公开(公告)号：US08549286B2

公开(公告)日：2013-10-01

申请号：US12915430

申请日：2010-10-29

申请人： Lifeng Liu ,  Min Huang ,  Shi Wan

发明人： Lifeng Liu ,  Min Huang ,  Shi Wan

IPC分类号： H04L29/06

CPC分类号： H04L12/4675 ,  H04L29/12254 ,  H04L61/2038 ,  H04L63/0272 ,  H04L63/166

摘要： In the field of communications technology, a method and a system for forwarding data between private networks are provided, which can enable terminals in different private networks to securely communicate with each other by using private network addresses. The method includes the following steps. A Secure Socket Layer (SSL) tunnel to an SSL Virtual Private Network (VPN) device in another private network is established. Address allocation information of the another private network is received through the SSL tunnel. The address allocation information and a mapping relation between the address allocation information and a public network IP address of the SSL VPN device transmitting the address allocation information and a session ID of the SSL tunnel transmitting the address allocation information are saved. A data packet whose destination address belongs to the another private network is forwarded to the SSL VPN device of the private network to which the destination address belongs, according to the address allocation information and the mapping relation. Through the method, the SSL VPN device can resolve private network addresses of other private networks.

摘要翻译： 在通信技术领域中，提供了一种用于在专用网络之间转发数据的方法和系统，其可以使不同专用网络中的终端能够通过使用专用网络地址彼此安全地进行通信。 该方法包括以下步骤。 建立到另一个专用网络中的SSL虚拟专用网（VPN）设备的安全套接层（SSL）隧道。 通过SSL隧道接收另一个专网的地址分配信息。 地址分配信息和地址分配信息与发送地址分配信息的SSL VPN设备的公网IP地址和发送地址分配信息的SSL隧道的会话ID之间的映射关系被保存。 根据地址分配信息和映射关系，将目的地址属于另一个专网的数据包转发到目的地址所属专用网的SSL VPN设备。 通过该方法，SSL VPN设备可以解析其他专用网络的私网地址。

公开(公告)号：US20100325436A1

公开(公告)日：2010-12-23

申请号：US12871646

申请日：2010-08-30

申请人： Min Huang ,  Lifeng Liu ,  Shi Wan

发明人： Min Huang ,  Lifeng Liu ,  Shi Wan

IPC分类号： H04L9/32

CPC分类号： H04L9/0847 ,  H04L9/3073

摘要： A communication system that obtains a key includes: a server that confirms support of Identity Based Encryption (IBE) authentication; the server obtains public parameters and a private key for IBE; and the server receives a PreMasterSecret key encrypted through the IBE, and obtains a plain text of the PreMasterSecret key according to the public parameters and the private key. The system includes a client and a server. The client includes an IBE negotiating module, a public parameter obtaining module, a server identifier obtaining module, and a processing module. The server includes an IBE negotiating module, a public parameter obtaining module, a private key obtaining module, and a processing module. Through combination of the IBE technology and the SSL/TLS technology, the modes of encrypting a PreMasterSecret key in the existing SSL/TLS protocol are diversified, and the use scope of the existing SSL/TLS protocol is extended substantially.

摘要翻译： 获得密钥的通信系统包括：确认支持基于身份的加密（IBE）认证的服务器; 服务器获取IBE的公共参数和私钥; 并且服务器接收到通过IBE加密的PreMasterSecret密钥，并根据公共参数和私钥获取PreMasterSecret密钥的纯文本。 该系统包括客户端和服务器。 客户端包括IBE协商模块，公共参数获取模块，服务器标识符获取模块和处理模块。 服务器包括IBE协商模块，公共参数获取模块，私钥获取模块和处理模块。 通过结合IBE技术和SSL / TLS技术，现有SSL / TLS协议中PreMasterSecret密钥加密模式多样化，现有SSL / TLS协议的使用范围大大扩展。

公开(公告)号：US08769287B2

公开(公告)日：2014-07-01

申请号：US12871646

申请日：2010-08-30

申请人： Min Huang ,  Lifeng Liu ,  Shi Wan

发明人： Min Huang ,  Lifeng Liu ,  Shi Wan

IPC分类号： H04L9/32 ,  G06F21/00

CPC分类号： H04L9/0847 ,  H04L9/3073

摘要： A communication system that obtains a key includes: a server that confirms support of Identity Based Encryption (IBE) authentication; the server obtains public parameters and a private key for IBE; and the server receives a PreMasterSecret key encrypted through the IBE, and obtains a plain text of the PreMasterSecret key according to the public parameters and the private key. The system includes a client and a server. The client includes an IBE negotiating module, a public parameter obtaining module, a server identifier obtaining module, and a processing module. The server includes an IBE negotiating module, a public parameter obtaining module, a private key obtaining module, and a processing module. Through combination of the IBE technology and the SSL/TLS technology, the modes of encrypting a PreMasterSecret key in the existing SSL/TLS protocol are diversified, and the use scope of the existing SSL/TLS protocol is extended substantially.

