-
公开(公告)号:US20060164984A1
公开(公告)日:2006-07-27
申请号:US10988746
申请日:2004-11-14
申请人: Sandeep Hebbani Rao , Shyamasundar Kaluve , Senthilkumar Krishnamurthy , Venkateshwar Pullela , Ashwin Sampath
发明人: Sandeep Hebbani Rao , Shyamasundar Kaluve , Senthilkumar Krishnamurthy , Venkateshwar Pullela , Ashwin Sampath
IPC分类号: H04L12/26
CPC分类号: H04L63/101 , H04L12/185 , H04L63/104
摘要: Disclosed are, inter alia, methods, apparatus, data structures, computer-readable media, and mechanisms for limiting unauthorized multicast sources. One or more access control lists are typically configured in a switching device to a state that denies forwarding of multicast packets with a particular host as its source. In response to a received multicast application admission-control message identifying the particular host, the one or more access control lists in the switching device are updated to allow multicast messages sent from the particular host to be forwarded. In one system, the received multicast application admission-control message is an Internet Group Management Protocol (IGMP) message. In response to the received multicast application admission-control message identifying the particular host, one system automatically adds one or more entries to the one or more access control lists to allow multicast traffic to be sent to and received from a next switching device leading to a corresponding multicast Rendezvous Point.
摘要翻译: 公开的方法,装置,数据结构,计算机可读介质和用于限制未经授权的组播源的机制。 一个或多个访问控制列表通常在交换设备中配置为拒绝以特定主机作为其源的多播分组的转发的状态。 响应于接收到的识别特定主机的多播应用准入控制消息,更新交换设备中的一个或多个访问控制列表以允许从特定主机发送的多播消息被转发。 在一个系统中,所接收的组播应用准入控制消息是因特网组管理协议(IGMP)消息。 响应于接收到的组播应用准入控制消息标识特定主机,一个系统自动将一个或多个条目添加到一个或多个访问控制列表,以允许将多播业务发送到下一个交换设备并从其接收,从而导致 相应的组播集合点。
-
公开(公告)号:US20100153701A1
公开(公告)日:2010-06-17
申请号:US12316842
申请日:2008-12-17
IPC分类号: H04L9/00
CPC分类号: H04L12/4666 , H04L12/4633 , H04L63/0428 , H04L63/162
摘要: Systems, methods, and other embodiments associated with layer two (L2) encryption for data center interconnectivity are described. One example system includes a receive logic to receive an unencrypted L2 switched frame (UL2SF). The UL2SF may include a payload and an L2 header. The example system may also include an encryption logic to selectively encrypt the UL2SF into an encrypted frame if the UL2SF is to be sent through an L2 virtual private network (L2VPN) requiring encryption. The example system may also include a delivery logic that adds a header to the encrypted frame. The header may include data to identify a decryption function to decrypt the encrypted frame and routing information for the encrypted frame. The delivery logic may also provide the encrypted frame to the L2VPN, where the providing includes selectively sending the encrypted frame as one of, a point to point packet, and a multipoint packet.
摘要翻译: 描述了与用于数据中心互连的第二层(L2)加密相关联的系统,方法和其它实施例。 一个示例系统包括接收未加密的L2交换帧(UL2SF)的接收逻辑。 UL2SF可以包括有效载荷和L2报头。 如果要通过需要加密的L2虚拟专用网(L2VPN)发送UL2SF,示例系统还可以包括加密逻辑,以选择性地将UL2SF加密成加密帧。 示例系统还可以包括向加密的帧添加头部的递送逻辑。 标题可以包括用于识别解密加密帧的解密功能的数据和用于加密帧的路由信息。 递送逻辑还可以将加密的帧提供给L2VPN,其中提供包括选择性地将加密的帧作为点对点分组和多点分组之一发送。
-
公开(公告)号:US08856317B2
公开(公告)日:2014-10-07
申请号:US12804177
申请日:2010-07-15
IPC分类号: G06F15/173 , H04L29/06 , H04L29/08
CPC分类号: H04L63/20 , H04L67/141 , H04L67/148
摘要: In one embodiment, a method includes receiving at one of a plurality of servers, a request from a client for a secure communication session, storing context information associated with the secure communication session at a virtual context server in communication with the servers, and establishing the secure communication session between one of the servers and the client. The context information includes a session identifier, a secret, and a session state. The stored context information is available to the servers to allow the secure communication session to move between the servers. An apparatus for secure data transfer in a virtual environment is also disclosed.
