公开(公告)号：US07526658B1

公开(公告)日：2009-04-28

申请号：US10661903

申请日：2003-09-12

申请人： Haixiang He ,  Donald Fedyk ,  Lakshminath Dondeti

发明人： Haixiang He ,  Donald Fedyk ,  Lakshminath Dondeti

IPC分类号： H04L9/32 ,  H04L9/00 ,  G06F11/30

CPC分类号： H04L9/0833 ,  H04L63/0272 ,  H04L63/065

摘要： Method and apparatus that enable secure transmission of data in a scalable private network are described. Each station that is to be part of a private network registers with a key table. A group security association associated with the private network is forwarded to each trusted ingress and egress point that communicates with each member of the private network. When a member of the private network seeks to communicate with another member, it simply forwards the communication to the trusted ingress point. The trusted ingress point uses the security association associated with the private network to transform the communication and forwards the transformed communication through other intermediate stations in the network until it reaches a trusted egress point. The trusted egress point uses the stored security association to decode the transformed communication and forwards the communication to the appropriate destination. The ingress and egress points may be any points in the network, including customer edge devices, provider edge devices, or some combination thereof.

摘要翻译： 描述了在可扩展的专用网络中实现数据的安全传输的方法和装置。 要成为私有网络一部分的每个站点都注册一个关键表。 与私有网络相关联的组安全关联被转发到与专用网络的每个成员通信的每个可信入口和出口点。 当私有网络的成员寻求与另一个成员通信时，它只是将通信转发到可信入口点。 信任入口点使用与专用网络相关联的安全关联来转换通信，并且通过网络中的其他中间站转发经变换的通信，直到其到达可信出口点。 信任出口点使用存储的安全关联来解码变换的通信，并将通信转发到适当的目的地。 入口和出口点可以是网络中的任何点，包括客户边缘设备，提供商边缘设备或其某些组合。

公开(公告)号：US07558877B1

公开(公告)日：2009-07-07

申请号：US10661734

申请日：2003-09-12

申请人： Donald Fedyk ,  Lakshminath Dondeti ,  Haixiang He

发明人： Donald Fedyk ,  Lakshminath Dondeti ,  Haixiang He

IPC分类号： G06F15/16

CPC分类号： H04L63/20

摘要： Each member of a group registers with the Security/Routing (S/R) device 30 and receives a Group Security Association (GSA) associated with the group. The member may register as part of a group by identifying the group and the other members. Alternatively, Routing Functionality auto-discovers the other members of the group. AS members are identified, Routing functionality reflects the routes of all members in the group to all other members of the group. The forwarding of the routes to the respective group members may be secured via the GSA associated with the group. Each member can forward communication directly to the group members, securing the communication using the group SA and standard tunneling techniques (such as IPsec, GRE, MPLS, etc.). Thus the S/R provides a mechanism for private networks to be built on top of an existing network without modification of any existing network components and much more scalable in operation and configuration than individual IP sec tunnels.

摘要翻译： 组的每个成员向安全/路由（S / R）设备30注册，并且接收与组相关联的组安全关联（GSA）。 成员可以通过识别组和其他成员来注册为组的一部分。 或者，路由功能会自动发现组中的其他成员。 AS成员被识别，路由功能将组中所有成员的路由反映到组中的所有其他成员。 可以经由与组相关联的GSA来保护路由到各个组成员的转发。 每个成员可以直接向组成员转发通信，使用组SA和标准隧道技术（如IPsec，GRE，MPLS等）确保通信。 因此，S / R提供了一种将私有网络建立在现有网络之上的机制，而不需要修改任何现有的网络组件，并且在运行和配置上比单个IPsec隧道更具可扩展性。

公开(公告)号：US08687485B1

公开(公告)日：2014-04-01

申请号：US10864146

申请日：2004-06-09

申请人： Lakshminath Dondeti ,  Donald Fedyk ,  Haixiang He

发明人： Lakshminath Dondeti ,  Donald Fedyk ,  Haixiang He

IPC分类号： H04L12/26

CPC分类号： H04L63/1408 ,  H04L63/0272 ,  H04L63/08 ,  H04L63/104 ,  H04L63/166

摘要： A method and apparatus is disclosed which enables detection of undesired packets received at a device in a network, where the device is a member of a group of devices in the network. A registration table stores transform identifiers for each member of a group and controls the forwarding of the transform identifiers to the members of the group as members are added and deleted. A transform identifier indicates a format or transformation of a packet transmitted by an associated member. The transform identifier can therefore be used at a receiving device to distinguish between transmissions by different members of the group, thereby enabling the receiving device to extract sequence information associated with the member from the packet. The sequence information can be compared against an expected sequence number for the member to determine whether the packet is an undesirable or rogue packet.

