DISTRIBUTED VIRTUAL HOME AGENT FOR MOBILE INTERNET PROTOCOL
    1.
    发明申请
    DISTRIBUTED VIRTUAL HOME AGENT FOR MOBILE INTERNET PROTOCOL 审中-公开
    用于移动互联网协议的分销虚拟家庭代理

    公开(公告)号:US20110075571A1

    公开(公告)日:2011-03-31

    申请号:US12570502

    申请日:2009-09-30

    IPC分类号: H04W36/14 H04L12/26

    CPC分类号: H04W8/12 H04W80/04

    摘要: The present invention provides a method and apparatus for a distributed virtual home agent. One embodiment of the method includes implementing a first primary home agent on a first portion of a plurality of hardware elements that operate according to a mobile Internet Protocol (IP) and a second primary home agent on a second portion of the plurality of hardware elements. A first backup home agent is implemented on the second portion of the plurality of hardware elements and a second backup home agent is implemented on the first portion of the plurality of hardware elements. Packets addressed to the first or second primary home agent can be directed to both the first and second portions of the plurality of hardware elements so that states of the first and second backup home agents mirror states of the first and second primary home agents, respectively.

    摘要翻译: 本发明提供了一种用于分布式虚拟归属代理的方法和装置。 该方法的一个实施例包括在多个硬件元件的第一部分上实现第一主归属代理,所述第一部分在多个硬件元件的第二部分上根据移动因特网协议(IP)和第二主归属代理来操作。 在多个硬件元件的第二部分上实现第一备份归属代理,并且在多个硬件元件的第一部分上实现第二备份归属代理。 寻址到第一或第二主归属代理的分组可以被引导到多个硬件元件的第一和第二部分,使得第一和第二备用归属代理的状态分别镜像第一和第二主归属代理的状态。

    RESOURCE PLACEMENT IN NETWORKED CLOUD BASED ON RESOURCE CONSTRAINTS
    2.
    发明申请
    RESOURCE PLACEMENT IN NETWORKED CLOUD BASED ON RESOURCE CONSTRAINTS 有权
    基于资源约束的网络云资源配置

    公开(公告)号:US20130290539A1

    公开(公告)日:2013-10-31

    申请号:US13459430

    申请日:2012-04-30

    IPC分类号: G06F15/16

    摘要: Various exemplary embodiments relate to a method and related network node including one or more of the following: receiving, at the cloud controller, a request message including a first request for a first cloud resource; identifying a set of potential devices for providing the first cloud resource; calculating a plurality of weight values corresponding to at least a portion of the set of potential devices for providing the first cloud resource, wherein the plurality of weight values are calculated based on a plurality of delta values associated with the at least a portion of the set of potential devices; selecting a device based on the plurality of weight values to provide the first cloud resource; and updating the delta value associated with the selected device.

    摘要翻译: 各种示例性实施例涉及包括以下一个或多个的方法和相关网络节点:在云控制器处接收包括对第一云资源的第一请求的请求消息; 识别用于提供第一云资源的一组潜在设备; 计算与所述潜在设备组的至少一部分相对应的多个权重值,用于提供第一云资源,其中基于与所述集合的所述至少一部分相关联的多个增量值来计算所述多个权重值 的潜在设备; 基于所述多个权重值选择设备以提供所述第一云资源; 以及更新与所选设备相关联的增量值。

    Data Leakage Prevention for Cloud and Enterprise Networks
    3.
    发明申请
    Data Leakage Prevention for Cloud and Enterprise Networks 有权
    数据泄漏预防云和企业网络

    公开(公告)号:US20130212710A1

    公开(公告)日:2013-08-15

    申请号:US13369475

    申请日:2012-02-09

    IPC分类号: G06F21/20

    摘要: Apparatuses, methods and articles of manufacture for performing data leakage prevention are provided. Data leakage prevention may be performed by determining a signature of a transmitted document, the transmitted document being in transit to a location beyond a network boundary. The signature of the transmitted document is compared with one or more signatures of documents authorized to be transmitted beyond the network boundary. The transmitted document is prevented from being transmitted beyond the network boundary if the signature of the document does not correspond to a signature of a document authorized to be transmitted beyond the network boundary.

