公开(公告)号：US12058133B2

公开(公告)日：2024-08-06

申请号：US17496314

申请日：2021-10-07

Applicant: Cyral Inc.

Inventor： Manav Ratan Mital ,  Srinivas Nageswarrao Vadlamani ,  Pramod Chandraiah ,  Hugo Araújo de Sousa

IPC: H04L29/06 ,  G06F11/30 ,  G06F11/34 ,  G06F16/2453 ,  G06F21/31 ,  G06F21/60 ,  G06F21/62 ,  H04L9/40 ,  H04L69/326 ,  H04L69/329 ,  H04L67/01

CPC classification number: H04L63/0884 ,  G06F11/3006 ,  G06F11/3438 ,  G06F11/3476 ,  G06F16/24547 ,  G06F21/31 ,  G06F21/604 ,  G06F21/6227 ,  G06F21/6254 ,  H04L63/0281 ,  H04L63/101 ,  H04L63/102 ,  H04L63/104 ,  H04L63/105 ,  H04L63/1425 ,  H04L63/166 ,  H04L63/168 ,  H04L69/326 ,  H04L69/329 ,  G06F2221/2107 ,  H04L67/01 ,  H04L2463/082

Abstract: A method and system for performing federated identity management are described. The method and system include receiving a communication for a data source at a wrapper. The wrapper includes a dispatcher and a service. The dispatcher receives the communication and is data agnostic. The communication corresponds to end user credentials for an end user. The method and system include providing the communication from the dispatcher to the data source and to the service. The method and system also use the service to authenticate the end user based on the end user credentials and utilizing federated identity management.

公开(公告)号：US12047481B1

公开(公告)日：2024-07-23

申请号：US18064967

申请日：2022-12-13

Applicant: Cyber IP Holdings, LLC

Inventor： Christopher Edward Delaney ,  Chava Louis Jurado ,  Jeremiah MacDonald ,  Carl Bailey Jacobs

IPC: H04L12/28 ,  H04L12/46 ,  H04L47/36 ,  H04L69/326

CPC classification number: H04L69/326 ,  H04L12/4641 ,  H04L47/36

Abstract: Systems and methods for altering the character of data originating from a Virtual Private Network (VPN) are provided. First data is received from the VPN by a first network interface. The first data comprises a first plurality of packets. A message is generated by combining the first plurality of packets. Second data is generated by segmenting the message into a second plurality of packets. A third plurality of packets in the second plurality of packets is equal to the network maximum transfer unit allowed by the Internet and the last packet in the second plurality of packets is less than the network maximum transfer unit allowed by the Internet. The second data is forwarded to the second network interface. The second network interface sends the data to a webserver.

公开(公告)号：US11949676B2

公开(公告)日：2024-04-02

申请号：US17899950

申请日：2022-08-31

Applicant: Cyral Inc.

Inventor： Manav Ratan Mital ,  Srinivas Nageswarrao Vadlamani ,  Pramod Chandraiah

IPC: G06F16/2453 ,  G06F11/30 ,  G06F11/34 ,  G06F21/31 ,  G06F21/60 ,  G06F21/62 ,  H04L9/40 ,  H04L69/326 ,  H04L69/329 ,  H04L67/01

CPC classification number: H04L63/0884 ,  G06F11/3006 ,  G06F11/3438 ,  G06F11/3476 ,  G06F16/24547 ,  G06F21/31 ,  G06F21/604 ,  G06F21/6227 ,  G06F21/6254 ,  H04L63/0281 ,  H04L63/101 ,  H04L63/102 ,  H04L63/104 ,  H04L63/105 ,  H04L63/1425 ,  H04L63/166 ,  H04L63/168 ,  H04L69/326 ,  H04L69/329 ,  G06F2221/2107 ,  H04L67/01 ,  H04L2463/082

Abstract: A method and system for performing query analysis are described. The method and system include receiving a query for a data source at a wrapper. The wrapper includes a dispatcher and a service. The dispatcher receives the query and is data agnostic. The method and system also include providing the query from the dispatcher to the data source and to the service as well as analyzing the query using the service.

