-
公开(公告)号:US11677663B2
公开(公告)日:2023-06-13
申请号:US17400325
申请日:2021-08-12
发明人: Tristan Lloyd Mullis , Josh Powers
IPC分类号: H04L45/64 , H04L45/7453 , H04L45/00
CPC分类号: H04L45/64 , H04L45/38 , H04L45/7453
摘要: A software-defined network (SDN) rule modification counter system provides counters that track all changes and edits to rules at SDN controllers and SDN switches on an SDN. The system compares counters at the SDN controller and SDN switch to determine if they match. If the counters do not match, a change has been made to the rules. With the addition of rule edit statistics the SDN controller will now have visibility that a rule modification was performed. The SDN controller then verifies that the state of the device is the same as its expected state as a secondary integrity check. Based on the rule modification notification, changes to a central rules table at the SDN controller and changes to rule settings at the SDN switch are made according to pre-programmed logic.
-
公开(公告)号:US20230053223A1
公开(公告)日:2023-02-16
申请号:US17400325
申请日:2021-08-12
发明人: Tristan Lloyd Mullis , Josh Powers
IPC分类号: H04L12/715 , H04L12/721 , H04L12/743
摘要: A software-defined network (SDN) rule modification counter system provides counters that track all changes and edits to rules at SDN controllers and SDN switches on an SDN. The system compares counters at the SDN controller and SDN switch to determine if they match. If the counters do not match, a change has been made to the rules. With the addition of rule edit statistics the SDN controller will now have visibility that a rule modification was performed. The SDN controller then verifies that the state of the device is the same as its expected state as a secondary integrity check. Based on the rule modification notification, changes to a central rules table at the SDN controller and changes to rule settings at the SDN switch are made according to pre-programmed logic.
-
公开(公告)号:US10979309B2
公开(公告)日:2021-04-13
申请号:US16534637
申请日:2019-08-07
发明人: Rhett Smith , David M. Buehler , Josh Powers
IPC分类号: H04L12/24 , H04L12/26 , G06F9/451 , H04L12/721
摘要: The present disclosure pertains to systems and methods for generation of a physical and logical design of a software defined network (SDN). In one embodiment, a system may receive a plurality of user-provided parameters associated with a plurality of performance requirements of the SDN. A library may include performance metrics of a plurality of devices comprised in the SDN. An SDN design subsystem may generate the physical and logical design of the SDN based on the user-provided parameters and the performance metrics of the devices in the library. A traffic routing subsystem may generate a plurality of communication flows based on the logical design of the physical and logical design and to be implemented by the SDN. An SDN simulation subsystem may generate an assessment of the physical and logical design of the SDN and the plurality of communication flows in comparison to the user-provided parameters.
-
公开(公告)号:US11245699B2
公开(公告)日:2022-02-08
申请号:US16655663
申请日:2019-10-17
IPC分类号: H04L29/06
摘要: The present disclosure pertains to systems and methods of restricting access to devices utilizing tokens. In some embodiments, a system may include a user requesting a token, ensuring the user requesting a token has the permission to request the token and is not the user approving the token. In some embodiments, the system may include the user granting the token, wherein the user granting the token is not the user receiving the token. The system ensures that the user accessing the device has the permission to access the device. Additionally, the system decreases the opportunities for insider attacks and increases the resistance to credential theft attacks. Further, the system increases the accountability for changes and the ability to review changes.
-
公开(公告)号:US11012442B2
公开(公告)日:2021-05-18
申请号:US16381592
申请日:2019-04-11
发明人: Josh Powers , Rhett Smith , Robert Meine , Dennis Gammel
摘要: The present disclosure pertains to systems and methods of handling Address Resolution Protocol (ARP) responses in a software defined network (SDN). In one embodiment, a system may comprise a controller in a control plane to generate an address store comprising information associated with a plurality of devices in communication with the SDN. The controller may also program a plurality of network devices in a data plane based on a plurality of communication flows. The network devices may forward traffic according to the plurality of communication flows received from the controller. The network device may also receive: a request from the first device for information associated with the second device, determine that the first device is authorized to communicate with the second device based on the plurality of communication flows, and generate a response to the request comprising the information associated with the second device based on the address store.
