利索-全球专利检索

  1. 登录
  2. 注册

搜索结果

39 条记录 (耗时 0.025 秒)

    TECHNIQUE FOR CHANGING GROUP MEMBER REACHABILITY INFORMATION
    1.
    发明申请
    TECHNIQUE FOR CHANGING GROUP MEMBER REACHABILITY INFORMATION 审中-公开
    改变集团会员可追溯性信息的技术

    公开(公告)号:US20080298592A1

    公开(公告)日:2008-12-04

    申请号:US11754780

    申请日:2007-05-29

    申请人: Mohamed Khalid Aamer S. Akhter Rajiv Asati Brian E. Weis

    发明人: Mohamed Khalid Aamer S. Akhter Rajiv Asati Brian E. Weis

    IPC分类号: H04L9/12

    CPC分类号: H04L9/0833 H04L9/0891 H04L63/0272 H04L63/065

    摘要: In one embodiment, a technique for updating an address associated with a first entity in a communications network with a second entity in the communications network wherein the address is used to forward information to the first entity from the second entity. The first entity registers a first address associated with the first entity with the second entity. The first entity determines that a second address associated with the first entity is to be used instead of the first address to communicate with the first entity. The first entity generates an update message containing the second address, the update message obviating having to register the second address with the second entity. The first entity forwards the update message to the second entity to cause the second entity to use the second address instead of the first address to forward information to the first entity.

    摘要翻译: 在一个实施例中,一种用于在通信网络中与第二实体更新与通信网络中的第一实体相关联的地址的技术,其中所述地址用于将信息从所述第二实体转发到所述第一实体。 第一实体将与第一实体相关联的第一地址与第二实体注册。 第一实体确定将使用与第一实体相关联的第二地址而不是与第一实体进行通信的第一地址。 第一实体生成包含第二地址的更新消息,更新消息消除了必须向第二实体注册第二地址。 第一实体将更新消息转发给第二实体以使第二实体使用第二地址而不是第一地址来将信息转发到第一实体。

    SYSTEM AND METHOD FOR IMPROVING SPOKE TO SPOKE COMMUNICATION IN A COMPUTER NETWORK
    2.
    发明申请
    SYSTEM AND METHOD FOR IMPROVING SPOKE TO SPOKE COMMUNICATION IN A COMPUTER NETWORK 有权
    用于改进计算机网络中的支持通信的系统和方法

    公开(公告)号:US20090097417A1

    公开(公告)日:2009-04-16

    申请号:US11871508

    申请日:2007-10-12

    申请人: Rajiv Asati Mohamed Khalid Brian E. Weis Pratima Pramod Sethi

    发明人: Rajiv Asati Mohamed Khalid Brian E. Weis Pratima Pramod Sethi

    IPC分类号: H04L12/28

    CPC分类号: H04L45/00 H04L45/02 H04L63/0272 H04L63/061 H04L63/164

    摘要: Various embodiments of the disclosed subject matter provide methods and systems for improved efficiency in spoke-to-spoke network communication. Embodiments provide systems and methods for registering a spoke with a hub, updating at least one database with spoke registration information at the hub, and advertising the spoke registration information to other spokes using a single control plane that includes transport security, peer discovery, and unicast routing information.

    摘要翻译: 所公开的主题的各种实施例提供了用于提高辐对话网络通信的效率的方法和系统。 实施例提供了用于将轮辐与集线器进行注册的系统和方法,在集线器处用轮辐注册信息更新至少一个数据库,并且使用包括传输安全性,对等体发现和单播的单个控制平面向其他轮辐广告该辐条登记信息 路由信息。

    System and method for improving spoke to spoke communication in a computer network
    3.
    发明授权
    System and method for improving spoke to spoke communication in a computer network 有权
    用于改善计算机网络中的讲话通信的系统和方法

    公开(公告)号:US08625610B2

    公开(公告)日:2014-01-07

    申请号:US11871508

    申请日:2007-10-12

    申请人: Rajiv Asati Mohamed Khalid Brian E. Weis Pratima Pramod Sethi

    发明人: Rajiv Asati Mohamed Khalid Brian E. Weis Pratima Pramod Sethi

    IPC分类号: H04L12/28

    CPC分类号: H04L45/00 H04L45/02 H04L63/0272 H04L63/061 H04L63/164

    摘要: Various embodiments of the disclosed subject matter provide methods and systems for improved efficiency in spoke-to-spoke network communication. Embodiments provide systems and methods for registering a spoke with a hub, updating at least one database with spoke registration information at the hub, and advertising the spoke registration information to other spokes using a single control plane that includes transport security, peer discovery, and unicast routing information.

