公开(公告)号：US10412388B2

公开(公告)日：2019-09-10

申请号：US15864843

申请日：2018-01-08

Applicant: Citrix Systems, Inc.

Inventor： Miguel Melnyk ,  Andrew Penner ,  Jeremy Tidemann

IPC: H04N19/124 ,  H04N19/172 ,  H04N19/46 ,  H04N19/152 ,  H04N19/154 ,  H04N19/40

Abstract: A computer-implemented method includes receiving an encoded video frame, decompressing the received encoded video frame, extracting a first quantization parameter (QP) from the decompressed video frame, and acquiring a delta QP based on the first QP. The method also includes acquiring a second QP based on the delta QP and the first QP, compressing the decompressed video frame based on the second QP, and providing the compressed video frame. The first QP corresponds to quantization settings originally used for compressing the encoded video frame. And the second QP corresponds to quantization settings for compressing the decompressed video frame.

公开(公告)号：US08484718B2

公开(公告)日：2013-07-09

申请号：US11462230

申请日：2006-08-03

Applicant: Vinoo Chacko ,  Puneet Agarwal ,  Shashi Nanjudaswamy ,  Ajay Soni

Inventor： Vinoo Chacko ,  Puneet Agarwal ,  Shashi Nanjudaswamy ,  Ajay Soni

IPC: G06F9/00

CPC classification number: H04L63/0272 ,  G06F21/552 ,  G06F21/6218 ,  H04L63/08 ,  H04L63/102

Abstract: Methods for enabling assured records using fine grained auditing of virtual private network traffic include establishing, by an appliance, a transport layer virtual private network connection with a client operated by a user; receiving, by the appliance via the connection, a request from the client identifying a resource; determining, by the appliance, the request meets at least one security condition; transmitting, by the appliance to an audit log, a record of the request; receiving, by the appliance from the audit log, a confirmation that the record was logged; and granting, responsive to the received confirmation, access to the identified resource. Security conditions may identify at least one user, at least one application, a network or group of networks, and one or more resources. Corresponding systems are also described.

Abstract translation: 使用对虚拟专用网络流量进行细粒度审计的保证记录的方法包括由设备建立与用户操作的客户端的传输层虚拟专用网络连接; 通过连接从设备接收识别资源的客户端的请求; 由所述设备确定所述请求满足至少一个安全条件; 由设备向审核日志传送请求的记录; 设备从审核日志接收记录记录的确认; 以及响应于所接收的确认，授予对所识别的资源的访问。 安全条件可以标识至少一个用户，至少一个应用，网络或网络组，以及一个或多个资源。 还描述了相应的系统。

公开(公告)号：US08793486B2

公开(公告)日：2014-07-29

申请号：US13346314

申请日：2012-01-09

Applicant: Tushar Kanekar ,  Sivaprasad Udupa

Inventor： Tushar Kanekar ,  Sivaprasad Udupa

IPC: H04L29/06

CPC classification number: H04L63/166

Abstract: A method for buffering SSL handshake messages prior to computing a message digest for the SSL handshake includes: conducting, by an appliance with a client, an SSL handshake, the SSL handshake comprising a plurality of SSL handshake messages; storing, by the appliance, the plurality of SSL handshake messages; providing, by the appliance to a message digest computing device in response to receiving a client finish message corresponding to the SSL handshake, the plurality of SSL handshake messages; receiving, by the appliance from the message digest computing device, a message digest corresponding to the provided messages; determining by the appliance, the message digest matches a message digest included in the SSL client finish message; and completing, by the appliance with the client, the SSL handshake. Corresponding systems are also described.

