-
公开(公告)号:US11750363B2
公开(公告)日:2023-09-05
申请号:US16949587
申请日:2020-11-04
发明人: Bogdan C. Cebere , Elena Burceanu , Madalina Bolboceanu , Emanuela Haller , Georgiana M. Rosca , Radu Titiu
IPC分类号: H04L9/00 , G06F16/22 , H04L9/32 , H04L61/2539 , H04L61/4511
CPC分类号: H04L9/008 , G06F16/2255 , H04L9/3213 , H04L61/2539 , H04L61/4511
摘要: Described systems and methods allow carrying out privacy-preserving DNS exchanges. In some embodiments, a client machine engages in a private information retrieval (PIR) exchange with a nameserver. In response to receiving an encrypted query from the client, the query formulated according to a domain name, the nameserver may extract a record (e.g., an IP address) from a domain name database without decrypting the respective query. Some embodiments achieve such information retrieval by the use of homomorphic encryption.
-
公开(公告)号:US20230262085A1
公开(公告)日:2023-08-17
申请号:US17670242
申请日:2022-02-11
发明人: Borhan Hosseini , Vlad George Coman
IPC分类号: H04L9/40 , H04L61/2592 , H04L61/2539
CPC分类号: H04L63/1433 , H04L61/2539 , H04L61/2592
摘要: A computing device may receive a plurality of scanning requests with at least one scanning request in the plurality identifying a target address of a target network. The computing device may for at least a subset of the plurality of scanning requests: generate a scanner instance and a virtual network interface card (VNIC) in response to the scanning request. The scanner instance and the VNIC communicating with a routing namespace that can communicate with two or more scanner instances simultaneously. Until the target address has been scanned: one or more packets can be sent from the scanner instance to the target address via the routing namespace and VNIC. The one or more packets can be wrapped in one or more packet wrappers identifying the target address and the target network. In response to the target address being scanned, the scanner instance and VNIC can be decommissioned.
-
公开(公告)号:US11711340B2
公开(公告)日:2023-07-25
申请号:US16853083
申请日:2020-04-20
申请人: Fastly Inc.
发明人: Sean A. Leach , Artur Bergman , Thomas J. Daly
IPC分类号: H04L9/40 , H04L61/5092 , H04L61/2539 , H04L67/02 , H04L61/5007 , H04L61/5038 , H04L61/5061
CPC分类号: H04L63/02 , H04L61/2539 , H04L61/5092 , H04L61/5007 , H04L61/5038 , H04L61/5061 , H04L63/1441 , H04L67/02
摘要: A privatized link between an origin server and a content delivery network is provided. A privatized link can be a direct connection that does not route over the internet. Another privatized link is one that rotates IP addresses. An origin server may be assigned to use a set of multiple IP addresses for communication with the content delivery network. However, at any given time, the origin server is only using a small number of IP addresses. When one of the IP addresses being used to communicate with the content delivery network comes under attack, the origin server switches to another IP address in the set in order to continue serving content to the content delivery network via an IP address that is not under attack.
-
公开(公告)号:US09723023B2
公开(公告)日:2017-08-01
申请号:US13828427
申请日:2013-03-14
发明人: Daniel Joseph Ellard , Alden Warren Jackson , Christine Elaine Jones , Josh Forrest Karlin , Victoria Ursula Manfredi , David Patrick Mankins , William Timothy Strayer
CPC分类号: H04L63/20 , H04L12/24 , H04L41/00 , H04L51/12 , H04L51/28 , H04L61/1511 , H04L61/2539 , H04L63/02 , H04L63/0236 , H04L67/104
摘要: Systems and methods for protecting a network including providing a mapping between internal addresses as seen by devices of the protected network and external addresses; providing devices with a mapped address for a destination in response to a lookup request; rewriting, at a gateway, destination addresses of packets exiting the protected network based on the mapping; and rewriting, at the destination-network gateway, source addresses of packets entering the protected network based on the mapping. Embodiments include a gateway coupled to a protected network, an external network, and a name server. The name server, in response to a hostname lookup request, configured to provide a network device with the internal address; and the gateway with a mapping including the internal address, the addresses of the device, and the hostname. The gateway configured to rewrite destination addresses of outbound packets, and source addresses of inbound packets, based on the mapping.
