Re-establishing a connection for an application layer via a service layer using delay
    1.
    发明申请
    Re-establishing a connection for an application layer via a service layer using delay 审中-公开
    使用延迟通过服务层重新建立应用层的连接

    公开(公告)号:US20070005773A1

    公开(公告)日:2007-01-04

    申请号:US11142895

    申请日:2005-05-31

    IPC分类号: G06F15/16

    摘要: A method and system for establishing a connection with a server after a connection has been broken is provided. A connection system in a service layer of a client detects that a connection between the client and the server has been broken. Upon detecting the broken connection, the connection system of the service layer automatically attempts to re-establish an application-level connection to the server. If the connection system can re-establish an application-level connection to the server, then it need not notify the application layer of the broken connection.

    摘要翻译: 提供了在断开连接之后与服务器建立连接的方法和系统。 客户端服务层的连接系统检测到客户端与服务器之间的连接已经中断。 在检测到断开的连接时,服务层的连接系统自动尝试重新建立到服务器的应用级连接。 如果连接系统可以重新建立到服务器的应用级连接,则不需要通知应用层破坏的连接。

    Sustaining session connections
    2.
    发明授权
    Sustaining session connections 有权
    维持会话连接

    公开(公告)号:US08364774B2

    公开(公告)日:2013-01-29

    申请号:US13159146

    申请日:2011-06-13

    IPC分类号: G06F15/16 G06F15/177 H04W4/00

    摘要: In an embodiment, techniques for sustaining session connections are provided. The techniques send heartbeat messages when not sending a message may cause the session connection to close because of a timeout condition. Heartbeat messages are valid transport layer messages that will be ignored by protocols at higher levels of a data communications stack. As an example, the techniques may send a TCP message containing only a carriage return and line feed (“CRLF”) in its payload. Because the TCP layer considers a message containing only a CRLF to be a valid TCP message, intermediary computing devices such as proxy servers may not interpret heartbeat messages as “keep alive” messages, and may sustain session connections.

    摘要翻译: 在一个实施例中,提供了用于维持会话连接的技术。 当不发送消息时,技术发送心跳消息可能会导致会话连接由于超时条件而关闭。 心跳消息是有效的传输层消息,将被数据通信堆栈的较高级别的协议忽略。 作为示例,技术可以在其有效载荷中发送仅包含回车符和换行符(CRLF)的TCP消息。 因为TCP层将仅包含CRLF的消息认为是有效的TCP消息,所以中介计算设备(例如代理服务器)可能不会将心跳消息解释为保持活动消息,并且可以维持会话连接。

    Open federation security techniques with rate limits

    公开(公告)号:US08490160B2

    公开(公告)日:2013-07-16

    申请号:US11906850

    申请日:2007-10-04

    IPC分类号: G06F7/04

    CPC分类号: H04L63/1416 H04L51/12

    摘要: Open federation security techniques with rate limits are described. An apparatus may include a network interface operative to communicate messages, and a secure open federation (SOF) module operative to manage a message rate between multiple federated networks. The SOF module may comprise a peer authentication module operative to determine whether a peer making the message is an untrusted peer. The SOF module may comprise a peer rate tracking module operative to retrieve a message rate value and a message rate limit value associated with the untrusted peer, and compare the message rate value with the message rate limit value to form a threat status indicator value. The SOF module may comprise a peer authorization module operative to authorize communication of the message based on the threat status indicator value. Other embodiments are described and claimed.

    Open federation security techniques with rate limits
    4.
    发明申请
    Open federation security techniques with rate limits 有权
    开放联盟安全技术与速率限制

    公开(公告)号:US20090092050A1

    公开(公告)日:2009-04-09

    申请号:US11906850

    申请日:2007-10-04

    IPC分类号: H04L12/26

    CPC分类号: H04L63/1416 H04L51/12

    摘要: Open federation security techniques with rate limits are described. An apparatus may include a network interface operative to communicate messages, and a secure open federation (SOF) module operative to manage a message rate between multiple federated networks. The SOF module may comprise a peer authentication module operative to determine whether a peer making the message is an untrusted peer. The SOF module may comprise a peer rate tracking module operative to retrieve a message rate value and a message rate limit value associated with the untrusted peer, and compare the message rate value with the message rate limit value to form a threat status indicator value. The SOF module may comprise a peer authorization module operative to authorize communication of the message based on the threat status indicator value. Other embodiments are described and claimed.