Abstract translation: 用于在计算用于SSL握手的消息摘要之前缓存SSL握手消息的方法包括：由具有客户端的设备进行SSL握手，所述SSL握手包括多个SSL握手消息; 由设备存储多个SSL握手消息; 响应于接收到与所述SSL握手相对应的客户端完成消息，所述设备向消息摘要计算设备提供所述多个SSL握手消息; 由所述设备从所述消息摘要计算设备接收与所提供的消息相对应的消息摘要; 由设备确定消息摘要与SSL客户端完成消息中包含的消息摘要相匹配; 并由用户与客户完成SSL握手。 还描述了相应的系统。

公开(公告)号：US20130275543A1

公开(公告)日：2013-10-17

申请号：US13861731

申请日：2013-04-12

Applicant: CITRIX SYSTEMS, INC.

Inventor： Nishant Kumar Jain

IPC: G06F15/167

CPC classification number: G06F15/167 ,  H04L41/0206 ,  H04L41/0213 ,  H04L41/0233 ,  H04L41/046 ,  H04L67/2842 ,  H04L67/2852

Abstract: The SNMP cache of the present solution supports multi-core/multi-node environment by recalculating the SNMP ordering of the entities in the response from multiple cores/nodes at insertion time. The most significant gain is achieved by prefetching or augmenting the cache, wherein while requesting an entity and its stat information, next few entities in SNMP order are requested from the owner processes. SNMP Management systems extensively utilize repeated GETNEXT (such as via a SNMP WALK) and few next responses may be served from the cache directly. Further performance improvements are obtained by introducing another level of cache on top of the existing cache. This auxiliary cache ensures a high hit ratio for repeated SNMP GETNEXT request (SNMP WALK operation) by caching last accessed entity within the main cache. This auxiliary cache also aids in insertion in the larger main cache by maintaining pointers to last accessed entity before the main cache miss. Cache implements other features like new stat inclusion/updating of the already cached entity.

Abstract translation: 本解决方案的SNMP缓存通过在插入时重新计算来自多个核心/节点的响应中的实体的SNMP排序来支持多核/多节点环境。 通过预取或增加高速缓存来实现最显着的增益，其中当请求实体及其统计信息时，从所有者进程请求下一个以SNMP顺序的实体。 SNMP管理系统广泛地利用重复的GETNEXT（例如通过SNMP WALK），并且可以直接从缓存提供几个下一个响应。 通过在现有缓存​​之上引入另一级别的缓存来获得进一步的性能改进。 该辅助缓存通过缓存主缓存中的最后一个访问实体来确保重复SNMP GETNEXT请求（SNMP WALK操作）的高命中率。 该辅助缓存还有助于在主缓存器未命中之前通过维护指向最后访问的实体的指针来插入较大的主缓存。 缓存实现了其他功能，如新的stat包含/更新已经缓存的实体。

公开(公告)号：US20060069750A1

公开(公告)日：2006-03-30

申请号：US10711647

申请日：2004-09-29

Applicant: Gueorgui Momtchilov ,  Ryan BEST

Inventor： Gueorgui Momtchilov ,  Ryan BEST

IPC: G06F15/16

CPC classification number: H04L67/08 ,  H04L67/10

Abstract: A mechanism for detecting events generated from a device in communication with a client system and the re-direction of those events to a server system over a network using a presentation-level protocol is disclosed. Plug and play events are detected at the client system, bound to a virtual connection for a user session, and re-directed for handling to a server-based system using the presentation-level protocol. The server-based system maps the device to the user session. Applications which have registered a callback with the session are informed and generate an appropriate message which is transmitted to the device in communication with the client system via a specified virtual communication connection in the user session.

Abstract translation: 公开了一种用于检测从与客户端系统通信的设备产生的事件以及通过使用呈现级协议通过网络将这些事件重定向到服务器系统的机制。 在客户端系统检测到即插即用事件，绑定到用户会话的虚拟连接，并使用表示级协议重定向到基于服务器的系统的处理。 基于服务器的系统将设备映射到用户会话。 通知已经向会话注册了回呼的应用，并且生成适当的消息，该消息通过用户会话中的指定的虚拟通信连接被发送到与客户端系统通信的设备。

公开(公告)号：US20240056435A1

公开(公告)日：2024-02-15

申请号：US17930918

申请日：2022-09-09

Applicant: Citrix System, Inc.

