公开(公告)号：US07930734B2

公开(公告)日：2011-04-19

申请号：US11414540

申请日：2006-04-28

申请人： Ian Foo ,  Jeremy Stieglitz ,  Arthur Zavalkovsky ,  Jeevan S. Patil ,  Partha Bhattacharya ,  Jason Frazier ,  Ellis Roland Dobbins

发明人： Ian Foo ,  Jeremy Stieglitz ,  Arthur Zavalkovsky ,  Jeevan S. Patil ,  Partha Bhattacharya ,  Jason Frazier ,  Ellis Roland Dobbins

IPC分类号： H04L9/32 ,  G06K9/00

CPC分类号： H04L63/1433 ,  H04L63/08 ,  H04L63/1408

摘要： A method and system is disclosed for creating and tracking network sessions. A request to access a network is received from an entity. The entity is authenticated after the request is received. Authenticated identity information associated with the entity, network address information associated with the entity, and network location information associated with the entity is collected. An information set is created. The information set comprises and binds together the authenticated identity information, the network address information, and the network location information. The information set indicates a present association among the authenticated identity information, the network address information, and the network location information. The information set is stored in a session record in a centralized database. The session record represents a session in which the entity accesses the network. The session record is one of a plurality of session records that are stored in the centralized database. The plurality of session records is used by a data processing system to perform real-time diagnostics of the network.

摘要翻译： 公开了用于创建和跟踪网络会话的方法和系统。 从实体接收到访问网络的请求。 接收到请求后，实体进行身份验证。 与实体相关联的认证身份信息，与该实体相关联的网络地址信息以及与该实体相关联的网络位置信息被收集。 创建一个信息集。 信息集合包括并且将已认证的身份信息，网络地址信息和网络位置信息结合在一起。 信息集表示认证身份信息，网络地址信息和网络位置信息之间的当前关联。 信息集存储在集中式数据库中的会话记录中。 会话记录表示实体访问网络的会话。 会话记录是存储在集中式数据库中的多个会话记录之一。 数据处理系统使用多个会话记录来执行网络的实时诊断。

公开(公告)号：US20070256122A1

公开(公告)日：2007-11-01

申请号：US11414540

申请日：2006-04-28

申请人： Ian Foo ,  Jeremy Stieglitz ,  Arthur Zavalkovsky ,  Jeevan Patil ,  Partha Bhattacharya ,  Jason Frazier ,  Ellis Dobbins

发明人： Ian Foo ,  Jeremy Stieglitz ,  Arthur Zavalkovsky ,  Jeevan Patil ,  Partha Bhattacharya ,  Jason Frazier ,  Ellis Dobbins

IPC分类号： H04L9/32 ,  G06K9/00 ,  G06F17/30 ,  G06F15/16 ,  G06F7/04 ,  G06F7/58 ,  G06K19/00

CPC分类号： H04L63/1433 ,  H04L63/08 ,  H04L63/1408

摘要： A method and system is disclosed for creating and tracking network sessions. A request to access a network is received from an entity. The entity is authenticated after the request is received. Authenticated identity information associated with the entity, network address information associated with the entity, and network location information associated with the entity is collected. An information set is created. The information set comprises and binds together the authenticated identity information, the network address information, and the network location information. The information set indicates a present association among the authenticated identity information, the network address information, and the network location information. The information set is stored in a session record in a centralized database. The session record represents a session in which the entity accesses the network. The session record is one of a plurality of session records that are stored in the centralized database. The plurality of session records is used by a data processing system to perform real-time diagnostics of the network.

