Secure resource reservation protocol (RSVP) with dynamic group keying
    1.
    发明授权
    Secure resource reservation protocol (RSVP) with dynamic group keying 有权
    具有动态组密钥的安全资源预留协议(RSVP)

    公开(公告)号:US08391492B1

    公开(公告)日:2013-03-05

    申请号:US12215173

    申请日:2008-06-25

    IPC分类号: H04L29/06

    CPC分类号: H04L47/24 H04L63/065

    摘要: In one embodiment, an apparatus associated with securing a Resource Reservation Protocol (RSVP) with dynamic group keying is provided. The apparatus may include a group key logic that interacts with a dynamic group key management logic. The dynamic group key management logic provides a group key to members of a set of RSVP-capable devices. The apparatus also includes an RSVP authentication logic to determine whether a received RSVP message was provided by a member of the set of RSVP-capable devices. The determination is made using implicit authorization that depends on the group key and that does not depend on a challenge/response protocol. In one embodiment the apparatus is a router.

    摘要翻译: 在一个实施例中,提供了一种与通过动态组密钥保护资源预留协议(RSVP)相关联的装置。 该装置可以包括与动态组密钥管理逻辑交互的组密钥逻辑。 动态组密钥管理逻辑为一组具有RSVP能力的设备的成员提供组密钥。 该装置还包括RSVP认证逻辑,以确定所接收的RSVP消息是否由所述具有RSVP能力的设备的组成员提供。 使用依赖于组密钥而不依赖于挑战/响应协议的隐式授权进行确定。 在一个实施例中,装置是路由器。

    Mechanism to improve preemption behavior of resource reservations
    3.
    发明申请
    Mechanism to improve preemption behavior of resource reservations 有权
    提高资源预留的抢占行为的机制

    公开(公告)号:US20060056291A1

    公开(公告)日:2006-03-16

    申请号:US10938837

    申请日:2004-09-10

    IPC分类号: H04L12/26

    CPC分类号: H04L43/00

    摘要: A technique is provided for one or more network nodes to deterministically select data flows to preempt. In particular, each node employs a set of predefined rules which instructs the node as to which existing data flow should be preempted in order to admit a new high-priority data flow. The rules are precisely defined and are common to all nodes configured in accordance with the present invention. Illustratively, a network node not only selects a data flow to preempt, but additionally may identify other “fate sharing” data flows that may be preempted. As used herein, a group of data flows has a fate-sharing relationship if the application instance(s) containing the data flows functions adequately only when all the fate-shared flows are operational. In a first illustrative embodiment, after a data flow in a fate-sharing group is preempted, network nodes may safely tear down the group's remaining data flows. In a second illustrative embodiment, when a data flow is preempted, all its fate-shared data flows are marked as being “at risk.” Because the at-risk flows are not immediately torn down, it is less likely that resources allocated for the at-risk flows may be freed then subsequently used to establish relatively lower-priority data flows instead of relatively higher-priority data flows.

    摘要翻译: 为一个或多个网络节点提供一种确定性地选择要抢占的数据流的技术。 特别地,每个节点采用一组预定义的规则,其指示节点应该抢占哪个现有数据流,以便允许新的高优先级数据流。 这些规则被精确定义,并且对于根据本发明配置的所有节点是共同的。 示例性地,网络节点不仅选择要抢占的数据流,而且可以标识可被抢占的其他“命运共享”数据流。 如本文所使用的,如果包含数据流的应用实例仅在所有命运共享流可操作时才起作用,则一组数据流具有命运共享关系。 在第一说明性实施例中,在命运共享组中的数据流被抢占之后,网络节点可以安全地拆除该组的剩余数据流。 在第二个说明性实施例中,当数据流被抢占时,其所有命运共享数据流被标记为处于“处于危险之中”。 由于风险流动并没有立即被拆除,所以分配给风险流动的资源可能会被释放,随后被用于建立相对较低优先级的数据流而不是相对较高优先级的数据流。

    Distributed network traffic load balancing technique implemented without gateway router
    5.
    发明授权
    Distributed network traffic load balancing technique implemented without gateway router 有权
    分布式网络流量负载均衡技术实现无网关路由器

    公开(公告)号:US07401159B1

    公开(公告)日:2008-07-15

    申请号:US10851456

    申请日:2004-05-20

    IPC分类号: G06F15/173 G06F15/16

    摘要: The technique of the present invention provides a solution to the problem of routing or redirecting a given client to a replica or proxy server which has a relatively shortest propagation delay to the client. According to the technique of the present invention, a network device referred to as an intercept server sits in front of a host server, and intercepts packets routed to the host server. When desired, packets which are intercepted by the intercept server are replicated, encapsulated and tunneled to selected client servers in the overlay network. The tunneled packets are received and processed by each of the selected client servers, whereupon each of the selected client servers generates a respective spoofed response to the source device identified in the header of the originally intercepted packet. Further, according to the technique of the present invention, each of the selected client servers transmits its respective spoofed response to the identified source device at substantially the same time. The client server associated with the spoofed response which is first received at the identified source device is considered to have the relatively shortest propagation delay to the identified source device, and is identified as the successful client server. Thereafter, the source device will be directed or redirected to communicate directly with the successful client server when subsequently attempting to access information from the host server.

