公开(公告)号：US20050204162A1

公开(公告)日：2005-09-15

申请号：US10797773

申请日：2004-03-09

申请人： Mark Rayes ,  Michael Cheung ,  Ralph Droms ,  Petre Dini

发明人： Mark Rayes ,  Michael Cheung ,  Ralph Droms ,  Petre Dini

IPC分类号： H04L9/00

CPC分类号： H04L63/1433 ,  H04L61/103 ,  H04L61/2015 ,  H04L61/2061 ,  H04L63/101 ,  H04L63/1408

摘要： An isolation approach for network users associated with elevated risk is disclosed for protecting networks. In one approach a method comprises the computer-implemented steps of determining a user identifier associated with a network device that has caused a security event in a network; causing the network device to receive a network address that is selected from a subset of addresses within a specified pool associated with suspected malicious network users; and configuring one or more security restrictions with respect to the selected network address.

摘要翻译： 为了保护网络，披露了与提高风险相关联的网络用户的隔离方法。 在一种方法中，一种方法包括计算机实现的步骤：确定与已经在网络中引起安全事件的网络设备相关联的用户标识符; 使得网络设备接收从与可疑恶意网络用户相关联的指定池内的地址子集中选择的网络地址; 以及针对所选择的网络地址配置一个或多个安全限制。

公开(公告)号：US07607021B2

公开(公告)日：2009-10-20

申请号：US10797773

申请日：2004-03-09

申请人： Mark Ammar Rayes ,  Michael Cheung ,  Ralph Droms ,  Petre Dini

发明人： Mark Ammar Rayes ,  Michael Cheung ,  Ralph Droms ,  Petre Dini

IPC分类号： G06F12/14 ,  G06F11/30

CPC分类号： H04L63/1433 ,  H04L61/103 ,  H04L61/2015 ,  H04L61/2061 ,  H04L63/101 ,  H04L63/1408

摘要： An isolation approach for network users associated with elevated risk is disclosed for protecting networks. In one approach a method comprises the computer-implemented steps of determining a user identifier associated with a network device that has caused a security event in a network; causing the network device to receive a network address that is selected from a subset of addresses within a specified pool associated with suspected malicious network users; and configuring one or more security restrictions with respect to the selected network address.

摘要翻译： 为了保护网络，披露了与提高风险相关联的网络用户的隔离方法。 在一种方法中，一种方法包括计算机实现的步骤：确定与已经在网络中引起安全事件的网络设备相关联的用户标识符; 使得网络设备接收从与可疑恶意网络用户相关联的指定池内的地址子集中选择的网络地址; 以及针对所选择的网络地址配置一个或多个安全限制。

公开(公告)号：US20060165052A1

公开(公告)日：2006-07-27

申请号：US10995453

申请日：2004-11-22

申请人： Cosmin Dini ,  Petre Dini ,  Manuela Popescu ,  Mark Rayes

发明人： Cosmin Dini ,  Petre Dini ,  Manuela Popescu ,  Mark Rayes

IPC分类号： H04L12/28

CPC分类号： H04L43/0817 ,  H04L43/16

摘要： The real time availability of a group of network elements is determined based upon both a real time availability value for each of the network elements and cooperation relationships between the network elements. The cooperation relationships reflect both the topological relationships between the network elements, i.e., how the network elements are connected, and the extent to which network elements interact with each other effectively. For relatively small groups of network elements, where the cooperation relationships are not overly complex, the real time availability is determined directly from the real time availability value for each of the network elements and cooperation relationships between the network elements. Decomposition and recombination are used to determine the real time availability of large groups of network elements based on specific formulas for basic network element topology models.

摘要翻译： 基于网络元件中的每一个的实时可用性值和网络元件之间的协作关系来确定一组网络元件的实时可用性。 合作关系反映了网络元件之间的拓扑关系，即网络元件如何连接，以及网络元件有效地彼此交互的程度。 对于相对较小的网络组合，其中协作关系不是过于复杂，可以直接从每个网络元素的实时可用性值和网络元素之间的协作关系直接确定实时可用性。 分解和重组用于基于基本网元拓扑模型的具体公式确定大群网元的实时可用性。

公开(公告)号：US08260908B2

公开(公告)日：2012-09-04

申请号：US11280539

申请日：2005-11-16

申请人： Steve Chen-Lin Chang ,  L. Alexander Clemm ,  Petre Dini ,  Shyyunn Sheran Lin

发明人： Steve Chen-Lin Chang ,  L. Alexander Clemm ,  Petre Dini ,  Shyyunn Sheran Lin

IPC分类号： G06F15/173

CPC分类号： H04L41/00

摘要： Techniques for system (syslog) messages are provided. As syslog messages are generated a dual sequence number is maintained for each syslog message. The first sequence number is consistent for each syslog message and represents a total number of syslog messages received. The second sequence number is maintained as a total message count for a specific session for which a syslog message is assigned.