摘要翻译： 公开了用于创建和跟踪网络会话的方法和系统。 从实体接收到访问网络的请求。 接收到请求后，实体进行身份验证。 与实体相关联的认证身份信息，与该实体相关联的网络地址信息以及与该实体相关联的网络位置信息被收集。 创建一个信息集。 信息集合包括并且将已认证的身份信息，网络地址信息和网络位置信息结合在一起。 信息集表示认证身份信息，网络地址信息和网络位置信息之间的当前关联。 信息集存储在集中式数据库中的会话记录中。 会话记录表示实体访问网络的会话。 会话记录是存储在集中式数据库中的多个会话记录之一。 数据处理系统使用多个会话记录来执行网络的实时诊断。

公开(公告)号：US08068414B2

公开(公告)日：2011-11-29

申请号：US10913363

申请日：2004-08-09

申请人： Craig Allen Huegen ,  Ellis Roland Dobbins ,  Ian Foo ,  Robert Eric Gleichauf

发明人： Craig Allen Huegen ,  Ellis Roland Dobbins ,  Ian Foo ,  Robert Eric Gleichauf

IPC分类号： H04L12/22

CPC分类号： H04L63/126 ,  H04L63/08 ,  H04L63/1466 ,  H04L63/162 ,  H04L2463/146

摘要： Link layer authentication information is supplied by a link layer authentication device to an access router for tracking IP address usage by a client device. The authentication information supplied to the access router includes an authenticated client identifier and a corresponding authenticated link identifier for the client device that attached to the network based on the authenticated link identifier. The access router, in response to receiving a message that specifies the authenticated link identifier and a source IP address, adds the source IP address to a cache entry that specifies the authenticated client identifier and the corresponding authenticated link identifier, and outputs to an audit resource a record that specifies the source IP address and the authenticated link identifier.

摘要翻译： 链路层认证信息由链路层认证装置提供给接入路由器，用于跟踪客户端设备的IP地址使用情况。 提供给接入路由器的认证信息包括经认证的客户端标识符和用于基于经认证的链路标识符附接到网络的客户端设备的相应的认证链路标识符。 接入路由器响应于接收到指定认证链路标识符和源IP地址的消息，将源IP地址添加到指定认证客户端标识符和对应的认证链路标识符的高速缓存条目，并将其输出到审计资源 指定源IP地址和经过身份验证的链路标识符的记录。

公开(公告)号：US20070195742A1

公开(公告)日：2007-08-23

申请号：US11359753

申请日：2006-02-21

申请人： William Erdman ,  Jeremy Stieglitz ,  Patrick Gilbreath ,  Ian Foo

发明人： William Erdman ,  Jeremy Stieglitz ,  Patrick Gilbreath ,  Ian Foo

IPC分类号： H04Q7/24

CPC分类号： H04W28/24 ,  H04L47/10 ,  H04L47/14 ,  H04L47/2433 ,  H04L47/2466 ,  H04L65/80 ,  H04W4/16 ,  H04W72/1242 ,  H04W84/12 ,  H04W88/08

摘要： A system and method for selectively controlling traffic in a network to improve network performance. The system includes a network controller that includes a first control-traffic prioritizer. An Access Point (AP) includes a second control-traffic prioritizer and communicates with the network controller. One or more clients communicate with the AP. The communications behavior of the client is affected by operations of the first control-traffic prioritizer and the second control-traffic prioritizer.

摘要翻译： 一种用于选择性地控制网络中的业务以提高网络性能的系统和方法。 该系统包括包括第一控制流量优先级的网络控制器。 接入点（AP）包括第二控制业务优先级并与网络控制器进行通信。 一个或多个客户端与AP通信。 客户端的通信行为受到第一控制流量优先级和第二控制流量优先级的操作的影响。

公开(公告)号：US20070112930A1

公开(公告)日：2007-05-17

申请号：US11280556

申请日：2005-11-15

申请人： Ian Foo ,  Jeremy Stieglitz ,  Frederick Baker

发明人： Ian Foo ,  Jeremy Stieglitz ,  Frederick Baker

IPC分类号： G06F15/167

CPC分类号： H04L51/08

摘要： A method, a system, a machine-readable medium, and an apparatus for managing storage on a shared storage space, for example, on an email server, are provided. A plurality of emails is compared. If the content of each of the plurality of emails is the same, then a single copy is stored on the email server. Further, each recipient of the plurality of emails is enabled access to the stored email via a link to the single copy. Additionally, one or more attachments of the plurality of emails are compared. If an attachment is the same in each of the plurality of emails, then it is stored as a single copy. Further, a link is inserted in each of the plurality of emails, enabling access to the attachment from the single copy.