摘要翻译: 在一个实施例中,一种方法包括在多个服务器中的一个服务器处接收来自客户机的用于安全通信会话的请求,在与服务器通信的虚拟上下文服务器处存储与安全通信会话相关联的上下文信息,以及建立 一个服务器和客户端之间的安全通信会话。 上下文信息包括会话标识符,秘密和会话状态。 存储的上下文信息可用于服务器以允许安全通信会话在服务器之间移动。 还公开了一种用于虚拟环境中的安全数据传输的装置。
-
公开(公告)号:US08271775B2
公开(公告)日:2012-09-18
申请号:US12316842
申请日:2008-12-17
IPC分类号: H04L29/06
CPC分类号: H04L12/4666 , H04L12/4633 , H04L63/0428 , H04L63/162
摘要: Systems, methods, and other embodiments associated with layer two (L2) encryption for data center interconnectivity are described. One example system includes a receive logic to receive an unencrypted L2 switched frame (UL2SF). The UL2SF may include a payload and an L2 header. The example system may also include an encryption logic to selectively encrypt the UL2SF into an encrypted frame if the UL2SF is to be sent through an L2 virtual private network (L2VPN) requiring encryption. The example system may also include a delivery logic that adds a header to the encrypted frame. The header may include data to identify a decryption function to decrypt the encrypted frame and routing information for the encrypted frame. The delivery logic may also provide the encrypted frame to the L2VPN, where the providing includes selectively sending the encrypted frame as one of, a point to point packet, and a multipoint packet.
摘要翻译: 描述了与用于数据中心互连的第二层(L2)加密相关联的系统,方法和其它实施例。 一个示例系统包括接收未加密的L2交换帧(UL2SF)的接收逻辑。 UL2SF可以包括有效载荷和L2报头。 如果要通过需要加密的L2虚拟专用网(L2VPN)发送UL2SF,示例系统还可以包括加密逻辑,以选择性地将UL2SF加密成加密帧。 示例系统还可以包括向加密帧添加头部的递送逻辑。 标题可以包括用于识别解密加密帧的解密功能的数据和用于加密帧的路由信息。 递送逻辑还可以将加密的帧提供给L2VPN,其中提供包括选择性地将加密的帧作为点对点分组和多点分组之一发送。
-
公开(公告)号:US20120016977A1
公开(公告)日:2012-01-19
申请号:US12804177
申请日:2010-07-15
IPC分类号: G06F15/173 , H04L9/00 , G06F15/16
CPC分类号: H04L63/20 , H04L67/141 , H04L67/148
摘要: In one embodiment, a method includes receiving at one of a plurality of servers, a request from a client for a secure communication session, storing context information associated with the secure communication session at a virtual context server in communication with the servers, and establishing the secure communication session between one of the servers and the client. The context information includes a session identifier, a secret, and a session state. The stored context information is available to the servers to allow the secure communication session to move between the servers. An apparatus for secure data transfer in a virtual environment is also disclosed.
摘要翻译: 在一个实施例中,一种方法包括在多个服务器中的一个服务器处接收来自客户机的用于安全通信会话的请求,在与服务器通信的虚拟上下文服务器处存储与安全通信会话相关联的上下文信息,以及建立 一个服务器和客户端之间的安全通信会话。 上下文信息包括会话标识符,秘密和会话状态。 存储的上下文信息可用于服务器以允许安全通信会话在服务器之间移动。 还公开了一种用于虚拟环境中的安全数据传输的装置。
-
公开(公告)号:US07940765B2
公开(公告)日:2011-05-10
申请号:US10988746
申请日:2004-11-14
申请人: Sandeep Hebbani Raghavendra Rao , Shyamasundar S. Kaluve , Senthilkumar Krishnamurthy , Venkateshwar Rao Pullela , Ashwin Sampath
发明人: Sandeep Hebbani Raghavendra Rao , Shyamasundar S. Kaluve , Senthilkumar Krishnamurthy , Venkateshwar Rao Pullela , Ashwin Sampath
IPC分类号: H04L12/28
CPC分类号: H04L63/101 , H04L12/185 , H04L63/104
摘要: Disclosed are, inter alia, methods, apparatus, data structures, computer-readable media, and mechanisms for limiting unauthorized multicast sources. One or more access control lists are typically configured in a switching device to a state that denies forwarding of multicast packets with a particular host as its source. In response to a received multicast application admission-control message identifying the particular host, the one or more access control lists in the switching device are updated to allow multicast messages sent from the particular host to be forwarded. In one system, the received multicast application admission-control message is an Internet Group Management Protocol (IGMP) message. In response to the received multicast application admission-control message identifying the particular host, one system automatically adds one or more entries to the one or more access control lists to allow multicast traffic to be sent to and received from a next switching device leading to a corresponding multicast Rendezvous Point.
摘要翻译: 公开的方法,装置,数据结构,计算机可读介质和用于限制未经授权的组播源的机制。 一个或多个访问控制列表通常在交换设备中配置为拒绝以特定主机作为其源的多播分组的转发的状态。 响应于接收到的识别特定主机的多播应用准入控制消息,更新交换设备中的一个或多个访问控制列表以允许从特定主机发送的多播消息被转发。 在一个系统中,所接收的组播应用准入控制消息是因特网组管理协议(IGMP)消息。 响应于接收到的组播应用准入控制消息标识特定主机,一个系统自动将一个或多个条目添加到一个或多个访问控制列表中,以允许将多播业务发送到下一个交换设备并从其接收,从而导致 相应的组播集合点。
-
-
-
-
-
搜索结果
6 条记录 (耗时 0.009 秒)