摘要翻译： 公开了一种方法和装置，其能够检测在网络中的设备处接收的不期望的分组，其中设备是网络中的一组设备的成员。 注册表存储组的每个成员的变换标识符，并且当添加和删除成员时，控制转换标识符到组的成员的转发。 变换标识符表示由关联成员发送的分组的格式或变换。 因此，可以在接收设备处使用变换标识符来区分组的不同成员的传输，从而使接收设备能够从分组中提取与成员关联的序列信息。 可以将序列信息与成员的预期序列号进行比较，以确定分组是否是不合需要的或流氓分组。

公开(公告)号：US07571463B1

公开(公告)日：2009-08-04

申请号：US10661959

申请日：2003-09-12

申请人： Donald Fedyk ,  Lakshminath Dondeti ,  Haixiang He

发明人： Donald Fedyk ,  Lakshminath Dondeti ,  Haixiang He

IPC分类号： H04L21/00

CPC分类号： H04L9/0833 ,  H04L63/0272 ,  H04L63/065

摘要： Method and apparatus that enable secure transmission of data in a scalable private network are described. Each station that is to be part of a private network registers with a key table. A group security association associated with the private network is forwarded to each trusted ingress and egress point that communicates with each member of the private network. When a member of the private network seeks to communicate with another member, it simply forwards the communication to the trusted ingress point. The trusted ingress point uses the security association associated with the private network to transform the communication and forwards the transformed communication through other intermediate stations in the network until it reaches a trusted egress point. The trusted egress point uses the stored security association to decode the transformed communication and forwards the communication to the appropriate destination. The ingress and egress points may be any points in the network, including customer edge devices, provider edge devices, or some combination thereof.

摘要翻译： 描述了在可扩展的专用网络中实现数据的安全传输的方法和装置。 要成为私有网络一部分的每个站点都注册一个关键表。 与私有网络相关联的组安全关联被转发到与专用网络的每个成员通信的每个可信入口和出口点。 当私有网络的成员寻求与另一个成员通信时，它只是将通信转发到可信入口点。 信任入口点使用与专用网络相关联的安全关联来转换通信，并且通过网络中的其他中间站转发经变换的通信，直到其到达可信出口点。 信任出口点使用存储的安全关联来解码变换的通信，并将通信转发到适当的目的地。 入口和出口点可以是网络中的任何点，包括客户边缘设备，提供商边缘设备或其某些组合。

公开(公告)号：US07519834B1

公开(公告)日：2009-04-14

申请号：US10661657

申请日：2003-09-12

申请人： Lakshminath Dondeti ,  Haixiang He ,  Donald Fedyk

发明人： Lakshminath Dondeti ,  Haixiang He ,  Donald Fedyk

IPC分类号： H04L9/32 ,  H04L9/00 ,  H06F11/30

CPC分类号： H04L9/0833 ,  H04L63/0272 ,  H04L63/065

摘要： Method and apparatus that enable secure transmission of data in a scalable private network are described. Each station that is to be part of a private network registers with a key table. A group security association associated with the private network is forwarded to each trusted ingress and egress point that communicates with each member of the private network. When a member of the private network seeks to communicate with another member, it simply forwards the communication to the trusted ingress point. The trusted ingress point uses the security association associated with the private network to transform the communication and forwards the transformed communication through other intermediate stations in the network until it reaches a trusted egress point. The trusted egress point uses the stored security association to decode the transformed communication and forwards the communication to the appropriate destination. The ingress and egress points may be any points in the network, including customer edge devices, provider edge devices, or some combination thereof.

摘要翻译： 描述了在可扩展的专用网络中实现数据的安全传输的方法和装置。 要成为私有网络一部分的每个站点都注册一个关键表。 与私有网络相关联的组安全关联被转发到与专用网络的每个成员通信的每个可信入口和出口点。 当私有网络的成员寻求与另一个成员通信时，它只是将通信转发到可信入口点。 信任入口点使用与专用网络相关联的安全关联来转换通信，并且通过网络中的其他中间站转发经变换的通信，直到其到达可信出口点。 信任出口点使用存储的安全关联来解码变换的通信，并将通信转发到适当的目的地。 入口和出口点可以是网络中的任何点，包括客户边缘设备，提供商边缘设备或其某些组合。

公开(公告)号：US20150082165A1

公开(公告)日：2015-03-19

申请号：US14214552

申请日：2014-06-01

申请人： Haixiang He

发明人： Haixiang He

IPC分类号： G06F3/0483 ,  G06F17/30 ,  G06F3/0484

CPC分类号： G06F16/95 ,  G06F16/93

摘要： A method for digitally tearing out an article from a digital magazine is disclosed. In one embodiment, the method is realized by splitting the whole digital magazine into separate articles based on the digital magazine's meta-data, providing a user interface for users to take action of tearing out an article, checking the tear-out request against the article's tear-out policy, and retrieving and adding the article to the user's collection if the request is granted.