Inventor： Zhifu ZHANG ,  Hengbo WANG

IPC: H04L9/40 ,  H04L67/141

CPC classification number: H04L63/0823 ,  H04L63/0876 ,  H04L67/141

Abstract: Methods and systems for establishing trust in certificates based on remote user sessions are described herein. A computing device may establish, via a gateway, one or more remote user sessions of virtualized application, cloud-based applications, and/or remote desktops. The computing device may initiate an establishment process for a secure connection with a secure server. The computing device may, as part of the establishment process, may receive a certificate for the secure server. The computing device may locally determine whether the certificate is trusted. If the certificate is not trusted, the computing device may select a remote user session to perform a remote attempt for determining trust in the certificate. The computing device may send the certificate to the selected remote user session and may receive data indicating a result of the remote attempt. The computing device may determine whether the certificate is trusted by the remote attempt.

公开(公告)号：US09292587B2

公开(公告)日：2016-03-22

申请号：US12841003

申请日：2010-07-21

Applicant: Jong J. Kann ,  Pierre P. Rafiq

Inventor： Jong J. Kann ,  Pierre P. Rafiq

IPC: G06F17/30

CPC classification number: G06F17/30581

Abstract: Systems and methods for providing notifications of changes made in a database table to a remote application is presented. The system and methods manage change notification of a table in a database by notifying an application registered to receive notifications of changes made to a database table. A database manager executing on a device may receive a request to register an application to be notified when a first table of a plurality of tables in a database is changed. The database manager may establish a notification table comprising fields of the first table and one or more additional fields for managing notification. The database manager may establish a trigger on the first table to invoke a trigger procedure to copy a changed row of the first table to the notification table. The database manager may create a rule for the notification table to notify registered applications when a new row is inserted into the notification table.

Abstract translation: 介绍了将数据库表中所做更改通知给远程应用程序的系统和方法。 系统和方法通过通知注册的应用程序来接收对数据库表所做的更改的通知来管理数据库中的表的更改通知。 在设备上执行的数据库管理器可以接收在数据库中的多个表的第一表改变时注册要通知的应用的请求。 数据库管理器可以建立包括第一表的字段和用于管理通知的一个或多个附加字段的通知表。 数据库管理器可以在第一表上建立一个触发器，以调用一个触发过程来将第一个表的更改的行复制到通知表。 当新行被插入通知表中时，数据库管理器可以创建通知表的规则来通知已注册的应用程序。

公开(公告)号：US09118569B2

公开(公告)日：2015-08-25

申请号：US13858003

申请日：2013-04-06

Applicant: Citrix Systems, Inc.

Inventor： Varun Taneja ,  Saravana Annamalaisami ,  Rajesh Joshi

IPC: G06F15/16 ,  H04L12/801

CPC classification number: H04L47/12

Abstract: Methods and systems for providing congestion control to a transport control protocol implementation are described. A device detects that there is a congestion event on a transport control protocol (TCP) connection of the device. The device determines that a bandwidth estimate is lower than half a current value of a slow start threshold for the TCP connection. In response to the determination, the device changes the slow start threshold to half of the current value of the slow start threshold for the TCP connection. The bandwidth estimate can be the product of the eligible rate estimate and the minimum round trip time. In some implementations, the transport control protocol implementation is a TCP Westwood implementation.

Abstract translation: 描述了用于向传输控制协议实现提供拥塞控制的方法和系统。 设备检测到设备的传输控制协议（TCP）连接上存在拥塞事件。 该设备确定带宽估计值低于TCP连接的慢启动阈值的当前值的一半。 响应于该确定，设备将慢启动阈值改变为TCP连接的慢启动阈值的当前值的一半。 带宽估计可以是合格率估计和最小往返时间的乘积。 在一些实现中，传输控制协议实现是TCP Westwood实现。