摘要翻译： 获得密钥的通信系统包括：确认支持基于身份的加密（IBE）认证的服务器; 服务器获取IBE的公共参数和私钥; 并且服务器接收到通过IBE加密的PreMasterSecret密钥，并根据公共参数和私钥获取PreMasterSecret密钥的纯文本。 该系统包括客户端和服务器。 客户端包括IBE协商模块，公共参数获取模块，服务器标识符获取模块和处理模块。 服务器包括IBE协商模块，公共参数获取模块，私钥获取模块和处理模块。 通过结合IBE技术和SSL / TLS技术，现有SSL / TLS协议中PreMasterSecret密钥加密模式多样化，现有SSL / TLS协议的使用范围大大扩展。

公开(公告)号：US09438679B2

公开(公告)日：2016-09-06

申请号：US13808890

申请日：2011-03-10

申请人： Lifeng Liu ,  Jian Meng ,  Yuchen Wang ,  Michael Ko

发明人： Lifeng Liu ,  Jian Meng ,  Yuchen Wang ,  Michael Ko

IPC分类号： H04L29/08 ,  H04L29/12

CPC分类号： H04L67/141 ,  H04L61/103 ,  H04L61/6022 ,  H04L61/6045 ,  H04L67/1097 ,  H04L67/16 ,  H04L69/324

摘要： Embodiments of the present invention disclose a method, an apparatus, and a system for establishing an FCoE communication connection and a name server. According to a WWN world wide name identifier of a target to be accessed, a destination MAC address used to access the target to be accessed is acquired. According to the destination MAC address, a login operation is performed for the target to be accessed, to establish an FCoE fiber channel over Ethernet communication connection, so that an FCoE initiator may directly establish a communication connection with an FCoE target, thereby reducing data transmission delay and lightening the processing load of an original FCoE forwarder.

摘要翻译： 本发明的实施例公开了一种用于建立FCoE通信连接和名称服务器的方法，装置和系统。 根据要访问的目标的WWN世界名称标识符，获取用于访问要访问的目标的目的地MAC地址。 根据目的MAC地址，对被访问对象进行登录操作，通过以太网通信连接建立FCoE光纤信道，使得FCoE发起者可以直接建立与FCoE目标的通信连接，从而减少数据传输 延迟和减轻原始FCoE转发器的处理负载。

公开(公告)号：US08418242B2

公开(公告)日：2013-04-09

申请号：US12987502

申请日：2011-01-10

申请人： Dong Zhang ,  Lifeng Liu

发明人： Dong Zhang ,  Lifeng Liu

IPC分类号： H04L12/22 ,  H04L12/24

CPC分类号： H04L67/141 ,  H04L63/061 ,  H04L63/164 ,  H04L67/14 ,  H04L69/24

摘要： A method, system, and device for negotiating a security association (SA) on an Internet Protocol version 6 (IPv6) network are disclosed. In this method, the initiator and the responder generate an SA through the interaction of two messages. Compared with the conventional procedure for setting up an SA based on the Internet Key Exchange Protocol (IKE), the interaction procedure in the present invention is simplified significantly. Therefore, the negotiation is faster and more convenient. In addition, with the present invention, cryptographically generated address parameters (CGA Params) are carried in the message and the CGA may be verified so that the invader cannot spoof the address.