摘要翻译： 提供了系统（syslog）消息的技术。 当系统日志消息生成时，为每个syslog消息维护双序列号。 第一个序列号对于每个syslog消息是一致的，并且表示接收到的系统日志消息的总数。 第二个序列号被保持为分配了syslog消息的特定会话的总消息计数。

公开(公告)号：US08180922B2

公开(公告)日：2012-05-15

申请号：US11323038

申请日：2005-12-29

申请人： Cosmin Dini ,  Petre Dini ,  Manuela Popescu ,  Anurag Kahol

发明人： Cosmin Dini ,  Petre Dini ,  Manuela Popescu ,  Anurag Kahol

IPC分类号： G06F15/173 ,  G06F9/46

CPC分类号： G06F11/008 ,  H04L67/1002 ,  H04L67/1008 ,  H04L67/101 ,  H04L67/1014

摘要： Resource availability profiles are received, wherein each resource availability profile describes a resource associated with a server. Each resource is assigned a plurality of weights corresponding to a plurality of policies. The weights are determined by, for each of the plurality of the policies, determining a weight for each resource based a given policy and selected information in the resource availability profiles corresponding to the resources. The method further comprises determining a policy from the plurality of the policies corresponding to a given a context associated with a connection request. A first of the load-balanced servers is selected for the connection request based on the weights assigned to the plurality of resources for the policy for the given context.

摘要翻译： 接收资源可用性简档，其中每个资源可用性简档描述与服务器相关联的资源。 向每个资源分配与多个策略对应的多个权重。 对于所述多个策略中的每一个，所述权重由所述资源的资源可用性概况中的给定策略和所选择的信息确定每个资源的权重。 该方法还包括从与连接请求相关联的给定上下文对应的多个策略中确定策略。 基于为给定上下文的策略分配给多个资源的权重，为连接请求选择第一个负载平衡服务器。

公开(公告)号：US07792036B2

公开(公告)日：2010-09-07

申请号：US11657193

申请日：2007-01-23

申请人： L. Alexander Clemm ,  Petre Dini ,  Cosmin Dini

发明人： L. Alexander Clemm ,  Petre Dini ,  Cosmin Dini

IPC分类号： H04J1/16 ,  H04J3/16

CPC分类号： H04L47/10 ,  H04L41/0681 ,  H04L41/0803 ,  H04L47/263 ,  H04L47/30

摘要： Event processing in rate limited network devices is described. An event receiver is notified of a backlog condition and may respond by increasing the rate limit for the network device. If an event queue on the network device overflows, event messages may be diverted to an event message overflow store or to a network location. Later, the messages may be retrieved after the overflow condition has cleared. As a result, critical messages or events such as Syslog messages are not lost when a rate limited network device cannot deliver the messages to a network management station.

摘要翻译： 描述了限速网络设备中的事件处理。 事件接收器被通知积压状态，并且可以通过增加网络设备的速率限制来做出响应。 如果网络设备上的事件队列溢出，则事件消息可能会转移到事件消息溢出存储或网络位置。 之后，可以在溢出条件清除之后检索消息。 因此，当速率有限的网络设备无法将消息传递到网络管理站时，诸如Syslog消息之类的关键消息或事件不会丢失。

公开(公告)号：US07620714B1

公开(公告)日：2009-11-17

申请号：US10714192

申请日：2003-11-14

申请人： Cosmin Dini ,  Petre Dini ,  Jackson Shyu ,  Mark Ammar Rayes

发明人： Cosmin Dini ,  Petre Dini ,  Jackson Shyu ,  Mark Ammar Rayes

IPC分类号： G06F15/173

CPC分类号： H04L41/5012 ,  H04L41/0213 ,  H04L41/046 ,  H04L43/0817

摘要： A method is disclosed for a method for measuring the availability of a network element or service. For each network element N, a current real availability value CRAVN and a current time value CTVN are associated with network element N. Additionally, for each network element N, an operational state value OSVN is associated with network element N. At a later time, indicated by a new time value NTVN, a new real availability value NRAVN for network element N is determined based on the current availability value CRAVN, the current time value CTVN, the new time value NTVN, and the operational state value OSVN. The new real availability value NRAVN is stored. Thus, each separate network element N may be associated with a separate real availability value that accurately reflects the availability of network element N specifically, regardless of any availability approximated for network element N's type.