-
公开(公告)号:US09712501B2
公开(公告)日:2017-07-18
申请号:US14919246
申请日:2015-10-21
IPC分类号: H04L29/06
CPC分类号: H04L63/0428 , H04L45/50 , H04L45/64 , H04L61/10 , H04L61/2525 , H04L61/2539 , H04L63/0407 , H04L69/22
摘要: A system and method for the randomization of packet headers is disclosed. A controller is used to provide random values, also referred to as nonces, that replace the source and destination addresses that typically appear in a packet header. The controller also provides routing rules to the switches and routers in the network that allow these devices to properly route packets, even though the source and destination addresses are not present. In some embodiments, network devices that support software-defined networking (SDN) are employed. The number of times that a particular nonce is used may be variable. In some embodiments, a nonce is used for exactly one packet header. In this way, packets may traverse a network using nonces in place of actual source and destination addresses. Because the nonces are changed periodically, detection of traffic patterns is made significantly more difficult.
-
公开(公告)号:US09380444B2
公开(公告)日:2016-06-28
申请号:US14126900
申请日:2013-09-27
申请人: Intel IP Corporation
发明人: Vivek Gupta
IPC分类号: H04M1/00 , H04W8/00 , H04W72/04 , H04W74/02 , H04W76/02 , H04W72/00 , H04W76/04 , H04L12/46 , H04W4/00 , H04L29/12 , H04W28/02 , H04W40/02 , H04W48/18 , H04W24/06 , H04W74/00 , H04W74/04 , H04W74/08 , H04W36/00 , H04W36/30 , H04L27/26 , H04W40/24 , H04W24/02 , H04W88/06 , H04L12/725 , H04W28/08
CPC分类号: H04W8/005 , H04L12/4633 , H04L27/2614 , H04L45/30 , H04L47/11 , H04L47/12 , H04L61/2514 , H04L61/2525 , H04L61/2539 , H04L61/2564 , H04L61/2575 , H04L61/2592 , H04L61/6077 , H04W4/70 , H04W4/80 , H04W24/02 , H04W24/06 , H04W28/02 , H04W28/0289 , H04W28/08 , H04W28/12 , H04W36/0088 , H04W36/30 , H04W40/02 , H04W40/244 , H04W48/08 , H04W48/14 , H04W48/16 , H04W48/18 , H04W52/0216 , H04W52/028 , H04W72/005 , H04W72/02 , H04W72/0413 , H04W72/042 , H04W72/0446 , H04W74/002 , H04W74/02 , H04W74/04 , H04W74/08 , H04W76/14 , H04W76/23 , H04W76/27 , H04W76/28 , H04W84/12 , H04W88/06 , Y02D70/00 , Y02D70/1222 , Y02D70/1224 , Y02D70/1226 , Y02D70/1242 , Y02D70/1262 , Y02D70/1264 , Y02D70/142 , Y02D70/144 , Y02D70/146 , Y02D70/21 , Y02D70/22 , Y02D70/23
摘要: Methods, systems, and devices for network selection are disclosed herein. User equipment (UE) includes a communication component, a rules component, and a network selection component. The communication component may be configured to communicate over a 3GPP network and a non-cellular network. The rules component may be configured to store an access network discovery and selection function (ANDSF) management object (MO) that includes wireless local area network (WLAN) selection policies for network selection on the UE. The WLAN selection policies may include interworking WLAN (I-WLAN) policies and Hotspot 2.0 (HS2.0) parameters. The network selection component is configured to select an available WLAN based on the ANDSF MO.