    摘要翻译: 所公开的主题的各种实施例提供了用于提高辐对话网络通信的效率的方法和系统。 实施例提供了用于将轮辐与集线器进行注册的系统和方法,在集线器处用轮辐注册信息更新至少一个数据库,并且使用包括传输安全性,对等体发现和单播的单个控制平面向其他轮辐广告该辐条登记信息 路由信息。

    Methods and apparatus for providing an enhanced dynamic multipoint virtual private network architecture
    4.
    发明授权
    Methods and apparatus for providing an enhanced dynamic multipoint virtual private network architecture 有权
    用于提供增强的动态多点虚拟专用网络架构的方法和装置

    公开(公告)号:US07602737B2

    公开(公告)日:2009-10-13

    申请号:US11414787

    申请日:2006-05-01

    申请人: Rajiv Asati Mohamed Khalid Brian E. Weis Pratima Pramod Sethi

    发明人: Rajiv Asati Mohamed Khalid Brian E. Weis Pratima Pramod Sethi

    IPC分类号: H04L12/28

    CPC分类号: H04L12/4633 H04L45/00 H04L45/30

    摘要: A system transmits, to a hub from a first spoke, first routing information associated with the first spoke. The system receives, at the first spoke, from the hub, second routing information associated with a plurality of spokes in communication with the hub. The plurality of spokes includes a second spoke. The system resolves, at the first spoke, a next hop determination for the packet based on the second routing information received from the hub. The system routes the packet from the first spoke to the second spoke using the next hop determination.

    摘要翻译: 系统从第一辐条向中枢发送与第一辐条相关联的第一路由信息。 系统在第一辐条时从集线器接收与与集线器通信的多个辐条相关联的第二路由信息。 多个辐条包括第二辐条。 基于从集线器接收到的第二路由信息,系统在第一个分支处解析分组的下一跳确定。 系统使用下一跳确定路由数据包从第一个辐条到第二个辐条。

    Key generation for networks
    6.
    发明授权
    Key generation for networks 有权
    网络的关键一代

    公开(公告)号:US08867747B2

    公开(公告)日:2014-10-21

    申请号:US12414772

    申请日:2009-03-31

    申请人: David A. McGrew Brian E. Weis

    发明人: David A. McGrew Brian E. Weis

    IPC分类号: H04L9/08

    CPC分类号: H04L9/0869 H04L9/083

    摘要: Systems, methods, and other embodiments associated with key generation for networks are described. One example method includes configuring a key server with a pseudo-random function (PRF). The key server may provide keying material to gateways. The method may also include controlling the key server to generate a cryptography data structure (e.g., D-matrix) based, at least in part, on the PRF and a seed value. The method may also include controlling the key server to selectively distribute a portion of the cryptography data structure and/or data derived from the cryptography data structure to a gateway. The gateway may then encrypt communications based, at least in part, on the portion of the cryptography data structure. The method may also include selectively distributing an epoch value to members of the set of gateways that may then decrypt an encrypted communication based, at least in part, on the epoch value.

    摘要翻译: 描述了与网络的密钥生成相关联的系统,方法和其他实施例。 一个示例性方法包括配置具有伪随机函数(PRF)的密钥服务器。 密钥服务器可以向网关提供密钥材料。 该方法还可以包括:至少部分地基于PRF和种子值来控制密钥服务器以生成加密数据结构(例如,D矩阵)。 该方法还可以包括控制密钥服务器以选择性地将加密数据结构的一部分和/或从加密数据结构导出的数据分发到网关。 网关可以至少部分地基于加密数据结构的一部分加密通信。 该方法还可以包括选择性地将时代值分配到该组网关的成员,该网关组可以至少部分地基于时期值来解密加密的通信。

    SYSTEM AND METHOD FOR PROVIDING PREFIXES INDICATIVE OF MOBILITY PROPERTIES IN A NETWORK ENVIRONMENT
    7.
    发明申请
    SYSTEM AND METHOD FOR PROVIDING PREFIXES INDICATIVE OF MOBILITY PROPERTIES IN A NETWORK ENVIRONMENT 有权
    用于提供在网络环境中表示移动性的前缀的系统和方法

    公开(公告)号:US20110258431A1

    公开(公告)日:2011-10-20

    申请号:US12762204

    申请日:2010-04-16

    申请人: Srinath Gundavelli Brian E. Weis

    发明人: Srinath Gundavelli Brian E. Weis

    IPC分类号: H04L12/56 H04L29/06

    CPC分类号: H04L61/2007 H04L29/12254 H04L29/12283 H04L29/12933 H04L45/00 H04L45/72 H04L61/2038 H04L61/2061 H04L61/6068 H04L63/0428 H04L67/12 H04W8/04 H04W72/04

    摘要: An example method includes receiving an Internet protocol (IP) address request in a network and selecting an IP address associated with a prefix that represents an IP subnet. The prefix includes a color attribute to be provided as part of a communication session that includes a plurality of packets. The prefix defines one or more properties associated with an application for the session. The prefix is communicated to a network element in a signaling plane, the prefix is configured to be used to make a routing decision for at least some of the plurality of packets. In more specific embodiments, the method can include applying one or more network policies based on the prefix associated with the IP address. The method could also include decrypting an encryption protocol in order to identify the prefix of a subsequent communication flow, and executing a routing decision based on the prefix.