    摘要翻译: 描述了具有速率限制的开放式联合安全技术。 装置可以包括可操作以传送消息的网络接口,以及可操作以管理多个联合网络之间的消息速率的安全开放式联合(SOF)模块。 SOF模块可以包括对等认证模块,用于确定发出消息的对等体是否是不可信对等体。 SOF模块可以包括对等速率跟踪模块,用于检索消息速率值和与不信任对等体相关联的消息速率限制值,并将消息速率值与消息速率限制值进行比较以形成威胁状态指示符值。 SOF模块可以包括对等授权模块,其操作以基于威胁状态指示符值来授权消息的通信。 描述和要求保护其他实施例。

    Open enhanced federation security techniques
    5.
    发明授权
    Open enhanced federation security techniques 有权
    开放增强的联盟安全技术

    公开(公告)号:US08347358B2

    公开(公告)日:2013-01-01

    申请号:US11821605

    申请日:2007-06-25

    IPC分类号: G06F7/04

    摘要: Techniques to protect from open enhanced federation user enumeration are described. An apparatus may include a network interface operative to establish connections. The access edge server may further include an open enhanced federation (OEF) module communicatively coupled to the network interface. The OEF module may be operative to manage connections between multiple federated networks. In one embodiment, for example, the OEF module may comprise a peer authentication module operative to determine whether a peer making the request is an untrusted peer domain. The OEF module may further comprise a peer tracking module operative to retrieve a total request number and a total limit number associated with the untrusted peer, and compare the total request number with the total limit number to form a threat status indicator value. The OEF module may also comprise a peer authorization module operative to authorize the request based on the threat status indicator value. Other embodiments are described and claimed.

    摘要翻译: 描述了保护开放式增强联盟用户枚举的技术。 装置可以包括可操作以建立连接的网络接口。 接入边缘服务器还可以包括通信地耦合到网络接口的开放式增强联合(OEF)模块。 OEF模块可以用于管理多个联合网络之间的连接。 在一个实施例中,例如,OEF模块可以包括对等体认证模块,其可操作以确定发出请求的对等体是否是不可信对等域。 OEF模块还可以包括对等跟踪模块,其可操作以检索与不可信对等体相关联的总请求号码和总限制号码,并将总请求号码与总限制号码进行比较以形成威胁状态指示符值。 OEF模块还可以包括对等授权模块,其操作以基于威胁状态指示符值来授权请求​​。 描述和要求保护其他实施例。

    Open enhanced federation security techniques
    6.
    发明申请
    Open enhanced federation security techniques 有权
    开放增强的联盟安全技术

    公开(公告)号:US20080320565A1

    公开(公告)日:2008-12-25

    申请号:US11821605

    申请日:2007-06-25

    IPC分类号: H04L9/32

    摘要: Techniques to protect from open enhanced federation user enumeration are described. An apparatus may include a network interface operative to establish connections. The access edge server may further include an open enhanced federation (OEF) module communicatively coupled to the network interface. The OEF module may be operative to manage connections between multiple federated networks. In one embodiment, for example, the OEF module may comprise a peer authentication module operative to determine whether a peer making the request is an untrusted peer domain. The OEF module may further comprise a peer tracking module operative to retrieve a total request number and a total limit number associated with the untrusted peer, and compare the total request number with the total limit number to form a threat status indicator value. The OEF module may also comprise a peer authorization module operative to authorize the request based on the threat status indicator value. Other embodiments are described and claimed.

    摘要翻译: 描述了保护开放式增强联盟用户枚举的技术。 装置可以包括可操作以建立连接的网络接口。 接入边缘服务器还可以包括通信地耦合到网络接口的开放式增强联合(OEF)模块。 OEF模块可以用于管理多个联合网络之间的连接。 在一个实施例中,例如,OEF模块可以包括对等体认证模块,其可操作以确定发出请求的对等体是否是不可信对等域。 OEF模块还可以包括对等跟踪模块,其可操作以检索与不可信对等体相关联的总请求号码和总限制号码,并将总请求号码与总限制号码进行比较以形成威胁状态指示符值。 OEF模块还可以包括对等授权模块,其操作以基于威胁状态指示符值来授权请求​​。 描述和要求保护其他实施例。

    Sustaining session connections
    7.
    发明申请
    Sustaining session connections 有权
    维持会话连接

    公开(公告)号:US20060020707A1

    公开(公告)日:2006-01-26

    申请号:US10881251

    申请日:2004-06-30

    IPC分类号: G06F15/16

    摘要: In an embodiment, techniques for sustaining session connections are provided. The techniques send heartbeat messages when not sending a message may cause the session connection to close because of a timeout condition. Heartbeat messages are valid transport layer messages that will be ignored by protocols at higher levels of a data communications stack. As an example, the techniques may send a TCP message containing only a carriage return and line feed (“CRLF”) in its payload. Because the TCP layer considers a message containing only a CRLF to be a valid TCP message, intermediary computing devices such as proxy servers may not interpret heartbeat messages as “keep alive” messages, and may sustain session connections.

    摘要翻译: 在一个实施例中,提供了用于维持会话连接的技术。 当不发送消息时,技术发送心跳消息可能会导致会话连接由于超时条件而关闭。 心跳消息是有效的传输层消息,将被数据通信堆栈的较高级别的协议忽略。 作为示例,技术可以在其有效载荷中发送仅包含回车符和换行符(“CRLF”)的TCP消息。 因为TCP层将仅包含CRLF的消息认为是有效的TCP消息,所以中介计算设备(例如代理服务器)可能不将心跳消息解释为“保持活动”消息,并且可以维持会话连接。