摘要翻译： 提供了一种方法，系统，机器可读介质和用于管理例如在电子邮件服务器上的共享存储空间上的存储的装置。 比较多个电子邮件。 如果多个电子邮件中的每一个的内容相同，则在电子邮件服务器上存储单个副本。 此外，多个电子邮件的每个接收者能够经由到单个副本的链接访问存储的电子邮件。 此外，比较多个电子邮件中的一个或多个附件。 如果附件在多个电子邮件的每一个中是相同的，则它被存储为单个副本。 此外，在多个电子邮件的每一个中插入链接，使得能够从单个副本访问附件。

公开(公告)号：US08483191B2

公开(公告)日：2013-07-09

申请号：US11359753

申请日：2006-02-21

申请人： William D. Erdman ,  Jeremy Stieglitz ,  Patrick Che' Gilbreath ,  Ian Foo

发明人： William D. Erdman ,  Jeremy Stieglitz ,  Patrick Che' Gilbreath ,  Ian Foo

IPC分类号： H04W4/00

CPC分类号： H04W28/24 ,  H04L47/10 ,  H04L47/14 ,  H04L47/2433 ,  H04L47/2466 ,  H04L65/80 ,  H04W4/16 ,  H04W72/1242 ,  H04W84/12 ,  H04W88/08

摘要： A system and method for selectively controlling traffic in a network to improve network performance. The system includes a network controller that includes a first control-traffic prioritizer. An Access Point (AP) includes a second control-traffic prioritizer and communicates with the network controller. One or more clients communicate with the AP. The communications behavior of the client is affected by operations of the first control-traffic prioritizer and the second control-traffic prioritizer.

摘要翻译： 一种用于选择性地控制网络中的业务以提高网络性能的系统和方法。 该系统包括包括第一控制流量优先级的网络控制器。 接入点（AP）包括第二控制业务优先级并与网络控制器进行通信。 一个或多个客户端与AP通信。 客户端的通信行为受到第一控制流量优先级和第二控制流量优先级的操作的影响。

公开(公告)号：US20060209705A1

公开(公告)日：2006-09-21

申请号：US11083434

申请日：2005-03-17

申请人： Susan Sauter ,  Jason Frazier ,  Ian Foo ,  Gregory Moore ,  Troy Sherman

发明人： Susan Sauter ,  Jason Frazier ,  Ian Foo ,  Gregory Moore ,  Troy Sherman

IPC分类号： H04J1/16 ,  H04L12/66

CPC分类号： H04L63/08

摘要： According to one embodiment, a method for removing authentication of a supplicant includes monitoring communication between the supplicant and an authenticator. The method also includes determining, based on the monitored communication, the MAC address for the supplicant and an attachment port of the supplicant to the intermediate network device disposed between the supplicant and the authenticator through which the monitored communication occurs. The method also includes determining that the supplicant no longer has a link connection with the intermediate network device, and in response, sending via the intermediate network device a logoff message having a spoofed source address of the supplicant to the authenticator.

摘要翻译： 根据一个实施例，一种用于去除请求方的认证的方法包括监视请求方与认证者之间的通信。 该方法还包括基于所监视的通信，将被请求者的MAC地址和请求者的附加端口确定到被设置在请求方与认证者之间的中间网络设备，通过该认证方发送被监控的通信。 该方法还包括确定请求者不再具有与中间网络设备的链路连接，并且作为响应，通过中间网络设备向认证者发送具有请求者的欺骗源地址的注销消息。

公开(公告)号：US07447166B1

公开(公告)日：2008-11-04

申请号：US10979536

申请日：2004-11-02

申请人： Shyamasundar S. Kaluve ,  Ian Foo ,  Shyam Murthy ,  Ramesh Ponnapalli ,  Rajasekhar Manam

