-
公开(公告)号:US20080072309A1
公开(公告)日:2008-03-20
申请号:US11860228
申请日:2007-09-24
申请人: JAMES KLEINSTEIBER , Richard Hammons , Dilip Gunawardena , Hung Nguyen , Shankar Balasubramanian , Vidya Renganararayanan
发明人: JAMES KLEINSTEIBER , Richard Hammons , Dilip Gunawardena , Hung Nguyen , Shankar Balasubramanian , Vidya Renganararayanan
CPC分类号: H04L63/08 , H04L63/0428 , H04L63/0823 , H04L63/0869 , H04L63/104 , H04L63/20 , H04L2463/102
摘要: A method and apparatus for securing networks, focusing on application in Fibre Channel networks. A combination of unique security techniques are combined to provide overall network security. Responsibility for security in the network is assigned to one or more designated entities. The designated entities deploy management information throughout the network to enhance security by modifying the capabilities and operational permissions of the devices participating in the network. For example, through network control: logical management access or physical I/O access may be limited on a per device or per I/O basis; and all devices and ports in the network operate only with other approved devices and ports. These designated entities can better manage network security by exploiting a unique link authentication system as well as a unique push-model secure distributed time service. The link authentication involves a multi-phase nonce exchange exploiting various derivations of the nonce and other information such as hashes and encryptions. The push-model secure time distribution departs from the traditional Fibre Channel pull mode time distribution and provides for secure and reliable distributed time so that various security attacks may be defeated.
摘要翻译: 一种用于保护网络的方法和设备,专注于光纤通道网络中的应用。 结合独特的安全技术,提供整体网络安全。 将网络中的安全责任分配给一个或多个指定实体。 指定实体在整个网络中部署管理信息,通过修改参与网络的设备的功能和操作许可来增强安全性。 例如,通过网络控制:逻辑管理访问或物理I / O访问可能在每个设备或每个I / O的基础上受到限制; 并且网络中的所有设备和端口仅与其他已批准的设备和端口一起工作。 这些指定实体可以通过利用独特的链路认证系统以及独特的推模型安全分发时间服务来更好地管理网络安全。 链路认证涉及利用随机数的各种推导和其他信息(如散列和加密)的多阶段随机交换。 推模型安全时间分配与传统的光纤通道拉模式时间分布不符,提供了安全可靠的分发时间,从而可能会破坏各种安全攻击。
-
公开(公告)号:US08621567B2
公开(公告)日:2013-12-31
申请号:US11198834
申请日:2005-08-05
申请人: James Kleinsteiber , Richard L. Hammons , Dilip Gunawardena , Hung Nguyen , Shankar Balasubramanian , Vidya Renganararayanan
发明人: James Kleinsteiber , Richard L. Hammons , Dilip Gunawardena , Hung Nguyen , Shankar Balasubramanian , Vidya Renganararayanan
IPC分类号: G06F21/00
CPC分类号: H04L63/08 , H04L63/0428 , H04L63/0823 , H04L63/0869 , H04L63/104 , H04L63/20 , H04L2463/102
摘要: A method and apparatus for securing networks, focusing on application in Fibre Channel networks. A combination of unique security techniques are combined to provide overall network security. Responsibility for security in the network is assigned to one or more designated entities. The designated entities deploy management information throughout the network to enhance security by modifying the capabilities and operational permissions of the devices participating in the network. For example, through network control: logical management access or physical I/O access may be limited on a per device or per I/O basis; and all devices and ports in the network operate only with other approved devices and ports. These designated entities can better manage network security by exploiting a unique link authentication system as well as a unique push-model secure distributed time service. The link authentication involves a multi-phase nonce exchange exploiting various derivations of the nonce and other information such as hashes and encryptions. The push-model secure time distribution departs from the traditional Fibre Channel pull mode time distribution and provides for secure and reliable distributed time so that various security attacks may be defeated.
摘要翻译: 一种用于保护网络的方法和设备,专注于光纤通道网络中的应用。 组合独特的安全技术,提供整体网络安全。 将网络中的安全责任分配给一个或多个指定实体。 指定实体在整个网络中部署管理信息,通过修改参与网络的设备的功能和操作许可来增强安全性。 例如,通过网络控制:逻辑管理访问或物理I / O访问可能在每个设备或每个I / O的基础上受到限制; 并且网络中的所有设备和端口仅与其他已批准的设备和端口一起工作。 这些指定实体可以通过利用独特的链路认证系统以及独特的推模型安全分发时间服务来更好地管理网络安全。 链路认证涉及利用随机数的各种推导和其他信息(如散列和加密)的多阶段随机交换。 推模型安全时间分配与传统的光纤通道拉模式时间分布不符,提供了安全可靠的分发时间,从而可能会破坏各种安全攻击。
-
公开(公告)号:US20060005233A1
公开(公告)日:2006-01-05
申请号:US11198834
申请日:2005-08-05
申请人: James Kleinsteiber , Richard Hammons , Hung Nguyen , Shankar Balasubramanian , Vidya Renganararayanan
发明人: James Kleinsteiber , Richard Hammons , Hung Nguyen , Shankar Balasubramanian , Vidya Renganararayanan
CPC分类号: H04L63/08 , H04L63/0428 , H04L63/0823 , H04L63/0869 , H04L63/104 , H04L63/20 , H04L2463/102
摘要: A method and apparatus for securing networks, focusing on application in Fibre Channel networks. A combination of unique security techniques are combined to provide overall network security. Responsibility for security in the network is assigned to one or more designated entities. The designated entities deploy management information throughout the network to enhance security by modifying the capabilities and operational permissions of the devices participating in the network. For example, through network control: logical management access or physical I/O access may be limited on a per device or per I/O basis; and all devices and ports in the network operate only with other approved devices and ports. These designated entities can better manage network security by exploiting a unique link authentication system as well as a unique push-model secure distributed time service. The link authentication involves a multi-phase nonce exchange exploiting various derivations of the nonce and other information such as hashes and encryptions. The push-model secure time distribution departs from the traditional Fibre Channel pull mode time distribution and provides for secure and reliable distributed time so that various security attacks may be defeated.