    摘要翻译: 示例性方法包括在网络中接收因特网协议(IP)地址请求,并且选择与表示IP子网的前缀相关联的IP地址。 前缀包括要作为包括多个分组的通信会话的一部分提供的颜色属性。 前缀定义与会话的应用程序相关联的一个或多个属性。 前缀被传送到信令平面中的网元,前缀被配置为用于为多个分组中的至少一些分组做出路由决定。 在更具体的实施例中,该方法可以包括基于与IP地址相关联的前缀应用一个或多个网络策略。 该方法还可以包括解密加密协议以便识别后续通信流的前缀,以及基于前缀执行路由决定。

    Method and apparatus for distributing group data in a tunneled encrypted virtual private network
    9.
    发明授权
    Method and apparatus for distributing group data in a tunneled encrypted virtual private network 有权
    在隧道加密的虚拟专用网络中分发组数据的方法和装置

    公开(公告)号:US07761702B2

    公开(公告)日:2010-07-20

    申请号:US11107532

    申请日:2005-04-15

    申请人: Brian E. Weis Jan Vilhuber Michael Lee Sullenberger Frederic R.P. Detienne

    发明人: Brian E. Weis Jan Vilhuber Michael Lee Sullenberger Frederic R.P. Detienne

    IPC分类号: H04L9/00

    CPC分类号: H04L12/1886 H04L45/16 H04L63/0428 H04L63/065

    摘要: A packet forwarding process, on a data communications device, forwards a packet to a plurality of destinations within a network from that data communications device using an “encrypt then replicate” method. The packet forwarding process receives a packet that is to be transmitted to the plurality of destinations, and applies a security association to the packet using security information shared between the data communications device, and the plurality of destinations, to create a secured packet. The secured packet contains a header that has a source address and a destination address. The source address is inserted into the header, and then the packet forwarding process replicates the secured packet, once for each of the plurality of destinations. After replication, the destination address is inserted into the header, and the packet forwarding process transmits each replicated secured packet to each of the plurality of destinations authorized to maintain the security association.

    摘要翻译: 在数据通信设备上的分组转发过程使用“加密然后复制”方法将数据包从该数据通信设备转发到网络内的多个目的地。 分组转发过程接收要发送到多个目的地的分组,并且使用在数据通信设备和多个目的地之间共享的安全信息来向分组应用安全关联,以创建安全分组。 安全数据包包含一个具有源地址和目标地址的报头。 源地址被插入到报头中,然后分组转发过程对多个目的地中的每个目的地一次复制安全分组。 在复制之后,目的地址被插入到报头中,并且分组转发过程将每个复制的安全分组传送到被授权维护安全关联的多个目的地中的每一个。

    Method for self-synchronizing time between communicating networked systems using timestamps
    10.
    发明授权
    Method for self-synchronizing time between communicating networked systems using timestamps 有权
    使用时间戳通信网络系统之间的自同步时间的方法

    公开(公告)号:US07676679B2

    公开(公告)日:2010-03-09

    申请号:US11059178

    申请日:2005-02-15

    申请人: Brian E. Weis David A. McGrew

    发明人: Brian E. Weis David A. McGrew

    IPC分类号: H04L9/00 H04L9/32

    CPC分类号: H04L9/12 H04L9/3297 H04L63/126 H04L63/1466

    摘要: Nodes in a network include a pseudo-timestamp in messages or packets, derived from local pseudo-time clocks. When a packet is received, a first time is determined representing when the packet was sent and a second time is determined representing when the packet was received. If the difference between the second time and the first time is greater than a predetermined amount, the packet is considered to be stale and is rejected, thereby deterring replay. Because each node maintains its own clock and time, to keep the clocks relatively synchronized, if a time associated with a timestamp of a received packet is later than a certain amount with respect to the time at the receiver, the receiver's clock is set ahead by an amount that expected to synchronize the receiver's and the sender's clocks. However, a receiver never sets its clock back, to deter attacks.

    摘要翻译: 网络中的节点包括从本地伪时间时钟导出的消息或分组中的伪时间戳。 当接收到分组时,确定第一次表示何时发送分组,并且确定表示何时接收分组的第二时间。 如果第二时间和第一时间之间的差异大于预定量,则该分组被认为是陈旧的并且被拒绝,从而阻止重放。 由于每个节点保持其自身的时钟和时间,为了保持时钟相对同步,如果与接收到的分组的时间戳相关联的时间相对于接收机的时间晚于一定量,则将接收机的时钟设置在 预计会使接收器和发送器的时钟同步的量。 然而,接收机从未将其时钟重新设置为阻止攻击。