发明人： Shyamasundar S. Kaluve ,  Ian Foo ,  Shyam Murthy ,  Ramesh Ponnapalli ,  Rajasekhar Manam

IPC分类号： H04L12/26

CPC分类号： H04L12/66

摘要： A technique optimizes the distribution of authenticated users among a plurality of broadcast domains, such as virtual local area networks (VLAN). Users are dynamically assigned to different broadcast domains based on various factors, including but not limited to the number of authenticated users already participating in each broadcast domain, the available bandwidth in each broadcast domain, user classes associated with users participating in each broadcast domain, etc. Based on one or more of these factors, authenticated users are optimally distributed (“load balanced”) among the plurality of broadcast domains, thereby reducing the amount of broadcast traffic and configuration within each domain.

摘要翻译： 一种技术优化了多个广播域（如虚拟局域网（VLAN））中的已认证用户的分布。 用户根据各种因素动态分配到不同的广播域，包括但不限于已经参与每个广播域的已认证用户的数量，每个广播域中的可用带宽，与参与每个广播域的用户相关联的用户类等 基于这些因素中的一个或多个，多个广播域中的经过认证的用户被最优地分布（“负载平衡”），从而减少每个域内的广播流量和配置的数量。

公开(公告)号：US20080232277A1

公开(公告)日：2008-09-25

申请号：US11726933

申请日：2007-03-23

申请人： Ian Foo ,  Jacqueline Munson ,  Randall B. Baird

发明人： Ian Foo ,  Jacqueline Munson ,  Randall B. Baird

IPC分类号： H04L12/16

CPC分类号： H04L12/1822

摘要： In one embodiment, a method includes electronically prompting, in response to a triggering event, a participant connected to a conference session via a corresponding endpoint device to enter an affirmative response in order to continue attending the conference session. The participant is disconnected from the conference session in the event that the affirmative response is not received within a predetermined time period. It is emphasized that this abstract is provided to comply with the rules requiring an abstract that will allow a searcher or other reader to quickly ascertain the subject matter of the technical disclosure.

摘要翻译： 在一个实施例中，一种方法包括响应于触发事件，通过相应的端点设备电话提示连接到会议会话的参与者以输入肯定响应，以便继续参加会议会话。 如果在预定的时间段内没有收到肯定的答复，参与者将与会议会话断开连接。 要强调的是，该摘要被提供以符合要求抽象的规则，允许搜索者或其他读者快速确定技术公开的主题。

公开(公告)号：US20060268856A1

公开(公告)日：2006-11-30

申请号：US11140686

申请日：2005-05-31

申请人： Eric Voit ,  Ian Foo ,  Wayne Roiger

发明人： Eric Voit ,  Ian Foo ,  Wayne Roiger

IPC分类号： H04L12/56

CPC分类号： H04L63/0838 ,  H04L63/0892 ,  H04L63/162

摘要： A Service Provider (SP) authentication method includes receiving a message from a subscriber-premises device, the message being compatible with an authentication protocol and being transported from the subscriber-premises device to a u-PE device operating in compliance with an IEEE 802.1x compatible protocol. Access to the SP network is either allowed or denied access based on a logical identifier contained in the message. It is emphasized that this abstract is provided to comply with the rules requiring an abstract that will allow a searcher or other reader to quickly ascertain the subject matter of the technical disclosure. It is submitted with the understanding that it will not be used to interpret or limit the scope or meaning of the claims. 37 CFR 1.72(b).

摘要翻译： 服务提供商（SP）认证方法包括从用户驻地设备接收消息，所述消息与认证协议兼容并且从用户驻地设备传输到按照IEEE 802.1x操作的u-PE设备 兼容协议。 根据包含在消息中的逻辑标识符，对SP网络的访问被允许或拒绝访问。 要强调的是，该摘要被提供以符合要求抽象的规则，允许搜索者或其他读者快速确定技术公开内容的主题。 提交它的理解是，它不会用于解释或限制权利要求的范围或含义。 37 CFR 1.72（b）。