)还可操作用于将已经经过的所述时间长度与所述一个或多个路由器设备的邻居中的每一个相对应的路由器死区间进行比较,并且确定对应的路由器设备不再正确地操作 如果比较指示等于或大于路由器死区间的时间长度已经过去而没有接收到来自所述相邻路由器的可能通信类型的子集之一的所述通信或所述通信的类型 设备; 路由器设备的特征在于,数字处理器(13)还可操作以根据网络的一个或多个属性来动态地改变每个路由器死区间隔。
-
公开(公告)号:US20090016356A1
公开(公告)日:2009-01-15
申请号:US12278196
申请日:2007-01-31
申请人: Liwen He , Bryan Littlefair
发明人: Liwen He , Bryan Littlefair
IPC分类号: H04L12/56
摘要: An Internet Protocol router device (10) for use in a data network comprising a plurality of nodes (10, 20, 30), wherein packets of data are sent from one node in the network to another on a hop by hop basis. The router includes: a data store (14) for storing a routing table indicating the next hop destination for a received packet on the basis of the ultimate destination specified by the received packet; a digital processor (13) operable to maintain the routing table on the basis of communications received from neighbouring router devices (20, 30) within the network; and a timer (15) for timing the length of time elapsed since last receiving a communication, or a communication of a type which is one of a subset of the possible types of communication, from each of one or more of the number of device's neighbours; wherein the data store (14) is further operable to store in respect of each of said one or more of the router device's neighbours a router dead interval; and the digital processor (13) is further operable to compare said length of time elapsed with the corresponding router dead interval in respect of each of said one or more of the router device's neighbours and to ascertain that the corresponding router device is no longer operating correctly if the comparison indicates that a length of time equal to or greater than the router dead interval has elapsed without receiving a said communication, or a said communication of a type which is one of a subset of the possible types of communication, from said neighbouring router device; the router device being characterised in that the digital processor (13) is further operable to dynamically vary the or each router dead interval in accordance with one or more properties of the network.
摘要翻译: 一种用于在包括多个节点(10,20,30)的数据网络中使用的因特网协议路由器设备(10),其中数据分组以网络向一个节点逐跳发送。 该路由器包括:数据存储器(14),用于基于由接收到的分组指定的最终目的地存储指示接收分组的下一跳目的地的路由表; 数字处理器(13),其可操作以基于从所述网络内的相邻路由器设备(20,30)接收的通信来维护所述路由表; 以及定时器(15),用于从上一次接收到通信之后经过的时间的长度或者作为可能通信类型的子集中的一种的类型的通信从多个设备的邻居中的一个或多个 ; 其中所述数据存储器(14)还可操作以相对于所述一个或多个路由器设备的邻居中的每一个存储路由器死区间; 并且所述数字处理器(13)还可操作用于将已经经过的所述时间长度与所述一个或多个路由器设备的邻居中的每一个相对应的路由器死区间进行比较,并且确定对应的路由器设备不再正确地操作 如果比较指示等于或大于路由器死区间的时间长度已经过去而没有接收到来自所述相邻路由器的可能通信类型的子集之一的所述通信或所述通信的类型 设备; 路由器设备的特征在于,数字处理器(13)还可操作以根据网络的一个或多个属性来动态地改变每个路由器死区间隔。
-
公开(公告)号:US20080031257A1
公开(公告)日:2008-02-07
申请号:US11632772
申请日:2005-07-15
申请人: Liwen He
发明人: Liwen He
IPC分类号: H04L12/26
CPC分类号: H04L45/54 , H04L43/50 , H04L45/00 , H04L45/02 , H04L45/06 , H04L45/22 , H04L45/26 , H04L45/48 , H04L63/1466
摘要: A method of operating a data network, of the type in which a number of inter-connected router devices forward received packets of data towards a destination node in accordance with a routing table associated with each router. The method comprises: receiving routing information at one of said routers, determining if the information is such that, if it were correct, it would cause the router to update its routing table in respect of one or more entries, and, if so, sending out two test packets, one of which is sent out according to the existing information contained in the routing table and the other of which is sent out according to the information which would be included in the routing table if it were up-dated in accordance with the received information; comparing the results of the two test sending; and updating the routing table to reflect the received information if the comparison indicates that the received information is correct, but otherwise ignoring the information and maintaining the routing table unchanged.