    摘要翻译: 本发明的技术提供了将给定客户端路由或重定向到具有相对较短的传播延迟到客户端的副本或代理服务器的问题的解决方案。 根据本发明的技术,称为拦截服务器的网络设备位于主机服务器的前面,并拦截路由到主机服务器的分组。 当需要时,由拦截服务器拦截的数据包被复制,封装并隧道传送到覆盖网络中的选定的客户端服务器。 每个所选择的客户端服务器接收和处理隧道化分组,于是所选择的客户端服务器中的每一个生成针对原始拦截的分组的报头中识别的源设备的相应的欺骗响应。 此外,根据本发明的技术,所选择的客户端服务器中的每一个在几乎相同的时间向所识别的源设备发送其各自的欺骗响应。 与被识别的源设备首次接收的与欺骗响应相关联的客户端服务器被认为具有相对较短的传播延迟到所识别的源设备,并且被识别为成功的客户端服务器。 此后,随后尝试从主机服务器访问信息时,源设备将被引导或重定向以直接与成功的客户端服务器通信。

    Method and system for managing storage on a shared storage space
    6.
    发明申请
    Method and system for managing storage on a shared storage space 有权
    在共享存储空间上管理存储的方法和系统

    公开(公告)号:US20070112930A1

    公开(公告)日:2007-05-17

    申请号:US11280556

    申请日:2005-11-15

    IPC分类号: G06F15/167

    CPC分类号: H04L51/08

    摘要: A method, a system, a machine-readable medium, and an apparatus for managing storage on a shared storage space, for example, on an email server, are provided. A plurality of emails is compared. If the content of each of the plurality of emails is the same, then a single copy is stored on the email server. Further, each recipient of the plurality of emails is enabled access to the stored email via a link to the single copy. Additionally, one or more attachments of the plurality of emails are compared. If an attachment is the same in each of the plurality of emails, then it is stored as a single copy. Further, a link is inserted in each of the plurality of emails, enabling access to the attachment from the single copy.

    摘要翻译: 提供了一种方法,系统,机器可读介质和用于管理例如在电子邮件服务器上的共享存储空间上的存储的装置。 比较多个电子邮件。 如果多个电子邮件中的每一个的内容相同,则在电子邮件服务器上存储单个副本。 此外,多个电子邮件的每个接收者能够经由到单个副本的链接访问存储的电子邮件。 此外,比较多个电子邮件中的一个或多个附件。 如果附件在多个电子邮件的每一个中是相同的,则它被存储为单个副本。 此外,在多个电子邮件的每一个中插入链接,使得能够从单个副本访问附件。

    Dynamic weighted resource sharing
    7.
    发明授权
    Dynamic weighted resource sharing 有权
    动态加权资源共享

    公开(公告)号:US06775231B1

    公开(公告)日:2004-08-10

    申请号:US09405458

    申请日:1999-09-24

    IPC分类号: H04J116

    摘要: In one embodiment, the technique dynamically adjusts resource allocations for each traffic class based on actual traffic load measured for each service class. In this way, the per-hop-behavior required by a differentiated service model may be achieved. Core nodes of a network operating according to a differentiated service model dynamically adjust resource allocations for multiple traffic classes without requiring explicit signaling from other network nodes. Policies for sharing resources among multiple service classes can be enforced.

    摘要翻译: 在一个实施例中,该技术基于针对每个服务类别测量的实际业务负载来动态调整每个业务类别的资源分配。 这样,可以实现差分服务模型所需的每跳行为。 根据差分服务模型运行的网络的核心节点动态地调整多个业务类别的资源分配,而不需要来自其他网络节点的显式信令。 可以执行在多个服务类之间共享资源的策略。

    Activated carbon fibers and engineered forms from renewable resources
    9.
    发明申请
    Activated carbon fibers and engineered forms from renewable resources 有权
    活性碳纤维和可再生资源的工程形式

    公开(公告)号:US20070142225A1

    公开(公告)日:2007-06-21

    申请号:US11311184

    申请日:2005-12-16

    申请人: Frederick Baker

    发明人: Frederick Baker

    IPC分类号: C01B31/08

    摘要: A method of producing activated carbon fibers (ACFs) includes the steps of providing a natural carbonaceous precursor fiber material, blending the carbonaceous precursor material with a chemical activation agent to form chemical agent-impregnated precursor fibers, spinning the chemical agent-impregnated precursor material into fibers, and thermally treating the chemical agent-impregnated precursor fibers. The carbonaceous precursor material is both carbonized and activated to form ACFs in a single step. The method produces ACFs exclusive of a step to isolate an intermediate carbon fiber.

    摘要翻译: 制备活性炭纤维(ACF)的方法包括以下步骤:提供天然碳质前体纤维材料,将碳质前体材料与化学活化剂混合以形成化学剂浸渍的前体纤维,将化学试剂浸渍的前体材料旋转成 纤维,以及热处理化学试剂浸渍的前体纤维。 碳质前体材料都被碳化并活化,以在一个步骤中形成ACF。 该方法产生不包括隔离中间碳纤维的步骤的ACF。

    Method and system for verifying identification of an electronic mail message
    10.
    发明申请
    Method and system for verifying identification of an electronic mail message 有权
    用于验证电子邮件消息的识别的方法和系统

    公开(公告)号:US20060031315A1

    公开(公告)日:2006-02-09

    申请号:US10859402

    申请日:2004-06-01

    IPC分类号: G06F15/16

    CPC分类号: H04L51/12

    摘要: A method and system for verifying identification of an electronic mail message. An electronic mail message including a signature and a key is received, the signature identifying a domain from which the electronic mail message originated and the key for verifying the signature. A key registration server of the domain is accessed to verify the key. The key registration server provides for verifying that a key used to sign an electronic mail message is valid and that the sender is authorized by the domain to send the electronic mail message from the return address.

    摘要翻译: 一种用于验证电子邮件消息的识别的方法和系统。 接收到包括签名和密钥的电子邮件消息,该签名标识来自该电子邮件消息的域以及用于验证签名的密钥。 访问域的密钥注册服务器以验证密钥。 密钥注册服务器提供用于验证用于签署电子邮件消息的密钥是否有效,并且发送方被域授权以从返回地址发送电子邮件消息。