-
公开(公告)号:US20060080727A1
公开(公告)日:2006-04-13
申请号:US11269331
申请日:2005-11-08
申请人: Richard Hammons , James Kleinsteiber , Hung Nguyen , Shankar Balasubramanian , Vidya Renganarayanan
发明人: Richard Hammons , James Kleinsteiber , Hung Nguyen , Shankar Balasubramanian , Vidya Renganarayanan
CPC分类号: H04L63/0823 , H04L63/0428 , H04L63/101
摘要: A network configuration device or entity has control of defined management and security functions in the network, or in many embodiments, in a Fibre Channel fabric. The network configuration device may control many functions. Foremost, it may control the recognition, operation and succession procedure for network configuration entities. It may also control user configurable options for the network, rules for interaction between other entities in the network, rules governing management-level access to the network, and rules governing management-level access to individual devices in the network. In addition, the network configuration entity may exploit policy sets to implement its control.
-
公开(公告)号:US20060059540A1
公开(公告)日:2006-03-16
申请号:US11269365
申请日:2005-11-08
申请人: Richard Hammons , James Kleinsteiber , Hung Nguyen , Shankar Balasubramanian , Vidya Renganarayanan
发明人: Richard Hammons , James Kleinsteiber , Hung Nguyen , Shankar Balasubramanian , Vidya Renganarayanan
IPC分类号: H04L9/32
CPC分类号: H04L63/0823 , H04L63/0428 , H04L63/101
摘要: A network configuration device or entity has control of defined management and security functions in the network, or in many embodiments, in a Fibre Channel fabric. The network configuration device may control many functions. Foremost, it may control the recognition, operation and succession procedure for network configuration entities. It may also control user configurable options for the network, rules for interaction between other entities in the network, rules governing management-level access to the network, and rules governing management-level access to individual devices in the network. In addition, the network configuration entity may exploit policy sets to implement its control.
-
公开(公告)号:US20060064743A1
公开(公告)日:2006-03-23
申请号:US11269437
申请日:2005-11-08
申请人: Richard Hammons , James Kleinsteiber , Hung Nguyen , Shankar Balasubramanian , Vidya Renganarayanan
发明人: Richard Hammons , James Kleinsteiber , Hung Nguyen , Shankar Balasubramanian , Vidya Renganarayanan
CPC分类号: H04L63/0823 , H04L63/0428 , H04L63/101
摘要: A network configuration device or entity has control of defined management and security functions in the network, or in many embodiments, in a Fibre Channel fabric. The network configuration device may control many functions. Foremost, it may control the recognition, operation and succession procedure for network configuration entities. It may also control user configurable options for the network, rules for interaction between other entities in the network, rules governing management-level access to the network, and rules governing management-level access to individual devices in the network. In addition, the network configuration entity may exploit policy sets to implement its control.
-
7.发明授权公开(公告)号:US07873984B2
公开(公告)日:2011-01-18
申请号:US10066251
申请日:2002-01-31
申请人: Richard L. Hammons , James Kleinsteiber , Hung Nguyen , Shankar Balasubramanian , Vidya Renganarayanan
发明人: Richard L. Hammons , James Kleinsteiber , Hung Nguyen , Shankar Balasubramanian , Vidya Renganarayanan
IPC分类号: G06F17/00
CPC分类号: H04L63/0823 , H04L63/0428 , H04L63/101
摘要: A network configuration device or entity has control of defined management and security functions in the network, or in many embodiments, in a Fiber Channel fabric. The network configuration device may control many functions. Foremost, it may control the recognition, operation and succession procedure for network configuration entities. It may also control user configurable options for the network, rules for interaction between other entities in the network, rules governing management-level access to the network, and rules governing management-level access to individual devices in the network. In addition, the network configuration entity may exploit policy sets to implement its control.