摘要翻译： 公开了一种在因特网协议版本6（IPv6）网络上协商安全关联（SA）的方法，系统和设备。 在这种方法中，发起者和应答者通过两个消息的交互生成SA。 与基于互联网密钥交换协议（IKE）建立SA的常规过程相比，本发明的交互过程被大大简化。 因此，谈判更快更方便。 另外，利用本发明，在消息中携带密码产生的地址参数（CGA Params），并且可以验证CGA，使得入侵者不能欺骗地址。

公开(公告)号：US20110280472A1

公开(公告)日：2011-11-17

申请号：US12780119

申请日：2010-05-14

申请人： Aaron S. Wallack ,  Lifeng Liu ,  Xiangyun Ye

发明人： Aaron S. Wallack ,  Lifeng Liu ,  Xiangyun Ye

IPC分类号： G06T7/00

CPC分类号： B25J9/1692 ,  B25J9/1607 ,  B25J9/1697 ,  G05B2219/39008 ,  G05B2219/39022 ,  G05B2219/39045 ,  G05B2219/39057 ,  G06T7/80 ,  Y10S901/09

摘要： A system and method for robustly calibrating a vision system and a robot is provided. The system and method enables a plurality of cameras to be calibrated into a robot base coordinate system to enable a machine vision/robot control system to accurately identify the location of objects of interest within robot base coordinates.

摘要翻译： 提供了用于鲁棒校准视觉系统和机器人的系统和方法。 该系统和方法使得能够将多个摄像机校准成机器人基座坐标系，以使机器视觉/机器人控制系统能够精确地识别机器人基准坐标内的感兴趣物体的位置。

公开(公告)号：US20110107104A1

公开(公告)日：2011-05-05

申请号：US12987502

申请日：2011-01-10

申请人： Dong Zhang ,  Lifeng Liu

发明人： Dong Zhang ,  Lifeng Liu

IPC分类号： H04L9/00

CPC分类号： H04L67/141 ,  H04L63/061 ,  H04L63/164 ,  H04L67/14 ,  H04L69/24

摘要： A method, system, and device for negotiating a security association (SA) on an Internet Protocol version 6 (IPv6) network are disclosed. In this method, the initiator and the responder generate an SA through the interaction of two messages. Compared with the conventional procedure for setting up an SA based on the Internet Key Exchange Protocol (IKE), the interaction procedure in the present invention is simplified significantly. Therefore, the negotiation is faster and more convenient. In addition, with the present invention, cryptographically generated address parameters (CGA Params) are carried in the message and the CGA may be verified so that the invader cannot spoof the address.

摘要翻译： 公开了一种在因特网协议版本6（IPv6）网络上协商安全关联（SA）的方法，系统和设备。 在这种方法中，发起者和应答者通过两个消息的交互生成SA。 与基于互联网密钥交换协议（IKE）建立SA的常规过程相比，本发明的交互过程被大大简化。 因此，谈判更快更方便。 另外，利用本发明，在消息中携带密码产生的地址参数（CGA Params），并且可以验证CGA，使得入侵者不能欺骗地址。

公开(公告)号：US20100017376A1

公开(公告)日：2010-01-21

申请号：US12569459

申请日：2009-09-29

申请人： Yang XIN ,  Lifeng Liu ,  Zhibin Zheng ,  Hongliang Zhu ,  Kai Zhao ,  Yixian Yang

发明人： Yang XIN ,  Lifeng Liu ,  Zhibin Zheng ,  Hongliang Zhu ,  Kai Zhao ,  Yixian Yang

IPC分类号： G06F15/177 ,  G06F17/30

CPC分类号： H04L41/142 ,  H04L29/12509 ,  H04L43/028 ,  H04L61/2567 ,  H04L69/22

摘要： A detecting method is provided, which includes extracting an Internet Protocol Identifier value from an obtained data packet. The detecting method may further include searching in a record table containing a correspondence relationship between an Internet Protocol Identifier value and a terminal serial number to determine whether the record table contains an adjacent Internet Protocol Identifier value smaller than the extracted Internet Protocol Identifier value and modifying the adjacent Internet Protocol Identifier value that is smaller than the extracted Internet Protocol Identifier value to be the extracted Internet Protocol Identifier value if the record table contains the adjacent Internet Protocol Identifier value smaller than the extracted Internet Protocol Identifier value. Otherwise, the detecting method may also include, adding a new record of the extracted Internet Protocol Identifier value and the corresponding terminal serial number into the record table. When a notification is received, the detecting method may calculate the number of terminal serial numbers in the record table and output the number of terminal serial numbers as the number of hosts. The provided detecting method may further provide a corresponding statistic and analyzing server and a detecting system.