摘要翻译: 一种操作数据网络的方法,其中多个相互连接的路由器设备根据与每个路由器相关联的路由表将接收的数据分组转发到目的地节点。 该方法包括:在所述路由器之一接收路由信息,确定所述信息是否是这样的,如果它是正确的,则将导致路由器针对一个或多个条目更新其路由表,如果是,则发送 输出两个测试分组,其中一个测试分组根据包含在路由表中的现有信息发送出去,另一个测试分组根据包含在路由表中的信息发送出去,如果根据 收到的信息; 比较两次测试发送的结果; 如果比较指示接收到的信息是正确的,则更新路由表以反映接收到的信息,否则忽略该信息并维持路由表不变。
-
公开(公告)号:US07920558B2
公开(公告)日:2011-04-05
申请号:US11794391
申请日:2005-12-08
申请人: Liwen He
发明人: Liwen He
IPC分类号: H04L12/28
CPC分类号: H04L45/52 , H04L45/00 , H04L45/12 , H04L45/124 , H04L45/44
摘要: A data network has a number of inter-connected router devices forward received packets of data towards a destination node in accordance with a routing table associated with each router. A trust value is assigned to one or more other router devices, or links between router devices, in the network. A route metric is calculated in respect of one or more paths for forwarding on received data packets for onward transmission towards a specified destination. A next hop destination is selected for onward transmission of each such received packet to be forwarded on the basis of the calculated route metric for each applicable path. Each route metric is calculated in dependence upon the trust value assigned to one or more of the router or routers within each such path.
摘要翻译: 数据网络具有多个相互连接的路由器设备,根据与每个路由器相关联的路由表将接收到的数据分组转发到目的地节点。 将信任值分配给一个或多个其他路由器设备,或者在网络中的路由器设备之间的链路。 针对一个或多个路径计算路由度量,用于在接收到的数据分组上转发以朝向指定目的地的向前传输。 选择下一跳目的地,用于根据所计算的每个可应用路径的路由度量来对每个这样接收到的要转发的分组进行向前传输。 根据分配给每个这样的路径内的一个或多个路由器或路由器的信任值来计算每个路由度量。
-
公开(公告)号:US20090041019A1
公开(公告)日:2009-02-12
申请号:US12280876
申请日:2007-02-08
申请人: Liwen He , Christopher Rutherford , Jake Hill , Bryan Littlefair
发明人: Liwen He , Christopher Rutherford , Jake Hill , Bryan Littlefair
IPC分类号: H04L12/56
摘要: A multi-protocol label switching network or domain (1), and method of operating the same. Label switching control paths are established for forwarding control packets between routers (E1-E4, C1-C6) according to control labels assigned to the control packets by a label assignment server (2). Control labels are assigned by assigning a respective unique control label to respective directional pairs of edge routers, each directional pair comprising a combination of an edge router pair and a direction between the edge routers of the pair. Traffic data paths are also established for forwarding traffic data packets between the routers according to traffic data labels assigned to the traffic data packets. The traffic data labels are distinct from the control labels, and the traffic data paths are different from the control paths.
摘要翻译: 多协议标签交换网或域(1)及其操作方法。 建立标签交换控制路径,用于根据标签分配服务器(2)分配给控制分组的控制标签,在路由器(E1-E4,C1-C6)之间转发控制分组。 通过将相应的唯一控制标签分配给相应的边缘路由器的方向对来分配控制标签,每个方向对包括边缘路由器对与该对边缘路由器之间的方向的组合。 还建立了业务数据路径,用于根据分配给业务数据包的流量数据标签在路由器之间转发流量数据包。 流量数据标签与控制标签不同,流量数据路径与控制路径不同。
-
10.发明授权Method and system of operating a network including sending test packets only when needed 有权操作网络的方法和系统,包括仅在需要时发送测试包公开(公告)号:US08014399B2
公开(公告)日:2011-09-06
申请号:US11632772
申请日:2005-07-15
申请人: Liwen He
发明人: Liwen He
CPC分类号: H04L45/54 , H04L43/50 , H04L45/00 , H04L45/02 , H04L45/06 , H04L45/22 , H04L45/26 , H04L45/48 , H04L63/1466
摘要: A data network, of the type in which a number of inter-connected router devices forward received packets of data towards a destination node in accordance with a routing table associated with each router is operated. The network is operated by: receiving routing information at one of the routers, determining if the information is such that, if it were correct, it would cause the router to update its routing table in respect of one or more entries, and, if so, sending out two test packets, one of which is sent out according to the existing information contained in the routing table and the other of which is sent out according to the information which would be included in the routing table if it were updated in accordance with the received information; comparing the results of the two test sendings; and updating the routing table to reflect the received information if the comparison indicates that the received information is correct, but otherwise ignoring the information and maintaining the routing table unchanged.
摘要翻译: 数据网络,其中多个相互连接的路由器设备根据与每个路由器相关联的路由表将接收到的数据分组转发到目的地节点的类型被操作。 该网络通过以下操作来操作:在路由器之一处接收路由信息,确定信息是否是这样的,如果它是正确的,则将导致路由器针对一个或多个条目更新其路由表,如果是 发送两个测试分组,其中一个测试分组根据包含在路由表中的现有信息发送出去,另一个测试分组根据将被包括在路由表中的信息发送出去,如果根据 收到的信息; 比较两次测试发送的结果; 如果比较指示接收到的信息是正确的,则更新路由表以反映接收到的信息,否则忽略该信息并维持路由表不变。
-
-
-
-
-
-
-
-
-
搜索结果
15 条记录 (耗时 0.013 秒)