公开(公告)号：US11943132B2

公开(公告)日：2024-03-26

申请号：US17454488

申请日：2021-11-11

Applicant: InstantShare Technology Limited

Inventor： Hung Lun Alan Lau

IPC: H04L45/02 ,  G06F16/27 ,  H04L45/16 ,  H04L61/50 ,  H04L69/326

CPC classification number: H04L45/04 ,  G06F16/27 ,  H04L45/16 ,  H04L61/50 ,  H04L69/326

Abstract: Multicast and unicast communication among computing devices across different local area networks (LANs) and without static IP addresses is supported by assigning an instant-share (InS) address to an individual computing device. The InS address is recognizable by a dedicated router located in the Internet and enables the dedicated router to communicate with the individual computing device. The individual computing device embeds an InS address of a destination computing device in a data message to form an extended data message, and sends the extended data message to the dedicated router. The dedicated router then forwards the extended data message to the destination computing device. A group member contact synchronization among different computing devices in a group without Internet connectivity is also supported. Local lists of group members from different computing devices are collected. The most-recent one is used to update the local list of group members of a computing device.

公开(公告)号：US11909762B2

公开(公告)日：2024-02-20

申请号：US17398708

申请日：2021-08-10

Applicant: MELLANOX TECHNOLOGIES, LTD.

Inventor： Andrei Vesnovaty ,  Alexander Vesker ,  Mohammad Sammar

IPC: H04L9/40 ,  H04L69/326 ,  H04L7/00

CPC classification number: H04L63/1458 ,  H04L7/0008 ,  H04L69/326

Abstract: A system for efficiently thwarting syn flood DDoS attacks on a target server including a CPU, the system comprising: network controller hardware having steering capability; and a software application to create and to configure initial steering object/s which define a steering configuration of the network controller and monitor at least one opened connection to the server, including updating the steering configuration responsive to establishment of at least one connection to the server, wherein the network controller hardware's steering capability is used to provide a SYN cookie value used for said thwarting, and to send at least one packet, modified, to the packet's source.

公开(公告)号：US20240056445A1

公开(公告)日：2024-02-15

申请号：US18496429

申请日：2023-10-27

Applicant: Cyral Inc.

Inventor： Manav Ratan Mital ,  Srinivas Nageswarrao Vadlamani

IPC: H04L9/40 ,  G06F11/30 ,  G06F11/34 ,  G06F21/31 ,  H04L69/326 ,  H04L69/329 ,  G06F21/62 ,  G06F16/2453 ,  G06F21/60

CPC classification number: H04L63/0884 ,  G06F11/3006 ,  G06F11/3438 ,  G06F21/31 ,  H04L63/104 ,  H04L63/0281 ,  G06F11/3476 ,  H04L63/101 ,  H04L63/102 ,  H04L63/166 ,  H04L63/168 ,  H04L69/326 ,  H04L69/329 ,  G06F21/6254 ,  H04L63/105 ,  H04L63/1425 ,  G06F16/24547 ,  G06F21/604 ,  G06F21/6227 ,  G06F2221/2107 ,  H04L2463/082 ,  H04L67/01

Abstract: A method and system for performing at least one service are disclosed. The method and system include receiving a communication for a data source at a wrapper. The wrapper includes a dispatcher and at least one service. The dispatcher receives the communication and is data agnostic. The method and system also include providing the communication from the dispatcher to the data source and to the at least one service. The at least one service inspects the communication and may perform additional functions.

公开(公告)号：US11895032B2

公开(公告)日：2024-02-06

申请号：US17666415

申请日：2022-02-07

Applicant: VMware, LLC

Inventor： Subin Cyriac Mathew ,  Dileep Devireddy ,  Alexander Tessmer ,  Wenyi Jiang ,  Chidambareswaran Raman

IPC: H04L69/166 ,  H04L47/125 ,  H04L45/74 ,  H04L69/325 ,  H04L69/326

CPC classification number: H04L47/125 ,  H04L45/74 ,  H04L69/166 ,  H04L69/325 ,  H04L69/326 ,  H04L2212/00

Abstract: In some embodiments, a method determines when a packet is fragmented into multiple fragmented packets in a flow between a first workload and a second workload. The method switches from generating an outer source port in the outer header using layer 4 information from the inner header to using layer 3 information from the inner header. A fragmented packet is encapsulated with the outer header that includes an outer source port value that is generated using the layer 3 information. The method initiates a process to determine when to switch back to using layer 4 information from the inner header to generate the outer source port. When it is determined to switch back to using layer 4 information, the method switches back to using layer 4 information from the inner header to generate the source port in the outer header of a packet from the first workload.