    摘要翻译: 提供了用于执行防止数据泄漏的设备,方法和制造。 可以通过确定所发送的文档的签名,所发送的文档正在转移到超出网络边界的位置来执行数据泄露防止。 将所发送的文档的签名与授权发送超出网络边界的文档的一个或多个签名进行比较。 如果文档的签名不对应于被授权在网络边界之外被发送的文档的签名,则防止传输的文档被超出网络边界的传输。

    METHOD AND APPARATUS FOR TRANSPARENT CLOUD COMPUTING WITH A VIRTUALIZED NETWORK INFRASTRUCTURE
    4.
    发明申请
    METHOD AND APPARATUS FOR TRANSPARENT CLOUD COMPUTING WITH A VIRTUALIZED NETWORK INFRASTRUCTURE 有权
    用虚拟网络基础设施进行透明云计算的方法与装置

    公开(公告)号:US20110090911A1

    公开(公告)日:2011-04-21

    申请号:US12582939

    申请日:2009-10-21

    IPC分类号: H04L12/56

    摘要: A capability is provided for providing transparent cloud computing with a virtualized network infrastructure. A method for enabling use of a resource of a data center as an extension of a customer network includes receiving, at a forwarding element (FE), a packet intended for a virtual machine hosted at an edge domain of the data center, determining a VLAN ID of the VLAN for the customer network in the edge domain, updating the packet to include the VLAN ID of the VLAN for the customer network in the edge domain, and propagating the updated packet from the FE toward virtual machine. The edge domain supports a plurality of VLANs for a respective plurality of customer networks. The packet includes an identifier of the customer network and a MAC address of the virtual machine. The VLAN ID of the VLAN for the customer network in the edge domain is determined using the identifier of the customer network and the MAC address of the virtual machine. The FE may be associated with the edge domain at which the virtual machine is hosted, an edge domain of the data center that is different than the edge domain at which the virtual machine is hosted, or the customer network. Depending on the location of the FE at which the packet is received, additional processing may be provided as needed.

    摘要翻译: 提供了一种提供透明云计算与虚拟化网络基础架构的能力。 用于使数据中心的资源能够用作客户网络的扩展的方法包括在转发元件(FE)处接收旨在用于驻留在数据中心的边缘域的虚拟机的分组,确定VLAN 边缘域中客户网络的VLAN ID,更新报文,包括边缘域中客户网络的VLAN的VLAN ID,并将更新的报文从FE传播到虚拟机。 边缘域为相应的多个客户网络支持多个VLAN。 该分组包括客户网络的标识符和虚拟机的MAC地址。 边缘域中客户网络的VLAN的VLAN ID使用客户网络的标识符和虚拟机的MAC地址来确定。 FE可以与托管虚拟机的边缘域,数据中心的边缘域与虚拟机所在的边缘域或客户网络相关联。 根据接收到分组的FE的位置,可以根据需要提供额外的处理。

    Data leakage prevention for cloud and enterprise networks
    5.
    发明授权
    Data leakage prevention for cloud and enterprise networks 有权
    云和企业网络的数据泄漏预防

    公开(公告)号:US08856960B2

    公开(公告)日:2014-10-07

    申请号:US13369475

    申请日:2012-02-09

    IPC分类号: G06F7/16 H04L29/06

    摘要: Apparatuses, methods and articles of manufacture for performing data leakage prevention are provided. Data leakage prevention may be performed by determining a signature of a transmitted document, the transmitted document being in transit to a location beyond a network boundary. The signature of the transmitted document is compared with one or more signatures of documents authorized to be transmitted beyond the network boundary. The transmitted document is prevented from being transmitted beyond the network boundary if the signature of the document does not correspond to a signature of a document authorized to be transmitted beyond the network boundary.

    摘要翻译: 提供了用于执行防止数据泄漏的设备,方法和制造。 可以通过确定所发送的文档的签名,所发送的文档正在转移到超出网络边界的位置来执行数据泄露防止。 将所发送的文档的签名与授权发送超出网络边界的文档的一个或多个签名进行比较。 如果文档的签名不对应于被授权在网络边界之外被发送的文档的签名,则防止传输的文档被超出网络边界的传输。

    PACKET PROCESSING USING BRAIDED TRIES
    6.
    发明申请
    PACKET PROCESSING USING BRAIDED TRIES 有权
    使用BRAIDED TRIES进行分组处理

    公开(公告)号:US20100316051A1

    公开(公告)日:2010-12-16

    申请号:US12482533

    申请日:2009-06-11

    IPC分类号: H04L12/56

    CPC分类号: H04L45/00 H04L45/742

    摘要: Packets are processed (e.g., routed or classified) in accordance with a braided trie, which represents the combination of two or more different original tries (e.g., representing different forwarding/classification tables). The different tries are combined by twisting the mappings for specific trie nodes to make the shapes of the different tries more similar. Each node in the braided trie contains a braiding bit for at least one original trie indicating the mapping for that trie's node. Trie braiding can significantly reduce the number of nodes used to represent the different original tries, thereby reducing memory usage and improving scalability. Braided tries can be used for such applications as virtual routers and packet classification in which different forwarding/classification tables are represented by a single braided trie stored in shared memory.