摘要翻译： 公开了一种用于测量网络元件或服务的可用性的方法的方法。 对于每个网络元件N，当前实际可用性值CRAVN和当前时间值CTVN与网络元件N相关联。另外，对于每个网络元件N，操作状态值OSVN与网络元件N相关联。在稍后的时间， 通过新的时间值NTVN指示，基于当前可用性值CRAVN，当前时间值CTVN，新的时间值NTVN和操作状态值OSVN来确定网元N的新的实际可用性值NRAVN。 存储新的实际可用性值NRAVN。 因此，每个单独的网络元素N可以与单独的实际可用性值相关联，而不管网络元素N的类型是否接近任何可用性，都可以具体地准确地反映网络元素N的可用性。

公开(公告)号：US20070192498A1

公开(公告)日：2007-08-16

申请号：US11697726

申请日：2007-04-07

申请人： Petre Dini ,  Andrew Harvey ,  Cosmin Dini ,  Manuela Popescu

发明人： Petre Dini ,  Andrew Harvey ,  Cosmin Dini ,  Manuela Popescu

IPC分类号： G06F15/16

CPC分类号： G06F9/468

摘要： A method is disclosed for adaptively coupling processing components in a distributed system. In one aspect, a second component requests an interaction with a first component by sending a service access request to access a first service of the first component. The service access request specifies parameters relating to a proposed level of coupling between the first component and the second component. The second component receives a service response from the first component; the service response specifies counter-proposed parameters relating to a proposed level of coupling between the first component and the second component. The second component determines whether the service response indicates that the first service may be provided. If so, then an agreed-upon level of coupling is established between the first component and second component, and the components interact to receive the service. The level of coupling among the components may be re-negotiated at any time by exchanging values in a coupling context. As a result, a component can selectively and with fine granularity allow other components to access its data or services.

公开(公告)号：US07472183B1

公开(公告)日：2008-12-30

申请号：US10637174

申请日：2003-08-07

申请人： Petre Dini ,  Masum Z. Hasan ,  Manuela I. Popescu ,  Cosmin N. Dini

发明人： Petre Dini ,  Masum Z. Hasan ,  Manuela I. Popescu ,  Cosmin N. Dini

IPC分类号： G06F15/16 ,  G06F15/173 ,  G06F15/177

CPC分类号： H04L41/0681 ,  H04L41/0213 ,  H04L43/0817 ,  H04L63/1408

摘要： Approaches are described for capturing illegal and undesired behavior for network components and for interactions between components. One approach comprise specifying one or more states and state transitions for one or more components or interactions between components, wherein at least one composite state transition is specified, and generating a notification corresponding to a specified state or state transition when the state or state transition occurs. These approaches provide a holistic view of the entire state space of a network or component or component interactions, and allow undesired or illegal states to be captured in a timely manner.

摘要翻译： 描述了捕获网络组件的非法和不需要的行为以及组件之间的交互的方法。 一种方法包括为一个或多个组件或组件之间的交互指定一个或多个状态和状态转换，其中指定至少一个复合状态转换，并且当状态或状态转换发生时，生成与指定状态或状态转换相对应的通知 。 这些方法提供了网络或组件或组件交互的整个状态空间的整体视图，并且允许及时捕获不想要的或非法的状态。

公开(公告)号：US20080028075A1

公开(公告)日：2008-01-31

申请号：US11460933

申请日：2006-07-28

申请人： Petre Dini ,  Ludwig Alexander Clemm ,  Cosmin Nicu Dini ,  Manuela Ionelia Popescu

发明人： Petre Dini ,  Ludwig Alexander Clemm ,  Cosmin Nicu Dini ,  Manuela Ionelia Popescu

IPC分类号： G06F15/173

CPC分类号： H04L67/1008 ,  G06F9/505 ,  G06F2209/5019 ,  H04L67/1002 ,  H04L67/30

摘要： A method and system to profile applications are provided. The system may include a capture module to capture resources consumption data for an application and a requirements generator to generate resources requirement data for the application. The resources requirement data may be generated by the requirements generator utilizing the resource consumption data. The system may further include a profile generator to generate a profile for the application. The profile may comprise the resources consumption data and the resources requirement data.

摘要翻译： 提供了一种用于简档应用程序的方法和系统。 该系统可以包括捕获模块，用于捕获用于应用的资源消耗数据和需求生成器以生成应用的资源需求数据。 资源需求数据可以由需求生成器利用资源消耗数据生成。 该系统可以进一步包括简档生成器以生成应用的简档。 该简档可以包括资源消耗数据和资源需求数据。