摘要翻译: 本文公开了用于网络选择的方法,系统和设备。 用户设备(UE)包括通信组件,规则组件和网络选择组件。 通信组件可以被配置为通过3GPP网络和非蜂窝网络进行通信。 规则组件可以被配置为存储包括用于UE上的网络选择的无线局域网(WLAN)选择策略的接入网络发现和选择功能(ANDSF)管理对象(MO))。 WLAN选择策略可以包括互通WLAN(I-WLAN)策略和Hotspot 2.0(HS2.0)参数。 网络选择组件被配置为基于ANDSF MO选择可用的WLAN。
-
7.发明申请公开(公告)号:US20150373596A1
公开(公告)日:2015-12-24
申请号:US14763204
申请日:2013-12-26
申请人: CANDY YIU
发明人: CANDY YIU
CPC分类号: H04W8/005 , H04L12/4633 , H04L27/2614 , H04L45/30 , H04L47/11 , H04L47/12 , H04L61/2514 , H04L61/2525 , H04L61/2539 , H04L61/2564 , H04L61/2575 , H04L61/2592 , H04L61/6077 , H04W4/70 , H04W4/80 , H04W24/02 , H04W24/06 , H04W28/02 , H04W28/0289 , H04W28/08 , H04W28/12 , H04W36/0088 , H04W36/30 , H04W40/02 , H04W40/244 , H04W48/08 , H04W48/14 , H04W48/16 , H04W48/18 , H04W52/0216 , H04W52/028 , H04W72/005 , H04W72/02 , H04W72/0413 , H04W72/042 , H04W72/0446 , H04W74/002 , H04W74/02 , H04W74/04 , H04W74/08 , H04W76/14 , H04W76/23 , H04W76/27 , H04W76/28 , H04W84/12 , H04W88/06 , Y02D70/00 , Y02D70/1222 , Y02D70/1224 , Y02D70/1226 , Y02D70/1242 , Y02D70/1262 , Y02D70/1264 , Y02D70/142 , Y02D70/144 , Y02D70/146 , Y02D70/21 , Y02D70/22 , Y02D70/23
摘要: Generally, this disclosure provides apparatus and methods for improved handover with ping pong avoidance in wireless heterogeneous networks. The UE device may include a handover (HO) module configured to determine a reference signal received power (RSRP) difference between a serving cell and a neighbor cell and to select a TimeToTrigger (TTT) related to an HO measurement report based, at least in part, on the RSRP difference.
摘要翻译: 通常,本公开提供了用于在无线异构网络中改进乒乓避免的切换的装置和方法。 UE设备可以包括切换(HO)模块,其被配置为确定服务小区和相邻小区之间的参考信号接收功率(RSRP)差异,并且至少在 部分,关于RSRP差异。
-
公开(公告)号:US20150358285A1
公开(公告)日:2015-12-10
申请号:US13828546
申请日:2013-03-14
发明人: Daniel Joseph Ellard , Alden Warren Jackson , Christine Elaine Jones , Josh Forrest Karlin , Victoria Ursula Manfredi , David Patrick Mankins , William Timothy Strayer
CPC分类号: H04L63/20 , H04L12/24 , H04L41/00 , H04L51/12 , H04L51/28 , H04L61/1511 , H04L61/2539 , H04L63/02 , H04L63/0236 , H04L67/104
摘要: Systems and methods for protecting a network including preventing data traffic from exiting the network unless a domain name request has been performed by a device attempting to transmit the data traffic. In an embodiment, a device within the protected network attempting to send data outside the protected network requests an address for a destination outside the protected network from a domain name server (DNS). In response, the DNS provides an address of the destination to the device and a gateway. In response to receiving the address, the gateway temporarily allows access to the address. In an embodiment, a DNS is coupled to a protected network and the gateway, the DNS provides an external address to a device in response to a request; and a mapping to the gateway; the gateway, coupled to a protected network and an external network, allows traffic according to the mapping.