摘要翻译： 提供一种检测方法，其包括从获得的数据分组提取因特网协议标识符值。 检测方法还可以包括在包含因特网协议标识符值和终端序列号之间的对应关系的记录表中​​进行搜索，以确定记录表是否包含比所提取的因特网协议标识符值小的相邻互联网协议标识符值，并修改 相邻的因特网协议标识符值小于作为所提取的因特网协议标识符值的提取的因特网协议标识符值，如果记录表包含比所提取的因特网协议标识符值小的相邻互联网协议标识符值。 否则，检测方法还可以包括：将所提取的因特网协议标识符值和相应的终端序列号的新记录添加到记录表中。 当接收到通知时，检测方法可以计算记录表中的终端序列号，并输出终端序列号作为主机数。 所提供的检测方法还可以提供相应的统计和分析服务器和检测系统。

公开(公告)号：US09047937B2

公开(公告)日：2015-06-02

申请号：US13701626

申请日：2011-05-19

申请人： Jinfeng Kang ,  Bin Gao ,  Yuansha Chen ,  Bing Sun ,  Lifeng Liu ,  Xiaoyan Liu

发明人： Jinfeng Kang ,  Bin Gao ,  Yuansha Chen ,  Bing Sun ,  Lifeng Liu ,  Xiaoyan Liu

IPC分类号： G11C11/00 ,  G11C11/36 ,  G11C13/00 ,  H01L27/24 ,  H01L45/00

CPC分类号： G11C13/0002 ,  G11C13/0007 ,  G11C13/003 ,  G11C13/0069 ,  G11C2013/0073 ,  G11C2213/15 ,  G11C2213/72 ,  G11C2213/76 ,  H01L27/2409 ,  H01L27/2463 ,  H01L45/1253 ,  H01L45/16 ,  H01L45/1608

摘要： A resistive random access memory device, a method for manufacturing the resistive random access memory device, and a method for operating the resistive random access memory device are disclosed. The resistive random access memory device includes a resistive switching memory element including two electrodes and a layer of variable-resistance material between the two electrodes, wherein the layer of variable-resistance material exhibits bipolar resistive switching behavior; and a Schottky diode including a metal layer and a p-doped semiconductor layer which contact each other, wherein the metal layer of the Schottky diode is coupled to one of the two electrodes of the resistive switching memory element. The present disclosure provides the resistive random access memory device operating in bipolar resistive switching scheme.

摘要翻译： 公开了电阻随机存取存储器件，制造电阻随机存取存储器件的方法和用于操作电阻随机存取存储器件的方法。 电阻式随机存取存储器件包括电阻式开关存储元件，该电阻开关存储器元件包括两个电极和两个电极之间的可变电阻材料层，其中该可变电阻材料层具有双极电阻开关行为; 以及包括彼此接触的金属层和p掺杂半导体层的肖特基二极管，其中所述肖特基二极管的金属层耦合到所述电阻式开关存储元件的两个电极中的一个。 本公开提供了在双极性电阻式交换方案中工作的电阻随机存取存储器件。

公开(公告)号：US20140359137A1

公开(公告)日：2014-12-04

申请号：US13808890

申请日：2011-03-10

申请人： Lifeng Liu ,  Jian Meng ,  Yuchen Wang ,  Michael A. Ko

发明人： Lifeng Liu ,  Jian Meng ,  Yuchen Wang ,  Michael A. Ko

IPC分类号： H04L29/08

CPC分类号： H04L67/141 ,  H04L61/103 ,  H04L61/6022 ,  H04L61/6045 ,  H04L67/1097 ,  H04L67/16 ,  H04L69/324

摘要： Embodiments of the present invention disclose a method, an apparatus, and a system for establishing an FCoE communication connection and a name server. According to a WWN world wide name identifier of a target to be accessed, a destination MAC address used to access the target to be accessed is acquired. According to the destination MAC address, a login operation is performed for the target to be accessed, to establish an FCoE fiber channel over Ethernet communication connection, so that an FCoE initiator may directly establish a communication connection with an FCoE target, thereby reducing data transmission delay and lightening the processing load of an original FCoE forwarder.

摘要翻译： 本发明的实施例公开了一种用于建立FCoE通信连接和名称服务器的方法，装置和系统。 根据要访问的目标的WWN世界名称标识符，获取用于访问要访问的目标的目的地MAC地址。 根据目的MAC地址，对被访问对象进行登录操作，通过以太网通信连接建立FCoE光纤信道，使得FCoE发起者可以直接建立与FCoE目标的通信连接，从而减少数据传输 延迟和减轻原始FCoE转发器的处理负载。