公开(公告)号：US10225138B2

公开(公告)日：2019-03-05

申请号：US15044760

申请日：2016-02-16

Applicant: Architecture Technology Corporation

Inventor： John Wu ,  Nathan Bahr ,  Ranga Ramanujan ,  Brett Thompson ,  Steven M. Schneider ,  Corey Webster

IPC: G06F15/177 ,  H04L12/24 ,  H04L29/12

Abstract: In one example, in a Dynamic Host Configuration Protocol (DHCP) network comprising one or more configuration computing systems, a method includes receiving one or more augmented DHCP configuration messages. The method also includes determining that each of the one or more augmented DHCP configuration messages includes a message tag indicating that the respective augmented DHCP configuration message contains parameter information that includes a client identifier associated with a respective one of the one or more network devices. The method further includes determining, based on the parameter information included in each of the one or more augmented DHCP configuration messages, configuration data that is usable to configure the one or more network devices. The method also includes configuring, based on the configuration data, the one or more network devices.

公开(公告)号：US20170310638A1

公开(公告)日：2017-10-26

申请号：US15639045

申请日：2017-06-30

Applicant: Architecture Technology Corporation

Inventor： Benjamin L. Burnett ,  Deborah K. Charan ,  Fabio Pozzo ,  Ranga Ramanujan

IPC: H04L29/06 ,  H04L12/24

Abstract: This disclosure describes a context aware scalable dynamic network whereby network information concerning network elements in an untrusted (Black) network are gathered by network sensors, stored at a network sensor collector, and sent to another network sensor collector in a trusted (Red) network through a one-way guard. At the Red network, the network information from the Black network may be combined with network information from one or more Red networks. The combined network information may then be used to visualize a cross-domain network topology of both Red and Black networks, and to implement network management functions.

公开(公告)号：US09160553B2

公开(公告)日：2015-10-13

申请号：US14216732

申请日：2014-03-17

Applicant: Architecture Technology Corporation

Inventor： John Wu ,  Nathan Bahr ,  Maher Kaddoura ,  Ranga Ramanujan

IPC: H04L12/18 ,  H04L29/06

CPC classification number: H04L12/185 ,  H04L12/1886 ,  H04L12/189 ,  H04L29/06455 ,  H04L61/2069 ,  H04W4/08

Abstract: This disclosure is directed to techniques for communicating in an adaptive multicast network. In general, the disclosure is directed to communicating in an adaptive multicast network. This may be done by archiving, at a rendezvous point, multicast subscription information for terminal nodes in the adaptive multicast network, wherein the multicast subscription information comprises a dynamic list of receiver terminal nodes located within the adaptive multicast network that subscribe to particular multicast streams from one or more terminal nodes in the adaptive multicast network. A router receives a multicast stream from a sender terminal node. The router receives the multicast subscription information for the multicast stream sent by the sender terminal node from the rendezvous point. The router forwards the multicast stream to all receiver terminal nodes in the dynamic list of receiver terminal nodes indicated as subscribing to the multicast stream sent by the sender terminal node.

Abstract translation: 本公开涉及用于在自适应多播网络中进行通信的技术。 通常，本公开涉及在自适应组播网络中进行通信。 这可以通过在会合点归档在自适应组播网络中的终端节点的多播订阅信息来完成，其中多播订阅信息包括位于自适应组播网络内的接收机终端节点的动态列表，其中订阅特定多播流的接收机终端节点 自适应组播网络中的一个或多个终端节点。 路由器接收来自发送方终端节点的多播流。 路由器接收发送方终端节点从会合点发送的组播流的组播预约信息。 路由器将组播流转发到订阅由发送方终端发送的组播流表示的接收方终端节点的动态列表中的所有接收方终端节点。

公开(公告)号：US11729185B2

公开(公告)日：2023-08-15

申请号：US17663597

申请日：2022-05-16

Applicant: Architecture Technology Corporation

Inventor： Ranga Ramanujan ,  Benjamin L. Burnett

IPC: H04L9/40 ,  H04L12/28 ,  H04L69/22

CPC classification number: H04L63/1408 ,  H04L12/2854 ,  H04L63/1441 ,  H04L63/1458 ,  H04L63/1483 ,  H04L69/22 ,  H04L2463/121

Abstract: This disclosure is directed to monitoring a crypto-partitioned, or cipher-text, wide-area network (WAN). A first computing device may be situated in a plain-text portion of a first enclave behind a first inline network encryptor (INE). A second device may be positioned in a plain-text portion of a second enclave behind a second INE. The two enclaves may be separated by a cipher-text WAN, over which the two enclaved may communicate. The first computing device may receive a data packet from the second computing device. The first computing device may then determine contents of a header of the data packet. The first computing device may, based at least in part on the contents of the header of the data packet, determine a status of the cipher-text WAN.