-
公开(公告)号:US09923779B2
公开(公告)日:2018-03-20
申请号:US14803786
申请日:2015-07-20
IPC分类号: H04L12/24 , H04L12/717 , H04L12/751 , H04L12/851
CPC分类号: H04L41/12 , H04L41/0883 , H04L41/0886 , H04L45/02 , H04L45/42 , H04L47/2483 , Y04S40/162 , Y04S40/164
摘要: The present disclosure pertains to systems and method for configuration of communication flows in a software defined network (“SDN”). In one embodiment, a system is operable to configure a communication flow between a first host and a second host. A mode selection subsystem is configured to cause a plurality of network devices in a network connecting the first communication host and the second communication host to transition between an open mode and an SDN operating mode. In the open mode, the network devices may discover a communication path between the first host and the second host. An analysis subsystem may receive information from the plurality of network devices information about the discovered path, and a topology discovery subsystem may be configured to create a communication flow corresponding to the discovered path. The communication flow may allow communication between the first host and the second host in the SDN operating mode.
-
公开(公告)号:US20170026243A1
公开(公告)日:2017-01-26
申请号:US14803786
申请日:2015-07-20
IPC分类号: H04L12/24 , H04L12/851 , H04L12/751
CPC分类号: H04L41/12 , H04L41/0883 , H04L41/0886 , H04L45/02 , H04L45/42 , H04L47/2483 , Y04S40/162 , Y04S40/164
摘要: The present disclosure pertains to systems and method for configuration of communication flows in a software defined network (“SDN”). In one embodiment, a system is operable to configure a communication flow between a first host and a second host. A mode selection subsystem is configured to cause a plurality of network devices in a network connecting the first communication host and the second communication host to transition between an open mode and an SDN operating mode. In the open mode, the network devices may discover a communication path between the first host and the second host. An analysis subsystem may receive information from the plurality of network devices information about the discovered path, and a topology discovery subsystem may be configured to create a communication flow corresponding to the discovered path. The communication flow may allow communication between the first host and the second host in the SDN operating mode.
摘要翻译: 本公开涉及用于在软件定义网络(“SDN”)中配置通信流的系统和方法。 在一个实施例中,系统可操作以配置第一主机和第二主机之间的通信流。 模式选择子系统被配置为使连接第一通信主机和第二通信主机的网络中的多个网络设备在打开模式和SDN操作模式之间转换。 在打开模式下,网络设备可以发现第一主机和第二主机之间的通信路径。 分析子系统可以从多个网络设备接收关于所发现的路径的信息的信息,并且拓扑发现子系统可以被配置为创建与所发现的路径相对应的通信流。 通信流可以允许SDN操作模式中的第一主机和第二主机之间的通信。
-
公开(公告)号:US12021747B2
公开(公告)日:2024-06-25
申请号:US18301750
申请日:2023-04-17
发明人: Tristan Lloyd Mullis , Josh Powers
IPC分类号: H04L45/64 , H04L45/00 , H04L45/7453
CPC分类号: H04L45/64 , H04L45/38 , H04L45/7453
摘要: A software-defined network (SDN) rule modification counter system provides counters that track all changes and edits to rules at SDN controllers and SDN switches on an SDN. The system compares counters at the SDN controller and SDN switch to determine if they match. If the counters do not match, a change has been made to the rules. With the addition of rule edit statistics the SDN controller will now have visibility that a rule modification was performed. The SDN controller then verifies that the state of the device is the same as its expected state as a secondary integrity check. Based on the rule modification notification, changes to a central rules table at the SDN controller and changes to rule settings at the SDN switch are made according to pre-programmed logic.
-
公开(公告)号:US11283613B2
公开(公告)日:2022-03-22
申请号:US16655642
申请日:2019-10-17
IPC分类号: H04L9/32 , H04L29/06 , G05B19/042
摘要: Systems and methods are disclosed herein relating to the secure configuration of intelligent electronic devices. Intelligent electronic devices are used in electric power generation and transmission systems for protection, control, automation, and/or monitoring of equipment. The use of tokens and token-based digital signatures in the configuration process of intelligent electronic devices reduces the likelihood of malicious acts or unintended errors. Tokens distributed to engineers, technicians, intelligent electronic devices, computing devices, and/or software decrease the likelihood of errors being introduced in the configuration process.
-
公开(公告)号:US20210119795A1
公开(公告)日:2021-04-22
申请号:US16655642
申请日:2019-10-17
IPC分类号: H04L9/32 , H04L29/06 , G05B19/042
摘要: Systems and methods are disclosed herein relating to the secure configuration of intelligent electronic devices. Intelligent electronic devices are used in electric power generation and transmission systems for protection, control, automation, and/or monitoring of equipment. The use of tokens and token-based digital signatures in the configuration process of intelligent electronic devices reduces the likelihood of malicious acts or unintended errors. Tokens distributed to engineers, technicians, intelligent electronic devices, computing devices, and/or software decrease the likelihood of errors being introduced in the configuration process.
-
-
-
-
-
-
-
-
-
搜索结果
25 条记录 (耗时 0.022 秒)