摘要翻译: 网络配置设备或实体具有在网络中或在许多实施例中在光纤通道结构中的定义的管理和安全功能的控制。 网络配置设备可以控制许多功能。 最重要的是,它可以控制网络配置实体的识别,操作和继承过程。 它还可以控制网络的用户可配置选项,网络中其他实体之间的交互规则,管理对网络的管理级访问的规则,以及管理对网络中各个设备的管理级访问的规则。 此外,网络配置实体可以利用策略集来实现其控制。
-
公开(公告)号:US09769049B2
公开(公告)日:2017-09-19
申请号:US13560968
申请日:2012-07-27
申请人: Hung Nguyen
发明人: Hung Nguyen
摘要: A method of monitoring virtualized network includes receiving information regarding the virtualized network, wherein the information is received at a port of a network switch appliance, receiving a packet at a network port of the network switch appliance, and using the received information to determine whether to process the packet according to a first packet processing scheme or a second packet processing scheme, wherein the first packet processing scheme involves performing header stripping, and performing packet transmission to one of a plurality of instrument ports at the network switch appliance after the header stripping, each of the instrument ports configured for communicatively coupling to a network monitoring instrument, and wherein the second packet processing scheme involves performing packet transmission to one of the plurality of instrument ports at the network switch appliance without performing any header stripping.
-
公开(公告)号:US09060857B2
公开(公告)日:2015-06-23
申请号:US13526951
申请日:2012-06-19
申请人: Than Nguyen , Hung Nguyen , Mykim Nguyen , Stanley Komatsu , Robrecht Michiels
发明人: Than Nguyen , Hung Nguyen , Mykim Nguyen , Stanley Komatsu , Robrecht Michiels
IPC分类号: A61F2/24
CPC分类号: A61F2/2418 , A61F2/2412 , A61F2/2415 , A61F2220/005 , A61F2220/0058 , A61F2220/0075 , A61F2230/0054 , A61F2230/0067 , A61F2230/008 , A61F2250/0039 , Y10S623/90
摘要: A heart valve prosthesis is provided having a self-expanding multi-level frame that supports a valve body comprising a skirt and plurality of coapting leaflets. The frame transitions between a contracted delivery configuration that enables percutaneous transluminal delivery, and an expanded deployed configuration having an asymmetric hourglass shape. The valve body skirt and leaflets are constructed so that the center of coaptation may be selected to reduce horizontal forces applied to the commissures of the valve, and to efficiently distribute and transmit forces along the leaflets and to the frame. Alternatively, the valve body may be used as a surgically implantable replacement valve prosthesis.
摘要翻译: 提供了一种心脏瓣膜假体,其具有支撑包括裙部和多个附着小叶的阀体的自膨胀多层框架。 框架在允许经皮腔内递送的收缩递送构型和具有不对称沙漏形状的扩张部署构型之间转变。 阀体裙部和小叶被构造成使得可以选择接合中心以减小施加到阀的连合处的水平力,并且有效地分布和传递沿着传单和框架的力。 或者,阀体可以用作可手术植入的置换瓣膜假体。
-
10.发明申请Method and Apparatus for Accommodating Differrent Clock Frequencies in an Ethernet Passive Optical Network 有权用于适应以太网无源光网络中不同时钟频率的方法和装置公开(公告)号:US20110170868A1
公开(公告)日:2011-07-14
申请号:US13073525
申请日:2011-03-28
申请人: Edward W. BOYD , Ryan E. Hirth , Hung Nguyen
发明人: Edward W. BOYD , Ryan E. Hirth , Hung Nguyen
IPC分类号: H04B10/20
CPC分类号: H04J3/0638 , H04J3/0652 , H04J3/0682 , H04J3/07 , H04J3/1694 , H04Q11/0067 , H04Q2011/0079
摘要: One embodiment of the present invention provides a system that accommodates different clock frequencies in an Ethernet passive optical network (EPON). The system receives a signal from an optical line terminal (OLT) at an optical network unit (ONU) and derives an OLT clock. The system also maintains a local clock. The system further receives from the OLT an assignment for an upstream transmission window, during which the ONU can transmit an upstream data burst to the OLT based on the local clock. The system adjusts the number of bits of the data burst without affecting the payload data carried in the data burst, thereby allowing the data burst to fit properly within the upstream transmission window and compensating for frequency differences between the local clock and the OLT clock. The system transmits the data burst based on the local clock in the upstream transmission window.
摘要翻译: 本发明的一个实施例提供一种在以太网无源光网络(EPON)中适应不同时钟频率的系统。 该系统从光网络单元(ONU)的光线路终端(OLT)接收信号,得到OLT时钟。 该系统还维护本地时钟。 该系统还从OLT接收用于上行传输窗口的分配,在该传输窗口期间,ONU可以基于本地时钟向OLT发送上行数据突发。 该系统调整数据脉冲串的位数,而不影响数据脉冲串中承载的有效载荷数据,从而允许数据脉冲串适配于上游传输窗口内,并补偿本地时钟与OLT时钟之间的频率差异。 系统根据上行传输窗口中的本地时钟传输数据脉冲串。
-
-
-
-
-
-
-
-
-
搜索结果
154 条记录 (耗时 0.042 秒)