公开(公告)号：US20240022519A1

公开(公告)日：2024-01-18

申请号：US18361686

申请日：2023-07-28

Applicant: Amazon Technologies, Inc.

Inventor： Leah Shalev ,  Brian William Barrett ,  Nafea Bshara ,  Georgy Machulsky

IPC: H04L47/62 ,  H04L45/74 ,  H04L45/24 ,  G06F15/173 ,  H04L1/1829 ,  H04L69/22 ,  H04L49/90 ,  H04L69/326 ,  H04L47/34 ,  H04L69/324

CPC classification number: H04L47/624 ,  H04L45/74 ,  H04L45/24 ,  G06F15/17331 ,  H04L1/1841 ,  H04L69/22 ,  H04L49/90 ,  H04L69/326 ,  H04L47/34 ,  H04L69/324

Abstract: A computing system supporting reliable network communications can include a virtual machine executing a user application, and a network adapter device coupled to the virtual machine via a plurality of virtual interfaces. The user application can communicate with the network adapter device using a virtual interface assigned to the user application. Queue pairs, each including a send queue and a receive queue, can be implemented to process transmit packets being sent from the virtual machine to the network and incoming packets being sent to the virtual machine from the network.

公开(公告)号：US11838203B2

公开(公告)日：2023-12-05

申请号：US17406946

申请日：2021-08-19

Applicant: Huawei Technologies Co., Ltd.

Inventor： Shujun Wang ,  Fanzi Meng ,  Dong Guo

IPC: H04L12/28 ,  H04L45/24 ,  H04L12/66 ,  H04L69/326 ,  H04L61/5007 ,  H04L67/56

CPC classification number: H04L45/24 ,  H04L12/66 ,  H04L61/5007 ,  H04L67/56 ,  H04L69/326

Abstract: A multipath data transmission method and device are provided, where a multipath proxy client and a multipath proxy gateway establish at least two multipath data subflows based on a first internet protocol (IP) address, and perform multipath data subflow data transmission. Based on the first IP address for establishing the at least two multipath data subflows between the multipath proxy client and the multipath proxy gateway, the multipath proxy gateway establishes a TCP connection to and performs TCP-based data transmission with an application server to be accessed by the multipath proxy client. MPTCP-based multipath data transmission based on IP address information of the multipath proxy client is implemented through proxy of the multipath proxy client and the multipath proxy gateway.

公开(公告)号：US20230379226A1

公开(公告)日：2023-11-23

申请号：US18164672

申请日：2023-02-06

Applicant: GOVERNMENT OF THE UNITED STATES, AS REPRESENTED BY THE SECRETARY OF THE ARMY

Inventor： Olatunde O. Bamgboye ,  Eric Bennett

IPC: H04L41/22 ,  H04L67/12 ,  H04W4/10 ,  H04L69/326 ,  H04L65/60

CPC classification number: H04L41/22 ,  H04L67/12 ,  H04W4/10 ,  H04L69/326 ,  H04L65/60

Abstract: A communication system provides multimedia communications within and between armored ground combat vehicles (GCVs). The system includes client computers within the armored GCVs providing distributed and interconnected multimedia communications among the client computers. The multimedia communication may include a one-to-one communication, a text communication to a group, an audio communication to a group, or a video communication to a group. Logic providing the distributed and interconnected multimedia communications is not located at a single client computer. The client computers display graphical user interfaces (GUIs) enabling soldiers to select parameters of the communication system with some GUIs providing presence discovery among the armored GCVs. One of the plurality of client computers acts as an origination station and other client computers may be configured as receiving communication station(s). The origination communication station may transmit digital communication data to the receiving communication station(s).