摘要翻译： 公开了一种从数字式杂志数字撕下物品的方法。 在一个实施例中，该方法通过基于数字杂志的元数据将整个数字杂志分成单独的文章来实现，为用户提供用户界面来采取行动撕开文章，检查针对文章的撕出请求的用户界面 撕出策略，并且如果请求被授予，则将文章检索并添加到用户的集合。

公开(公告)号：US08941313B2

公开(公告)日：2015-01-27

申请号：US13821015

申请日：2011-08-23

申请人： Haixiang He ,  Wanchun Jiang ,  Martin Brueckel ,  Hu Wang

发明人： Haixiang He ,  Wanchun Jiang ,  Martin Brueckel ,  Hu Wang

IPC分类号： H05B37/02 ,  H05B33/08

CPC分类号： H05B37/02 ,  H05B33/0818 ,  H05B33/0851

摘要： A light emitting unit driving circuit may include: an operating voltage supplying unit configured to supply a voltage input for the driving circuit; a driving unit coupled to the operating voltage supplying unit and configured to drive the light emitting unit to make the light emitting unit turn on or turn off; and a feedback control unit coupled between the driving unit and the light emitting unit, and configured to form a feedback loop together with the driving circuit and the light emitting unit to stabilize an operating current of the light emitting unit.

摘要翻译： 发光单元驱动电路可以包括：工作电压提供单元，被配置为提供用于驱动电路的电压输入; 耦合到所述工作电压提供单元并被配置为驱动所述发光单元以使所述发光单元导通或关闭的驱动单元; 以及耦合在所述驱动单元和所述发光单元之间并且被配置为与所述驱动电路和所述发光单元一起形成反馈回路以稳定所述发光单元的工作电流的反馈控制单元。

公开(公告)号：US20120159568A1

公开(公告)日：2012-06-21

申请号：US13327235

申请日：2011-12-15

申请人： Haixiang He

发明人： Haixiang He

IPC分类号： G06F21/00

CPC分类号： G06F21/10 ,  G06F2221/2111

摘要： A method for limiting digital content consumption inside defined real-world geographic area(s) is disclosed. In one embodiment, the method is realized by adding additional consumption policy for geographic control to digital content's metadata, requesting the digital consumption device to acquire and provide its current location, checking device's current location against the geographic control consumption policy, and displaying the content for consumption if the digital content consumption policy is satisfied.

摘要翻译： 公开了一种在限定的真实世界地理区域内限制数字内容消耗的方法。 在一个实施例中，该方法通过向数字内容的元数据添加用于地理控制的附加消费策略来实现，请求数字消费设备获取并提供其当前位置，根据地理控制消费策略检查设备的当前位置，并显示内容 消费如果数字内容消费政策得到满足。

公开(公告)号：US20060045085A1

公开(公告)日：2006-03-02

申请号：US10924404

申请日：2004-08-24

申请人： Haixiang He

发明人： Haixiang He

IPC分类号： H04L12/28

CPC分类号： H04L12/2801 ,  H04L12/18 ,  H04L12/185 ,  H04L63/08

摘要： A method and apparatus for authorizing forwarding states in a Layer 2 device of a multicast system includes a forwarding table for use in forwarding communications to group members over interfaces of the Layer 2 device. According to one aspect of the invention, associated with the forwarding state is an authorization flag. The authorization flag signals whether or not the forwarding state is an authorized forwarding state over which multicast communications may be transferred. The Layer 2 device snoops authorization communications between a host and a layer 3 device, and updates the forwarding table authorization flags in response to these communications.

公开(公告)号：US20140280783A1

公开(公告)日：2014-09-18

申请号：US14214303

申请日：2014-03-14

申请人： Haixiang He

发明人： Haixiang He

IPC分类号： H04L29/08 ,  H04L12/911

CPC分类号： H04L67/06

摘要： A method for improving downloading performance of digital magazine in OFIP (Open Format Interactive Publishing) format or Folio format based on reading intent is disclosed. In one embodiment, the method is realized by packaging the whole issue of digital magazine into per article based or per page based record based on meta-data analyzing the reading intent, e.g. which article and which page a user is currently reading, which article and which page the user intents to read next, downloading only resources related to those articles and pages, and displaying the article or the page as soon as the related resources are downloaded.

摘要翻译： 披露了一种基于阅读意向改进OFIP（Open Format Interactive Publishing）格式或Folio格式的数字杂志下载性能的方法。 在一个实施例中，该方法通过基于分析阅读意图的元数据，例如，将每个数字杂志的整个问题包装到每个基于文章或基于每页的记录中来实现。 哪个文章和用户当前正在阅读的页面，哪个文章和用户要下载的页面，仅下载与这些文章和页面相关的资源，并在相关资源下载后立即显示该文章或页面。