公开(公告)号：US10999262B1

公开(公告)日：2021-05-04

申请号：US15959709

申请日：2018-04-23

Applicant: Architecture Technology Corporation

Inventor： Ranga Ramanujan ,  Benjamin L. Burnett

IPC: H04L29/06

Abstract: In general, the techniques of this disclosure describe a hub device that is configured to receive data packets from both secured client devices and non-secured client devices. The hub device may send the data packets from the secured client devices to a host device. For the data packets from the non-secured client devices, the hub device may first process the data packets to ensure the integrity of the received non-secure data packets and then send the non-secure data packets to the host device once the hub device determines that the non-secure data packets meet some threshold level of integrity.

公开(公告)号：US10454891B2

公开(公告)日：2019-10-22

申请号：US15639045

申请日：2017-06-30

Applicant: Architecture Technology Corporation

Inventor： Benjamin L. Burnett ,  Deborah K. Charan ,  Fabio Pozzo ,  Ranga Ramanujan

IPC: H04L29/06 ,  H04L12/24

Abstract: This disclosure describes a context aware scalable dynamic network whereby network information concerning network elements in an untrusted (Black) network are gathered by network sensors, stored at a network sensor collector, and sent to another network sensor collector in a trusted (Red) network through a one-way guard. At the Red network, the network information from the Black network may be combined with network information from one or more Red networks. The combined network information may then be used to visualize a cross-domain network topology of both Red and Black networks, and to implement network management functions.

公开(公告)号：US09887974B2

公开(公告)日：2018-02-06

申请号：US14931620

申请日：2015-11-03

Applicant: Architecture Technology Corporation

Inventor： Deborah K. Charan ,  Ranga Ramanujan

IPC: H04L29/06

CPC classification number: H04L63/0471 ,  H04L63/0485 ,  H04L63/18

Abstract: This disclosure is directed to techniques for providing communication between devices in different networks wherein the communication must first pass through an encryption mechanism and the devices do not have the stand-alone capability to encrypt or decrypt the communication. According to these techniques, an adapter may determine certain fields in a data packet that remain unencrypted when the data packet passes through the encryption mechanism. The adapter may then process those fields in such a way that, when the data packets are received by a second adapter, the second adapter may read those fields and obtain information.

公开(公告)号：US20150180830A1

公开(公告)日：2015-06-25

申请号：US14512123

申请日：2014-10-10

Applicant: Architecture Technology Corporation

Inventor： Benjamin L. Burnett ,  Deborah K. Charan ,  Fabio Pozzo ,  Ranga Ramanujan

IPC: H04L29/06

CPC classification number: H04L63/02 ,  H04L41/0853 ,  H04L41/0856 ,  H04L41/22 ,  H04L41/28 ,  H04L63/0272 ,  H04L63/20

Abstract: This disclosure describes a context aware scalable dynamic network whereby network information concerning network elements in an untrusted (Black) network are gathered by network sensors, stored at a network sensor collector, and sent to another network sensor collector in a trusted (Red) network through a one-way guard. At the Red network, the network information from the Black network may be combined with network information from one or more Red networks. The combined network information may then be used to visualize a cross-domain network topology of both Red and Black networks, and to implement network management functions.

Abstract translation: 本公开描述了一种上下文感知可扩展动态网络，由此网络信息由不可信（黑）网络中的网络元件收集，存储在网络传感器收集器处的网络传感器收集，并发送到可信任（红色）网络中的另一个网络传感器收集器 单程护卫 在红色网络中，来自黑色网络的网络信息可以与来自一个或多个红色网络的网络信息组合。 然后可以将组合的网络信息用于可视化红色和黑色网络的跨域网络拓扑，并实现网络管理功能。

公开(公告)号：US10762183B1

公开(公告)日：2020-09-01

申请号：US15866046

申请日：2018-01-09

Applicant: Architecture Technology Corporation

Inventor： Deborah K. Charan ,  Ranga Ramanujan

IPC: G06F21/32 ,  A61B5/0402 ,  G06K9/00

Abstract: In general, the techniques of this disclosure describe a computing device in a secure domain that is configured to receive, via a guard device, an authentication factor from a biometric authentication device in a non-secure domain. The biometric authentication device is in a non-secure domain, and the authentication factor comprises an identifier of a prospective user of the biometric authentication device. The computing device may then determine, based on the received authentication factor, whether the prospective user is a trusted user of the computing device based on the authentication factor. Responsive to determining that the prospective user of the biometric authentication device is the trusted user, the computing device may enable access to one or more applications on the computing device.

公开(公告)号：US10659476B2

公开(公告)日：2020-05-19

申请号：US15262979

申请日：2016-09-12

Applicant: Architecture Technology Corporation

Inventor： Ranga Ramanujan ,  Benjamin L. Burnett

IPC: H04L29/06 ,  H04L12/28

Abstract: This disclosure is directed to monitoring a crypto-partitioned, or cipher-text, wide-area network (WAN). A first computing device may be situated in a plain-text portion of a first enclave behind a first inline network encryptor (INE). A second device may be positioned in a plain-text portion of a second enclave behind a second INE. The two enclaves may be separated by a cipher-text WAN, over which the two enclaved may communicate. The first computing device may receive a data packet from the second computing device. The first computing device may then determine contents of a header of the data packet. The first computing device may, based at least in part on the contents of the header of the data packet, determine a status of the cipher-text WAN.