    摘要翻译: 数据包根据编织特技进行处理(例如,路由或分类),其代表两个或多个不同的原始尝试的组合(例如,表示不同的转发/分类表)。 通过扭转特定特里节点的映射来组合不同的尝试,使不同尝试的形状更相似。 编织特技中的每个节点包含至少一个原始特里的编织位,指示该特里节点的映射。 Trie编织可以显着减少用于表示不同原始尝试的节点数量,从而减少内存使用并提高可扩展性。 编织的尝试可以用于虚拟路由器和分组分类等应用,其中不同的转发/分类表由存储在共享存储器中的单个编织线索表示。

    METHOD AND APPARATUS FOR GENERATING A SHAPE GRAPH FROM A BINARY TRIE
    7.
    发明申请
    METHOD AND APPARATUS FOR GENERATING A SHAPE GRAPH FROM A BINARY TRIE 有权
    用于从二进制生成形状图的方法和装置

    公开(公告)号:US20110137930A1

    公开(公告)日:2011-06-09

    申请号:US12633845

    申请日:2009-12-09

    IPC分类号: G06F17/30

    CPC分类号: G06F17/30958

    摘要: A capability is provided for representing a set of data values using data structures, including converting a binary trie data structure representing the set of data values to a shape graph data structure representing the set of data values. The shape graph data structure is generated from the binary trie data structure based on the shapes of the sub-trees rooted at the nodes of the binary trie data structure. The shape graph includes vertices representing shapes of the sub-trees of the binary trie data structure. A shape graph data structure permits operations similar to the operations that may be performed on the binary trie data structure for performing lookups for data values from the set of data values, while at the same time reducing the structural redundancy of the binary trie data structure such that the shape graph data structure provides significant improvements in memory usage over the binary trie data structure.

    摘要翻译: 提供了一种用于使用数据结构表示一组数据值的能力,包括将表示该组数据值的二进制特里数据结构转换为表示数据值集合的形状图数据结构。 形状图数据结构是从二进制trie数据结构生成的基于二叉树数据结构的节点的子树的形状。 形状图包括表示二进制trie数据结构的子树形状的顶点。 形状图数据结构允许类似于可以对二进制特里数据结构执行的操作的操作,以执行来自该组数据值的数据值的查找,同时减少二进制特里数据结构的结构冗余, 形状图数据结构在二进制数据结构中提供了对存储器使用的显着改进。

    PROVIDING CLOUD-BASED SERVICES USING DYNAMIC NETWORK VIRTUALIZATION
    8.
    发明申请
    PROVIDING CLOUD-BASED SERVICES USING DYNAMIC NETWORK VIRTUALIZATION 有权
    使用动态网络虚拟化提供基于云的服务

    公开(公告)号:US20100322255A1

    公开(公告)日:2010-12-23

    申请号:US12489187

    申请日:2009-06-22

    IPC分类号: H04L12/56

    摘要: The invention is directed to providing cloud-based services using dynamic network virtualization. Embodiments of the invention provide a cloud-based service over a system that has a dynamic network virtualization architecture. The architecture includes a set of distributed forwarding elements with centralized control, and at least one virtual machine that is bound to one of the forwarding elements. These features enable the virtual machine to be migrated across a wide area network while maintaining its original IP address and service continuity.

    摘要翻译: 本发明旨在使用动态网络虚拟化来提供基于云的服务。 本发明的实施例在具有动态网络虚拟化架构的系统上提供基于云的服务。 该架构包括一组具有集中控制的分布式转发元件,以及绑定到其中一个转发元件的至少一个虚拟机。 这些功能使虚拟机能够跨广域网迁移,同时保持其原始IP地址和服务连续性。

    PERSONAL CLOUD COMPUTING AND VIRTUAL DISTRIBUTED CLOUD COMPUTING SYSTEM
    9.
    发明申请
    PERSONAL CLOUD COMPUTING AND VIRTUAL DISTRIBUTED CLOUD COMPUTING SYSTEM 审中-公开
    个人云计算和虚拟分布式云计算系统

    公开(公告)号:US20130132948A1

    公开(公告)日:2013-05-23

    申请号:US13300937

    申请日:2011-11-21

    IPC分类号: G06F9/455

    摘要: An exemplary cloud computing apparatus includes at least one compute device controller. A digital data storage of the controller includes a chief management virtual machine program for running a chief management virtual machine. A processor associated with the digital data storage is configured to run the chief management virtual machine. The chief management virtual machine is useful to control first user communications between at least one first user and a first virtual machine and to control second user communications between at least one second user and a second virtual machine. The first virtual machine and the second virtual machine are run by at least one compute resource distinct from the compute device controller. The chief management virtual machine is also useful for isolating the first user communications from the second user communications.

    摘要翻译: 示例性云计算装置包括至少一个计算设备控制器。 控制器的数字数据存储器包括用于运行主管理虚拟机的主管理虚拟机程序。 与数字数据存储器相关联的处理器被配置为运行主管理虚拟机。 主管理虚拟机对于控制至少一个第一用户和第一虚拟机之间的第一用户通信以及控制至少一个第二用户和第二虚拟机之间的第二用户通信是有用的。 第一虚拟机和第二虚拟机由与计算设备控制器不同的至少一个计算资源运行。 主管理虚拟机对于将第一用户通信与第二用户通信隔离也是有用的。