摘要翻译: 用于保护网络的系统和方法,包括防止数据流量离开网络,除非域名请求已被尝试发送数据业务的设备执行。 在一个实施例中,受保护网络内尝试在受保护网络外发送数据的设备向域名服务器(DNS)请求受保护网络外的目标地址。 作为响应,DNS向设备和网关提供目的地的地址。 响应于接收地址,网关临时允许访问地址。 在一个实施例中,DNS被耦合到受保护的网络和网关,DNS响应于请求向设备提供外部地址; 和映射到网关; 耦合到受保护网络和外部网络的网关允许根据映射的流量。
-
9.发明授权Method of and a server for establishing communication in a telecommunication system wherein calling party identity is withheld 有权用于在电信系统中建立通信的方法和服务器,其中主叫方身份被拒绝公开(公告)号:US09020113B2
公开(公告)日:2015-04-28
申请号:US14112120
申请日:2011-04-20
CPC分类号: H04M15/10 , H04L61/1529 , H04L61/2539 , H04L61/3085 , H04L65/1006 , H04L65/1016 , H04L65/1069 , H04L65/1096 , H04M3/42008 , H04M3/42042 , H04M3/42059 , H04M3/42195 , H04M15/745 , H04M2203/6009 , H04M2215/0108
摘要: A method (10) of and a server (60) and telecommunication system (30) for establishing communication (11) from a first party (31) having a first party identity to a second party (32) having a second party identity, wherein said first party identity is withheld for said second party (32). A token or correlation identifier (67) unique for the communication is generated (15), and the token or correlation identifier (67) is associated (16) with the first party identity for establishing a further communication in the telecommunication system (30) between the first party (31) and the second party Calling party (32) based on this token or correlation identifier (67).
摘要翻译: 一种用于从具有第一方身份的第一方(31)建立通信(11)的服务器(60)和电信系统(30)的方法(10)以及具有第二方身份的第二方(32)的通信(11),其中 所谓第二方的第一方身份被拒绝(32)。 产生用于通信的令牌或相关标识符(67)(15),令牌或相关标识符(67)与第一方身份相关联(16),用于在电信系统(30)中建立进一步的通信 基于该令牌或相关标识符(67)的第一方(31)和第二方呼叫方(32)。
-
公开(公告)号:US08984618B2
公开(公告)日:2015-03-17
申请号:US13611925
申请日:2012-09-12
申请人: Ho Sun Yoon , Sung Back Hong , Jung Sik Kim , Seong Moon , Sun Cheul Kim , Seung Woo Hong , Sang Jin Hong , Pyung Koo Park , Young Soo Shin , Ho Yong Ryu , Soon Seok Lee
发明人: Ho Sun Yoon , Sung Back Hong , Jung Sik Kim , Seong Moon , Sun Cheul Kim , Seung Woo Hong , Sang Jin Hong , Pyung Koo Park , Young Soo Shin , Ho Yong Ryu , Soon Seok Lee
CPC分类号: G06F21/00 , H04L12/4633 , H04L12/4641 , H04L61/2514 , H04L61/2539 , H04L61/2592 , H04L63/0227 , H04L63/0236 , H04L63/0245 , H04L63/0263 , H04L63/0272 , H04L63/104
摘要: Disclosed are a system for managing virtual private networks (VPNs) includes: terminals configured to transmit user data; a manager configured to transmit information for concealing networks and managing the VPNs; border gateways configured to decrypt the user data and perform a network address translation (NAT) procedure and a filtering procedure on the decrypted user data based on the information; and servers configured to receive the user data subjected to the NAT procedure and the filtering procedure, wherein the filtering procedure is a procedure discarding the user data to be transferred to the servers that are not allowed so as to allow the terminals to access only the allowed servers, the NAT procedure is a procedure changing an Internet protocol (IP) address used in a first network to an IP address used in a second network, and the first network and the second network are different networks.
摘要翻译: 公开了一种用于管理虚拟专用网络(VPN)的系统,包括:被配置为传送用户数据的终端; 配置为传送隐藏网络和管理VPN的信息的管理器; 边界网关被配置为基于该信息解密用户数据并对解密的用户数据执行网络地址转换(NAT)过程和过滤程序; 以及被配置为接收经历了NAT过程和过滤过程的用户数据的服务器,其中,过滤程序是丢弃要传送到不允许的服务器的用户数据以允许终端仅访问允许的用户数据 服务器,NAT过程是将第一网络中使用的因特网协议(IP)地址改变为在第二网络中使用的IP地址的过程,并且第一网络和第二网络是不同的网络。
-
-
-
-
-
-
-
-
-
搜索结果
261 条记录 (耗时 0.023 秒)
